EasyManua.ls Logo

Helmholz REX 200 - 9 Remote Maintenance of Ethernet Cpus; Device Settings: Services - Firewall - SNAT; Search over IP

Helmholz REX 200
32 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
QuickStart Guide REX 200/250 | Version 5 | 26.05.2021 23
9 Remote maintenance of Ethernet CPUs
The LAN ports are suitable for 100 Mbps and full duplex operation and support auto crossover and
auto-negotiation. No special PROFINET functions are supported. When connecting additional
Ethernet participants (PLC/panel) to the REX 200/250, it must be ensured that the IP addresses of
the devices lie within the address range of the LAN interface of the REX 200/250.
9.1 Device settings: Services Firewall SNAT
With a REX 200/250, the SNAT function is activated by default. With this setting, participants for which
no gateway*/router has been entered are accessed via the VPN tunnel. For the CPUs and panels of some
manufacturers, it can be the case that you need to explicitly enter the gateway* and deactivate the SNAT
function in order that a remote connection with the end device is possible.
* Gateway: This refers to the configured LAN IP address of the REX 200/250.
To access a PLC or panel via the VPN tunnel, the OpenVPN adapter must be selected in the correspond-
ing engineering tool as the interface. The virtual network connection responsible for this is the TAP
Windows Adapter V9.
The section shown here shows the setting to be selected in the PG / PC interface module from the SIMAT-
IC STEP 7/TIA software.
9.2 Search over IP
With the SEARCHoverIP function activated, unparameterized network components (PLCs with IP ad-
dress: 0.0.0.0) can be found and configured remotely. However, this search function is not supported by
all control manufacturers!
When SEARCHoverIP is activated, the "remote maintenance network" (remote client) is connected
one-to-one with the LAN network on the device (router) via Layer2. These broadcasts and multicasts
on the remote maintenance side generate additional data traffic through the VPN tunnel. Under
certain circumstances this can lead to IP address conflicts and network disruptions on the router LAN
side. It is therefore recommended to deactivate this function in normal remote maintenance mode!
In the delivery state, SEARCHoverIP is not activated.

Table of Contents

Related product manuals