Accesing ewon lan without VPN

Hello

My internal Ewon lan had 3 devices :slight_smile:
192.168.173.1 Ewon cosy 131
192.168.173.180 Allen Bradley PLC
192.168.173.181 Allen Braley HMI
192.168.173.182 Uremote deported I/O

This internal Ewon lan is wired inside the shop lan with several device:
192.168.1.XXX

The vpn is working well and i can connect to my internal ewon lan. But want we want to do is, using device on the shop lan (192.168.1.xxx) we want to connect to VNC server on the Allen Braley HMI (192.168.173.181) without using the VPN tunnel.

Is it possible and if so how to achive it?

Yes, it’s possible using NAT 1:1 which will assign your LAN devices (Ewon’s LAN) their own IPs on the WAN (your shop LAN). For example, they will be mapped like this:

192.168.173.180 —> 192.168.1.180

You must ensure that these IP addresses are available on the WAN. The following document explains how to do this, but I noticed the screenshots are from the older firmware.

NAT 1:1

The settings are the same. To access the NAT 1:1 settings in the new firmware, go to Setup > System > Communication > Networking > Routing:

To access the COM cfg settings, go to Setup > System > Storage > Edit COM cfg.

Alternatively, if you only need to use certain services, like VNC, you can set up port forwarding instead of NAT 1:1. The following document explains how:

KA Ewon Port Forwarding.pdf (266.1 KB)