13. Child Device Access

13.1. Overview

Accessing Child Devices by utilizing Connectiviy Suite can be done in two different ways.

  • Network Address Translation (NAT) on Parent Device

  • Custom Routes on Parent Device

Given by the network architecture, Connectivity Suite, the Parent Device and the Child Device reside in different IP Networks. In order to access (end)devices, located in Local Area Networks behind routers (as per Fig. 13.1), either a NAT Table or Custom Routes are required to be setup. (see Fig. 13.1).

_images/networksetup-general.png

Fig. 13.1 Network Setup Devices and Connectivity Suite

13.2. Network Address Translation (NAT)

To access Child Devices, such as CCTV Cameras, WiFi Access Points, etc., the Device VPN Network address needs a Network Address Translation (NAT) to the Local Area Network address. For example, the Device VPN Network 10.0.0.0/24 is translated into the Local Area Network 172.16.0.0/24, as per the illustration in Fig. 13.2.

Note

The Subnetmasks of both, VPN Network and the Local Area Network, have to be identical in order for the NAT to work.

_images/natnetworksetupdetailedlong.png

Fig. 13.2 Network Setup in Network Network

13.2.1. NAT Example Use Case

Network Architecture:

  • VPN Network using an IP Address Block of /19

  • Device VPN Netowrks using IP Subnetmasks of /24

  • Local Area Netowrks using the same IP Subnetmask size of /24

  • The Child Device is given the IP address of 172.16.0.111

  • A Network NAT from LAN (17.0.0.0/24) to the Device VPN Network (10.0.0.0/24) is setup

Benchmark Data / Limitations of NAT Example Use Case:

  • Max. 32 routers can be connected to a VPN Network

  • Max. 256 Child Devices that may be connected to a router

13.2.2. Router Settings for NAT

In order to carry out a NAT, various steps are necessary which are explained in this chapter Section 11.3

13.3. Custom Routes

For the same purpose of setting up direct access to Child Devices, Custom IP Routes may be setup as an alternative to NAT or on top of it. The working principle of Custom Routes is depicted in the illustration Fig. 13.3 below. In contrast to a NAT based Network Design, direct Routes require the LAN Addressing to be unique within a VPN Network. Custom Routes are configured on top of other Routes, such as those required by the System of Connectivity Suite. Furthermore Custom Routes can be configured on a “as needed” basis and do not require the entire system to be configured with them.

_images/Custom-Routes-Netwk-Overview.png

Fig. 13.3 Custom Routes Principle

13.3.1. Configuration

Enabling custom routes, requires the feature to be switched on under the general settings. In a second step, the effective custom routes are to be configured per device under the device details tab.

_images/Enable_Custom_Routes.png

Fig. 13.4 Enabling of Custom Routes