IXON - Setup a full machine remote access


This guide is not intended to be a substitution of the official documentation which is provided by the partner and can be found here: IXON Website 

  • IXON enabled device: guide Here 
  • Firewall App (Just in case we cannot set gateways of the others network devices)
Used Setup

System LayoutSystem Layout

Setup the basics: Device IP and Pages

Once we have onboarded the device we have to navigate to Fleet Manager ➡️ MyDevice ➡️ LAN and apply the following settings: 

  • As Router LAN IP the IP address of the ctrlX CORE.
  • If needed in "Additional subnets" we can set other subnets, like the 192.168.2.x in this case.

Settings LanSettings Lan

Now we can set the default pages which are pointing out to ctrlX Automation front page and to a Node-RED dashboard. The pages can point to whatever device webpage.

Service SetupService Setup
IXON device landingIXON device landing
IXON device landingIXON device landing
IXON device landingIXON device landing

Setup the LAN remote access with VPN

To achieve this result we first have to enable the "Enable IP forwarding" option for "tap0" and any other interface we need to share. Additionally any device that has to be used remotely has to set the ctrlX CORE IP address in his network as gateway, e.g. the XM21 has as IP address. I need to set as gateway because it is the address of ctrlX inside this network. This setting can be avoided, if we use the Firewall app.

VPN setupVPN setup

Gateway settings for an XM21: this avoids the necessity to have the firewall app installed. is the ctrlX CORE address.Gateway settings for an XM21: this avoids the necessity to have the firewall app installed. is the ctrlX CORE address.

To access some devices which are behind the ctrlX itself, we also need to add the devices IP address on the list of the network. For instance, if we want to communicate with the drives which are connected via Sercos to our XM21 we have to add their address on the network list. The same if we need to communicate with EoE devices connected to ctrlX itself. So in this case we have:

  • standard router network. Not listed here.
  • Secondary network connected with the machine, XM21 is connected here.
  • EoE network connected to ctrlX.
  • Sercos network. Not connected to ctrlX but to our XM21.

IXON subnets setupIXON subnets setup

Now we can connect to the device using the "connect" button. Once we are connected we can contact the devices using their original IP addresses. Nothing more easy. 

IXON VPN setupIXON VPN setup

Firewall empowered version

We can empower the system with the firewall app with the following benefits:

  • Machine protection.
  • No necessity to set the gateway to the devices that have to be remote connected.
  • We can directly forward a ctrlX port to the devices port. This way we can see them directly from ctrlX himself and we ca see the devices service pages without VPN. 

The explanation how to setup the firewall to achieve the last two bullet points is expressed in these two guides, with the difference that we don't have to set any routing rule on our PC side, since those are already managed by the VPN itself:

I report here the settings done in my firewall. The XM21 ( 80 port is forwarded to ctrlX CORE 8234 port. I have additionally an IPCAM ( which is forwarded to port 8567. 

Firewall advanced 1Firewall advanced 1 
Firewall advanced 2Firewall advanced 2

Now if we want to show directly the XM21 web portal and the IPcam webpage we just have to add them as a service in the IXON setup. From just this page without VPN we can connect to the webserver of any of these devices.

Service advancedService advanced
Service advancedService advanced

The final result is the follwing:

IXON final resultIXON final result
NODE-RED remoteNODE-RED remote
Node-red Management remoteNode-red Management remote
Camera Remote managementCamera Remote management
XM21 WebAssistantXM21 WebAssistant
Corporate Lan Setup

Many corporates are using Proxies inside the company network. IXON can work (PC side) also in this situation. The procedure is similar to: connect ctrlX CORE VIRTUAL to internet using PX proxy. So it is suggested to test this guide first. Once anything is set and PX is working we have to go to: "Fleet management" then "Tools" then selet the "details" field of the VPN client and enter the options below (if the PX setup is standard). Happy remote connection. Remember to start PX anytime you need this feature.

IXON settings for PX proxyIXON settings for PX proxy

Related Links
Hello, I am Mauro a ctrlX DEVELOPR at night and an Application Engineer during the day 😎 . Ask me anything about ctrlX AUTOMATION but my best topics are IoT, AI, SDK and Communication!
Must Read