Components | Installation | Features | Web Interface | Auto-Ping Reboot/Email | Router Config Examples
Instructions Page 1 2 3 4 5 6 7 Home
Resolving the remote access challenge.
When implementing the RPS-ERP II or other remote access solutions, administrators commonly face the following challenges:
- A Network Address Translation (NAT) or router environment in which the host computers that are connected to the device do not have a public IP address
- A remote computing environment in which mobile, dial-in users need to connect to one or more network hosts (dial-in, network-out connections)
Firewall Solution
A firewall limits a networks exposure to unauthorized access by limiting the number of external, inbound entry points. Network devices inside the firewall remain hidden from any computer that is outside the firewall. For a remote user outside the firewall to connect to an RPS-ERP II that is inside the firewall using a browser, the network must be configured to allow inbound and outbound traffic on the RPS-ERP II TCP port 80 ( or your alternatively selected port ). For a growing number of organizations, exposing additional entry points to their networks for remote access is a security concern, and administrators are hesitant to open access to the RPS-ERP II TCP port 80. If you have an environment in which a firewall is configured to block RPS-ERP II TCP port 80, you can adopt a VPN solution combined PAT (IP Forwarding). The remote user can control a RPS-ERP II as follows:
- Connect to the network using a trusted VPN.
- Access the private IP of RPS-ERP II II by Internet browser (Example IE).
Network Address Translation and Router Solution
Network Address Translation (NAT) is a technology that lets multiple computers within a private network access the Internet by sharing a single routable IP address. NAT is increasing in popularity, especially among small business and home users, because of the scarcity and cost prohibitiveness of registered IP addresses. NAT provides a basic level of security because it makes it possible to limit the number of addresses that access the Internet, thus decreasing a networks exposure. In this environment, all inbound and outbound communications between a computer within the private network and the Internet are routed through a NAT device. The NAT device handles the address substitution, IP address and port mapping, and message routing. For this reason, remote access to computers that are within the private network from outside the network presents a challenge. Host computers that are within the private network are hidden from the outside world. Remote users can connect to the NAT device using the external IP address. However, because the remote user cannot provide the port mapping information that is required for proper routing, the NAT device cannot complete the connection to the host.
Depending on your environment, the following solutions are recommended: One or more hosts are hidden behind a NAT device. Adopt a VPN solution. The remote user can control an RPS-ERP II as follows:
- Connect to the network using a trusted VPN.
- Access the private IP of RPS-ERP II by Internet browser (Example Internet Explorer).
A single RPS-ERP II is hidden behind a NAT device. Configure the NAT table to direct all incoming data from the Internet on port 80 to the RPS-ERP II
Multiple RPS-ERP IIs are hidden behind a NAT device. Assign a unique TCP port number to each RPS-ERP II by PAT (IP Forwarding). Configure the NAT table to direct all incoming data from these TCP ports to the appropriate RPS-ERP II TCP port 80.