Configuration Settings#

The section describes configuring the Stratix 4300 Remote Access Router.

Configuring the IP address#

FactoryTalk Remote Access supports the automatic discovery of Stratix 4300 Remote Access Routers that are connected on the local network regardless of the subnetwork and populates the list according to the MAC addresses of the devices network interfaces.

Tip

The discovery process does not require an internet connection.

Each Stratix 4300 Remote Access Router has two pre-configured user accounts:

  • Admin — Enabled by default. Provides full access to the router settings.

  • User — Disabled by default. Access to user password configuration, network interfaces, date and time controls on the General tab, port and proxy on the Server connection tab, and view the Diagnostics tab.

Tip

The user names, Admin and User, cannot be changed.

You will need to supply the admin password to configure the router.

To setup the device

  1. Under Tools select Device setup.

  2. When prompted select Open Device Setup Applet.

  3. Enter the device credentials (user name and password) for the router. The User name must be admin.

  4. FactoryTalk Remote Access Tools will populate the Routers found box with the list of devices found in the network with a password matching the one specified. Each router in the list is identified by the MAC addresses of its network interfaces.

  5. Select the line corresponding to the target router and then click Configure.

  6. Update the IP address and Mask as appropriate to your network.

  7. Click Apply to save the changes

To add the device to a domain

  1. Select the folder where you want to add the domain. Either at the root folder or a sub-folder.

  2. Select Add resource (+) then select Add device.

  3. Select Add device locally.

  4. When prompted to use the local device discovery tool, click OK.

  5. Click Open Device Registration Applet.

  6. Enter the device credentials (user name and password) for the router. The User Name must be admin.

  7. FactoryTalk Remote Access Tools will populate the Routers Found box with the list of devices found in the network with a password matching the one specified. Each router in the list is identified by the MAC addresses of its network interfaces.

  8. Select the line corresponding to the target router and in Initial name type a name for your router and then click Register.

To connect to the router using a VPN

  1. Select the device and then click the VPN bar on the right of the screen.

  2. Open the VPN connection to view information about the VPN traffic, IP configuration, router device information, and current data logs.

Device Manager#

Use the Device Manager to configure the options for the router. The options available are categorized into these areas:

  • General

  • Interfaces

  • Networking

  • Server connection

  • Users

  • Diagnostic

Important

If you make any changes to the options on these tabs, click Apply to save the changes. Once you have finished making changes, click Reboot to restart your router and apply the changes to your communications.

General#

The General tab includes the basic information about your router, including time settings. You can set the data and time for the router automatically by providing the IP address or DNS name of your NTP (Network Time Protocol) server or manually by providing the data and time information into the configuration settings.

The settings on this tab are:

Setting

Description

Hostname

The name of the device.

Web server interfaces

Identifies which interfaces can be used for configuration.

LAN

Web configuration can be connected to from clients on the same local area network.

WAN

Web configuration can be connected to from clients on the internet.

Date and Time

Setting that establish the time codes used with the router.

Time synchronization mode

Identifies whether a network time protocol (NTP) server is used for time synchronization.

Remote NTP server

If the NTP server is used, the IP address of the server is displayed.

Date

The current year, month, and day used by the router.

Time

The current hour and minutes used by the router.

Time zone

The time zone defined for the router.

Local NTP server interfaces

Identifies which interfaces can be used to connect to the NTP server.

LAN

Router connects to an NTP server on the same local area network.

WAN

Router connects to an NTP server on the internet.

System Information

Read-only information about your system components.

Product name

Full name and catalog number of the router.

Firmware version

Full version number of the firmware running on the router.

OS version

Full version number of the router operating system.

System Manager version

Full version of the router management software.

Runtime version

Full version of the router runtime software.

Legal Notices

Licensing information

Main licenses

Click to view commercial software licenses.

Open Source licenses

Click to view open source software licenses.

Note

The 2-port Stratix 4300 Remote Access router includes two network ports, a LAN port and a WAN port. Both ports support statically assigned IP addresses. However, If the LAN port is disconnected, the statically assigned IP address will not be used for VPN connections to the router. Instead a virtual IP address is created for use during the VPN session. In this situation the FactoryTalk Remote Access service device information displays both the statically assigned IP address and the virtual IP address. However, the Stratix device configuration only displays the virtual IP address because this is the IP address that is active during the session. If the LAN port is later connected to the network using a network cable inserted into the LAN port, the statically configured IP address will be used. The same behavior applies for the 4-port Stratix 4300 when the LAN port is configured to take the IP address from a DHCP server and the DHCP server cannot be contacted by the router, so the LAN has no IP.

Interfaces#

The Interfaces tab shows detailed information about the ports on the device. The settings on this tab are:

Setting

Description

WAN

Settings that apply to internet connections.

MAC address

The unique identifier of this network interface.

Obtain IP configuration from DHCP server

Identifies whether this interface obtains its IP address dynamically from a DHCP server.

IP address

The IP address assigned to this interface.

Mask

The subnet mask used with this IP address

Gateway

The address of the gateway server used to send network traffic outside the local network.

LAN

Settings that apply to local area network connections.

MAC address

The unique identifier of this network interface.

Obtain IP configuration from DHCP server

Identifies whether this interface obtains its IP address dynamically from a DHCP server.

IP addresses

The IP address range assigned to this interface.

Serial port

Identifies the protocol used for serial communication(RS-232C, RS-422, or RS-485)

Networking#

The Networking tab shows options for your VPN connection. The settings on this tab are:

Setting

Description

VPN

Settings that apply to VPN connections.

Reserve static IP pool for VPN connections

Select to dedicate a range of IP addresses that are used for VPN connection instead of using dynamically assigned IP addresses.

Remove

Remove addresses from the static IP pool.

From

Start of the IP address range for the static IP pool.

To

End of the IP address range for the static IP pool.

Subnet mask

Subnet mask used with this IP address range.

Add

Adds addresses to the static IP pool.

Internet Sharing

Configure these setting to enable internet sharing on enabled network interfaces using the VPN connection.

LAN

Requires that VPN clients must be connected to the LAN to connect to the internet through the router.

Allow any MAC address

Allows any VPN client connected to the router to use the internet connection.

Allow the MAC addresses in the following list

Requires that the VPN client MAC address must be on the allowed list to use the internet connection.

Remove

Removes MAC address from the allowed list.

MAC address

MAC address to add or remove.

Add

Adds MAC address to the allowed list.

NAT rules

Network Address Translation (NAT) rules define how to change the IP addresses of packets in transit between interfaces.

New

Create a new NAT rule.

Remove

Remove an existing NAT rule.

Rule name

The unique name assigned to the rule.

Direction

The direction of the packets between the interfaces.

Interface

Identifies the source and destination interfaces for the rule.

Incoming port

Identifies the port used by incoming connections.

Destination IP address

Identifies the IP address that the forwarded packets will be sent to.

Destination port

Identifies the port that the forwarded packets will be sent to.

Protocol

Identifies the communications protocol used to transmit the packets.

Translate source address

Translate the source address to an address compatible with the sub-network enabling the destination host to reply directly to this IP address, instead of sending the response to the network gateway.

Enable

Enable the NAT rule configuration.

Save

Save the NAT rule configuration.

Routing rules

Configure routing rules to establish how the router communicates between source and destination interfaces.

Enabled

Use the defined routing rules.

Remove

Remove an existing routing rule.

Interface

Which interface, LAN or WAN, this routing rule applies to.

IP address

The IP address that the interface should route packets to.

Mask

The subnet mask that the interface should route packets to.

Add

Add the rule.

Apply

Apply the configuration to the rule.

Reboot

Restart the router to start using the updated network configuration settings.

Server connection#

The server connection tab has configuration options for remote connectivity.

Availability mode determines when remote connectivity is supported. Choose the option that is appropriate for your environment.

  • Always-on

    The router will connect to the domain immediately after power up and whenever a working internet connection is available; it will also automatically restore the connection if dropped for any reason.

  • Digital input

    The router will connect to the domain only and exclusively when the proper electric input (IN0) is activated.

Tip

Wiring information in provided in the Stratix 4300 Remote Access Routers User Manual (1783-UM14A).

Select a port in Connection port if a specific port must be used for remote connections.

In Proxy configuration provide the proxy server connection information if a proxy server must be used for remote connections.

Users#

All user accounts local to the Stratix 4300 are located under the Users tab. This tab is where you can change your current administrator and user password.

After the initial configuration of the device you can enable the user account called User by selecting it from the Username pull-down menu and assigning it a password.

The password assigned to this user can then be reset by the user. The administrator may reset the user’s password at any time.

The options configurable by the user account are:

  • Password, for changing the “User” login password.

  • Interfaces

  • Diagnostic

  • System information

Diagnostic#

Under the Diagnostic page, you can ping a network address. A log of the pings that are sent are tracked in a list below the Ping option and is available in the SystemManager_log_*.txt file

Use Export logs to download the diagnostic logs to a file for storage and analysis.