Login
logo

Use Port Forwarding/Proxy rules to connect your LAN devices from the WAN network

23 Jun 2022

 

In this KB we will explain how to configure a Proxy/Port forwarding rule to connect your Machine/LAN devices from the corporate factory/WAN network.

APPLICABLE PRODUCTS

Ewon : Flexy, Cosy, Cosy+

 

IN THIS ARTICLE

 

Using Flexy

 

Go to Communication > Networking > Proxy

Image-1.png

There, you can define up to 10 rules.

The external interface must be set to "WAN".  The idle connection timeout and the Maximum connection per proxy parameters can keep their default values.

For each rule, you must define :

  • The protocol : TCP, UDP or FTP
  • The direction : EXT to LAN, LAN to EXT (the value "T2M to LAN" is for internal use only).  In our use case, select EXT to LAN.
  • The incoming port : The port used on the WAN side
  • The outgoing port : The port used on the LAN side
  • The destination IP : The IP address of the LAN/Machine device to connect.

 

Moreover, to allow the incoming traffic going through the WAN port, you must set the WAN protection Level to "Allow all" and reboot your Ewon to apply this setting.

Image-2.png

After the reboot, you must able to connect to the LAN device by using the Ewon WAN IP Address and the specified incoming port.

Using Cosy, Cosy+

For the Cosy 131 and the Cosy+, the settings are the same as the Flexy except that there is no Web GUI to set them up.
Here, you have to edit the parameters manually through the tabular edition accessible from SETUP > SYSTEM > STORAGE > TABULAR EDITION > Edit COM Cfg
 

To set the Proxy External Interface (EXT) to WAN, the parameter ProxyExtItf must be set to 0

Image-3.png

To add a Proxy rule, you have to fill the parameters ProxyProtoX, ProxySideX, ProxyPortX, ProxySvrPortX and ProxySvrIpPortX where X is the rule number (1 to 10).

You'll find more details about these parameters and their value on the Comcfg.txt Parameter document.

mceclip0.png

Finally, to allow the incoming traffic going through the WAN port, set the parameter WANItfProt  to 2 and reboot your Ewon to apply this setting.

Image-4.png

After the reboot, you must able to connect to the LAN device by using the Ewon WAN IP Address and the specified incoming port.

When using the Proxy/Port Forwarding feature this way, you'll no longer be able to reach your LAN devices through M2Web.   Indeed, M2Web is using the same proxy feature but on the VPN side (EXT interface).