Info note
Connecting VIGO 5.9 over the Internet to a remote system - accessing multiple PD 602 DPIs
This info note contains an example showing the required configuration of VIGO and the NAT router to remotely access several PD 602 DPIs located in a substation or within another part of the plant/factory.
What is needed?
– Internet connection with fixed IP address
– NAT (Network Address Translation) firewall or NAT router
– NAT router that supports Port Address Translation (NAP/NAPT)
– If the NAT router doesn’t support Port Address Translation, is it only possible to access a single PD 602 DPI in the Sub Station and the following example cannot be used.
If you have such a configuration, refer to the description of Connecting VIGO over the Internet to a remote system
– Local network with (at least) one PD 602 DPI, LAN connected
The VIGO 5.9 VIGO PC can only “see” one IP address which is the NAT Firewall public IP address. Inside the NAT router the selected ports are forwarded to port 34378 and point to the IP addresses for the PD 602 DPIs. Port 50000 and 50001 are used in this example, but it is not mandatory that these particular ports are used. VIGO version 5.9 does not support the password system defined in the DPI.
Calls to the NAT must be routed to the local port (port number: 34378) of the DPI, to allow access without a password.
NAT Router – port forwarding
| PD 602-1 | PD 602-2 |
|---|---|
| Server name: PD 602-1 | Server name: PD 602-2 |
| From port: 50000 | From port: 50001 |
| To port: 50000 | To port: 50001 |
| Redirect port : 34378 | Redirect port : 34378 |
| Protocol: UDP | Protocol: UDP |
| Local IP address: 192.168.1.100 | Local IP address: 192.168.1.101 |
“Port forwarding” or port mapping means configuring the gateway to send all packets received on a particular port to a specific machine on the internal network. So, if the external network needs to access a PD 602 (port 50000) operating on “machine” 192.168.1.100, it will be necessary to define a port forwarding rule on the gateway, redirecting all UDP packets received on port 50000 to “machine” 192.168.1.100. In addition, the port is mapped to port 34378 on the internal network.
Configuration of the local PD602 DPIs - substation
The EthernetPort of the two PD 602 DPIs is set to IP address 192.168.1.100 respectively 192.168.1.101 on the internal network.
Configuration of the Remote PD 602 DPIs in VIGO
The MIB file must be adapted to let the VIGO PC believe that the IP address of both front-end PD 602s is IP 80.162.199.67 (WAN IP /Public IP), as this is the IP address of the NAT device, which will redirect the communication to the PD 602 DPI. In addition to the IP address, a port number is appended. In this case port 50000 and 50001. Port 50000 and 50001 are both translated/mapped to port 34378 and to 192.168.100/192.168.1.101 in the NAT router. The node address defined at the EthernetPort in the MIB corresponds to the last byte of the IP address on the Local LAN.
