This article describes how to set up your Ewon so your LAN devices can get access to the Internet through it.
The procedure is explained in the case of a Cosy, but it is also applicable for the Flexy.
APPLICABLE PRODUCTS
Ewon Flexy, Ewon Cosy
PRE-REQUISITES
Have an access (locally or remotely) to your Ewon and its web user interface.
IN THIS ARTICLE
INTRODUCTION
In a typical Ewon Cosy installation, all communication through the Cosy occurs within an
encrypted VPN tunnel. This restriction prevents the remote user from reaching any device
not connected directly to the Cosy’s LAN. This restriction also prevents devices on the Cosy’s
LAN from reaching the internet.
In applications where a device on the Cosy’s LAN needs internet access, the Cosy can be
configured to act as a gateway and allow traffic from its LAN network to its WAN network.
For example, a PC on a machine might need to reach the internet to send status or alarm
notification emails. The Cosy can be configured to act as a gateway for the PC and allow it to
reach the internet.
Note :
The internet requests to and from the device behind the Cosy will not travel through the
VPN tunnel. As a result, if your network has a strict firewall that prevents traffic outside the
VPN tunnel, you will need to work with your IT manager.
CONFIGURE THE EWON
Use the Tabular edition tool to modify the required COM parameters on your Cosy. The
Tabular addition tool is accessible from Setup > System > Storage > Tabular edition
To modify a parameter, double click on a parameter’s value and enter the new value.
Click the Save button to save your changes.
Set the following parameters :
- NatItf = 2 (NAT and TF on WAN)
- VPNRedirect = 0 (Allow traffic outside the VPN tunnel)
- FwrdToWAN = 1 (Forward LAN traffic to WAN)
If you use a Cosy+ 4G EU model, you must also set another parameter :
- ModemWANAdapterMTU = 5000
Once you have set the parameters, reboot the Cosy to apply the changes.
(Alternatively, these parameters can be added to a comcfg.txt file and applied to the Cosy by
SD card or USB drive.)
CONFIGURE LAN DEVICES
Your NAT and TF settings on the Cosy are now set to “NAT and TF on WAN”.
This configuration turns off the Plug'n Route (NAT on LAN) feature of the Cosy.
You will need to make sure that all Ethernet devices on the Cosy’s LAN network have the
Cosy’s LAN IP address as their gateway address. If you do not take this step, you will not be
able to reach those devices through your VPN connection.
Additional configuration steps are required for the device that needs to access the internet.
In addition to setting its gateway to the Cosy’s LAN IP address, you must specify a valid DNS
server. The DNS server can either be the DNS server you specified when you configured your
Coys's WAN settings or can be a public DNS server.