LAN Device

LAN Device

Navigation:  eWONs > Properties > Devices & Firewall >

Previous pageReturn to chapter overviewNext page

In order to protect the LAN network (machine network) you need to define the LAN addresses that need to be accessible.

 

The first step in creating a protected LAN network is to create the LAN device(s) that has (have) to be accessible.

 

The path to LAN-device creation is: eWONs > select eWON from list > Properties > LAN & Firewall > Configure LAN devices & Firewall...

 

The Devices & Firewall page opens:

 

Device&Firewall

 

 

Click on Add LAN device... (link or button)

 

The LAN Device page opens.

LanDevice

 
In this page you give a name to your LAN device, specify its IP address and optionnaly write a description.

 

For the Port field select if all protocols are open or if only protocol-specific ports will remain open.

To limit the access to a specific protocol, inside the Specific Protocol list select the protocol you want to allow on the device. As for example ISOTCP (Siemens) or EIP (Rockwell).

 

You can also define custom ports using following syntax:

 

T405                =>    TCP port 405

U9600                =>    UDP port 9600

T443,U1194        =>    TCP port 443 & UDP port 1194

 

 

The Visible in M2Web, defines whether the device will be visible or not using M2Web access.

If the device is visible and depending on the configuration, the "Visible in M2Web" will ask for details regarding

The protocol to use for this device. The selection can be made between 4 choices: HTTP, HTTPS,VNC or RDP

The home page which refers to the URL that will be generated when clicking on the device's name in M2Web. Th URL can contain anchors and/or arguments.

 

visible_m2web

 

 

In the Permissions area you can define which user group(s) is/are allowed to connect to the device. By default, all users that have access to this eWON will also have access to this device. But if required you can limit the access for a specific user group only.

 

After encoding this information, the Firewall slider is automatically shifted to position High because this is the position required to activate the firewall protection at the LAN side.Firewall_slider_high

 

 

The new LAN device appears with a closed padlock under the structure of the relevant eWON:

Firewall_LanDevice

 

The properties of the LAN device can be edited afterward by clicking Properties.

 

PLC Discovery

The LAN Device section is also the place to configure the PLC Discovery.

 

The PLC discovery feature makes it possible to display devices (in the PLC connection software) that support broadcast or multicast messages and that are connected to a remote network while the user is being connected to this remote network through Talk2M VPN connection.

 

Note: This feature is available on the eWON only if its firmware is >= v12

 

By default, the PLC Discovery feature is activated in eCatcher.

 

When the firewall is set on Standard, the feature will not be displayed. But if it is changed to High, Enforced or Ultra, a new option lien will appear underneath the LAN heading and will make it possible to disable it.

 

plc_discovery_pro

 

For more information about the PLC Discovery on the eWON, please refer to the AUG-070: PLC Discovery through Talk2M