What is and isn’t accessible?

the x500 IoT Gateway’s advanced built-in firewall completely separates its WAN network (company network) from its LAN network (machine network). It blocks all communication except for authorized and encrypted data verified by a valid identity certificate. This means that only authorized users can access the machine network via the X4 remote.

How does it work?

Every network packet contains a source address and a destination address. This is so networking components know where to send the packet to and so that the recipient knows where to send a reply to. This is essential in networking. Otherwise we won’t be able to send an e-mail, look up something online, or any of the other tasks we’ve grown accustomed to.

the x500 IoT Gateway uses this information to see where a packet is coming from (from LAN, WAN, VPN?) and going to (LAN, WAN, Internet?) and then determines whether this is allowed or not, based on its firewall rules.

Remote accessibility

This section discusses the accessibility when you have set up a VPN connection from a remote location. Please read “How does it work?” for clarification.

VPN to LAN

Accessible


Traffic coming in via the VPN connection, going to the LAN network of the x500 IoT Gateway, is allowed. In other words, remotely you can access all devices that are connected to the LAN network of the x500 IoT Gateway (i.e. the machine network).

VPN to WAN

NOT accessible

Traffic coming in via the VPN connection, going to the WAN network of the x500 IoT Gateway, is blocked. In other words, remotely you cannot access any device that is connected to the WAN network of the x500 IoT Gateway (i.e. the company network).

Local accessibility

This section discusses the accessibility when you are on-site and your computer is connected to either the company network or the machine network (depending on the situation). Please read “How does it work?” for clarification.

WAN to LAN

NOT accessible (by default)

Traffic coming in via the WAN network, going to the LAN network of the x500 IoT Gateway, is blocked by default. In other words, if you are connected to the WAN network (i.e. the company network) you cannot access any device that is connected to the LAN network of the x500 IoT Gateway (i.e. the machine network), with the x500 IoT Gateway’s default settings.

If necessary, you can add a port forwarding to allow traffic through from WAN to LAN.

LAN to WAN

<strong>NOT accessible (by default)</strong>

Traffic coming in via the LAN network, going to the WAN network of the x500 IoT Gateway, is blocked by default. In other words, if you are connected to the LAN network (i.e. the machine network) you cannot access any device that is connected to the WAN network of the x500 IoT Gateway (i.e. the company network), with the x500 IoT Gateway’s default settings.

If necessary, you can allow access to the company work to allow traffic through from LAN to the company network.

LAN to Internet

<strong>NOT accessible (by default)</strong>

Traffic coming in via the LAN network, going to the internet, is blocked by default. In other words, if you are connected to the LAN network (i.e. the machine network) you cannot access the internet, with the x500 IoT Gateway’s default settings.

If necessary, you can allow access to the internet to allow traffic through from LAN to the internet.