It is necessary for the Ewon's LAN and WAN to operate on different subnets in order to route traffic through the right interface. On some sites, machine networks may operate on the same subnet as the site network, making it necessary to change the network settings of either the entire machine network or the entire site network.
If this is not feasible, an alternative is using a router between the Ewon's WAN port and the site WAN connection. Doing so makes it possible for the Ewon to use a WAN IP address in a separate subnet, which connects to the router, which then uses the correct subnet to connect to the rest of the network. Since Ewons are gateways that connect two different subnets, it's possible to use a spare Ewon Cosy or Flexy in this role.
APPLICABLE PRODUCTS
- Ewon Flexy line
- Ewon Cosy line
PRE-REQUISITES
- Ewon Flexy or Cosy connected to machine network (primary Ewon)
- Spare Ewon Flexy or Cosy to provide additional subnet (secondary Ewon)
IN THIS ARTICLE
- Configure secondary Ewon network settings
- Configure secondary Ewon security settings
- Configure primary Ewon
Configure Secondary Ewon Network Settings
First, it's necessary to configure the secondary Ewon to use a separate subnet for its LAN subnet, which the primary Ewon will connect to as its WAN subnet.
- Identify the subnets currently used by the machine network and site network, then choose another subnet that doesn't conflict with them. For example, if the machine network and site network both use subnets of 10.0.0.X and a subnet mask of 255.255.255.0, the new subnet could be 10.0.10.X.
- Connect the secondary Ewon to a computer and open eBuddy
- Select the Ewon in eBuddy and click Set IP
- Enter an IP on the new subnet, then finish the wizard to apply. For the example provided above, this might be 10.0.10.1.
Fig 1. diagram showing how the two Ewons are connected, as well as their WAN and LAN IP addresses
Configure Secondary Ewon Security Settings
In order to let the primary Ewon connect to the Talk2M servers, it's necessary to adjust the security settings on the secondary Ewon so that its LAN devices can reach the Internet.
- In the Ewon's webpage, navigate to Setup -> System -> Storage -> Tabular edition -> Edit COM cfg
- Search for the following parameters, then double click the value column to edit them, then save
- NatItf = 2
- VPNRedirect = 0
- FwrdToWAN = 1
Fig 2. updating NatItf value in Edit COM cfg
- Reboot the Ewon to apply these changes
- Run the Ewon's Internet wizard to ensure it has a valid Internet connection
Configure Primary Ewon
- Connect the primary Ewon's WAN port to one of the secondary Ewon's LAN ports
- Run the primary Ewon's Internet wizard
- Use a static IP rather than DHCP
- Choose an IP address in the new subnet (10.0.10.X in this example)
- Use the secondary Ewon's LAN IP as the gateway
- Set the DNS servers used by the network, or use public DNS servers like Google (8.8.8.8) and Cloudflare (1.1.1.1)
- Finish the wizard, running the test to confirm the primary Ewon can reach the Internet
Fig 3. example WAN network settings on the primary Ewon
ADDITIONAL INFO
SSH-0068-00 - Allow Internet access for Ewon Cosy LAN devices