Communication Guide, ©ComAp – March 2014 69
IGS-NT Communication Guide 03-2014.pdf
How to Access IG-IB behind Firewall
The solution principle is shown in attached picture. All addresses in this text and in the picture are
fictive and will be different on real installation, port numbers are real. If the network software is
configured as shown in picture, users from Internet will be able to connect from Comap PC SW to
address 195.122.194.89 and communicate with IG-IB behind firewall. So in fact, we enter to PC SW
different address than is configured in IG-IB, as is correctly noted in the manual.
Needed changes are these:
1. DHCP server in private network (if used): exclude address 192.168.1.250 from the address poll
which are available to lease from this server, so that this address couldn't be assigned to any device in
the network. This will make this address available for use by IG-IB.
2. Firewall: Configure transparent proxy channel from external interface 195.122.194.89, port 23 to
protected network, internal address 192.168.1.250, port 23. This transparent proxy will do all network
address translation needed when communicating from public network with internal private network.
Port 23 on interface 195.122.194.89 should be usually free for this use, as normally is this port used
for telnet service and telnet is considered dangerous to use on firewalls.
I-CR Module for CAN Bus Extension
If the distance between units is too high to fit into the 200 m limit (or 900 m for 8 controllers), CAN
repeater module (I-CR) can be used to extend it.
Typical case – in line extension:
total bus length up to 400 m – 32C mode
total segment length up to 200 m
total segment length up to 200 m
To Next Page
Loading...
Need help?
General
