Manual Detection/Installation Of A Netcom; Firewall Traversal Configuration; Soho Firewall Example - VSCOM NetCom Plus 113 User Manual

5 Configure with NetCom Manager

5.5 Manual Detection/Installation of a NetCom

+
Sometimes the NetCom Device Server can not be detected by the automatic in the NetCom
Manager. To detect and configure devices the protocol SNMP is used. The detection is done
by sending out a broadcast on all available network interfaces of your computer. This SNMP
broadcast is realized as an Ethernet broadcast. Such a broadcast is only transmitted through
+
Hubs and Switches. When there is a Router between the computer and the NetCom , probably
+
the broadcast is not transmitted further. This is especially the situation when the NetCom is
located somewhere via Internet, but also in big networks of some companies. If this is the case, the
+
detection has to be done manually. Refer to figure 35 and Add the NetCom by use of the button.
+
Enter the IP Address of the NetCom in the NetCom Manager Server Settings, and click the button
+
Verify. Since now the IP Address of the NetCom is known, the NetCom Manager sends a request
directly to this target, instead of a broadcast. This directed SNMP request is transported, even
+
by Routers. The NetCom sends the normal reply, giving all required information to the NetCom
Manager. Now it is possible to configure all options as usual. Also the drivers for virtual serial
ports are installable now.
Please note, the drivers require to have the IP Address. They can not operate using a DNS name,
+
because the driver can not perform a DNS name resolution. If your NetCom is located on a
dynamic IP Address (e.g. on a Dial-Up connection with 24 hours disconnection), you need to
reconfigure the driver installation, when the IP Address has changed.
5.6 Firewall Traversal Configuration
+
There are more difficult situations with a Firewall between the NetCom and the NetCom Man-
ager. Many Firewalls protect the internal LAN by using the feature of NAT (Network Address
Translation, 15). In this situation the IP Address of the internal device is not visible on the In-
ternet. Only the Firewall can be contacted via its public IP Address. The NetCom Manager and
the driver software for the virtual serial ports can handle such setups. But this requires certain
configurations.
An easy-to-use alternative is the VPN function, which makes Firewall configuration quite easy.

5.6.1 SOHO Firewall example

The most easy situation for such a setup is by using a very simple SOHO Router as the Fire-
wall. This configuration will show the principle of the technical details. Those principles can be
transferred very easy to the configuration of more complicated installations.
On the SOHO Router there is only one public IP Address on the external side, and typically 254
internal private IP Addresses for the LAN side. These internal addresses may be assigned by DHCP
or static. Such Routers offer a feature typically named "DMZ", which in fact is only a single exposed
host. It is recommended not to use the "DMZ" for several reasons, some of them are security related.
+
Especially it is recommended not to configure a NetCom as the DMZ host.
September 2016 NetCom Plus User Manual 55