u-link Remote Access Service Technical User Guide Version 1.5.
Legal notice Copyright Notice Copyright 2020 Weidmüller Interface GmbH & Co. KG All rights reserved. Reproduction without permission is prohibited. Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of Weidmüller. Weidmüller provides this document "as is," without warranty of any kind, either expressed or implied, including, but not limited to, its particular purpose.
u-link - Technical User Guide Table of Contents Page Chapter 1 – Overview u-link Remote Access Service 4 Link Chapter 2 – Starting with u-link / Registration of a new u-link system account 10 Link Chapter 3 – Overview features and functions of u-link Web portal 15 Link Chapter 4 – Setup of a remote access scenario (Example) 23 Link Chapter 5 – Initiating a remote access to remote LAN devices 64 Link Chapter 6 – Further functionality of u-link 73 Link Chapter 7 – Standard Functions - Fur
Chapter 1 – Overview u-link Remote Access Service Chapter 1: Overview u-link Remote Access Service 1.1 General information 1.2 How u-link is working / Involved components 1.3 Features of Entry Version (free of charge) 1.4 Features of chargeable Standard Versions 1.5 Link to buyable u-link licenses V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 1 – Overview u-link Remote Access Service 1.1 General information ▪ The Weidmüller u-link Remote Access Service allows an easy and secure access of Service PCs to remote local Ethernet networks via the Internet. ▪ The VPN-based access of a Service PC to remote networks will be provided by the web-based u-link Portal service (VPN server) and a Weidmüller Router (VPN client) located in a remote target network.
Chapter 1 – Overview u-link Remote Access Service 1.2 How the u-link Remote Access Service is working / Involved hard and software components The u-link Remote Access Service consists of the 3 components… ▪ Web accessible u-link Portal servers to manage the customer specific account. − Device configuration representing the real devices located in the field. − User configuration representing the Service PCs which do a remote access.
Chapter 1 – Overview u-link Remote Access Service 1.3 Features of Entry Version (free of charge) General features ▪ Can be used free of charge, no time limitation of use ▪ Maximum 50 Router objects configurable (Access points to a remote network) ▪ No limit on the number of configurable service users ▪ 2 VPN pass-through connections (Service PC → u-link VPN server → Router/Remote network) simultaneously usable. ▪ Bandwidth of VPN connection (calculated on total data volume of a system account) ▪ max.
Chapter 1 – Overview u-link Remote Access Service 1.
Chapter 1 – Overview u-link Remote Access Service 1.5 Link to buyable u-link licenses ▪ For detailed information about available license types please check the Weidmüller product catalogue. ➢ Open www.weidmueller.com ➢ Select ‘Product Catalogue’ ➢ Select ‘Active Industrial Ethernet’ ➢ Then select section ‘u-link Licences’ in product group overview Hyperlink to u-link licenses (Weidmüller product catalogue) V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved.
Chapter 2 – Starting with u-link / Registration of a new u-link system account Chapter 2: Starting with u-link 2.1 Registration of a new u-link system account V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 2 – Starting with u-link / Registration of a new u-link system account 2.1 Registration of a new u-link system account Open u-link Web page (Step 1) ➢ Open a browser and enter u-link.weidmueller.com. ➢ Click button ‘Register’. Select language (English/German) Starting the registration process (Step 2) ➢ Enter your registration data. ➢ Click button “Next”. Notes: ▪ This user will be the administrator of the u-link system account. Also this user can be used for remote access service.
Chapter 2 – Starting with u-link / Registration of a new u-link system account 2.1 Registration of a new u-link system account Registration process (Step 3) ➢ Set checkbox that you agree to the “General u-link terms and conditions”. ➢ Enter for security reasons the captcha characters displayed as graphical image. ➢ Click button “Next”.
Chapter 2 – Starting with u-link / Registration of a new u-link system account 2.1 Registration of a new u-link system account Registration process (Step 5) ➢ Open your received mail “Registration system account”. ➢ Click on hyperlink “Verifying system account”. Example of a verification mail Hyperlink to verify and activate the registered u-link system account. Registration process (Step 6) ▪ Now your standard browser will be opened displaying the information that your u-link successfully was activated.
Chapter 2 – Starting with u-link / Registration of a new u-link system account 2.1 Registration of a new u-link system account Registration process (Step 7) ➢ Check your mailbox regarding the mail “Registration Administrator”. ▪ This mail contains some information about your entered registration data and how to logon to the u-link Web portal. ▪ Additionally it contains the “Activation code” to register / unlock the software “u-link VPN client” using this account for remote access.
Chapter 3 – Overview features and functions of u-link Web portal Chapter 3: Overview features and functions of u-link Web portal 3.1 u-link Login page 3.2 Menu News & Downloads 3.3 Menu User Profile 3.4 Menu Service Desk 3.5 Menu User Management 3.6 Menu Device Management 3.7 Menu Account Management V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 3 – Overview features and functions of u-link Web portal 3.1 u-link Login page ▪ For logon to the u-link Web portal any standard browser is supported. ➢ Open a browser and enter u-link.weidmueller.com ➢ Login with user name (Mail address) and password of the account creator (is automatically the Administrator). V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 3 – Overview features and functions of u-link Web portal 3.2 Menu ‘News & Downloads’ (Initial state after registration) ▪ After successful login the menu “News & Downloads” automatically is opened (Home page). Current license is always the ‘Entry Version’ after registration. ▪ This page is separated into the 3 sections: Logged-on user ▪ “Your profile” → Contains information about the data of the logged-on user. Each created u-link user can see this Web page after login.
Chapter 3 – Overview features and functions of u-link Web portal 3.3 Menu ‘User Profile’ (Initial state after registration) Each logged-on u-link user can change his own editable - profile data and set a new password via menu ‘User Profile’. ▪ Tab ‘User data’ • Show / Edit the data of logged-on user • Change Password • Select default language when logged on • Select default Home page when logged on Note: Group membership and User permissions cannot be changed in the Entry-Version.
Chapter 3 – Overview features and functions of u-link Web portal 3.4 Menu ‘Service Desk’ (Initial state after registration) ▪ This menu will be used for access of remote devices (connecting to remote Router / Network devices). ▪ The screenshot is displaying the initial status after registering a new u-link system account: Status after registration: ▪ No devices configured.
Chapter 3 – Overview features and functions of u-link Web portal 3.5 Menu ‘User Management’ (Initial state after registration) Creation of a new user The user who has registered the u-link system account automatically is the account administrator. You can identify him with the orange symbol. This administrator account also can be used for remote access. Permissions of users are based on membership of groups ‘Administrators’ and ‘Service’.
Chapter 3 – Overview features and functions of u-link Web portal 3.6 Menu ‘Device Management’ (Initial state after registration) ▪ This menu will be used to configure device objects (Router, Ethernet-based devices connected to the Router) representing the physical remote devices. ▪ The screenshot is displaying the initial status after registering a new u-link system account. → No devices configured (Container ‘Device Topology’ is empty).
Chapter 3 – Overview features and functions of u-link Web portal 3.7 Menu ‘Status’ (Initial state after registration) ▪ This menu is displaying status and license information of this system account. ▪ When registering a new u-link system account the version always will be the ‘Entry Version’. An upgrade to a chargeable ‘Standard Version’ can be done via button ‘Upgrade to StandardLevel’.
Chapter 4 – Setup of a remote access scenario (Example) Chapter 4: Setup of a remote access scenario (Example) 4.1 Illustration of sample application 4.2 Creating a new user account (u-link Web portal) 4.3 Administration of a user account (u-link Web portal) 4.4 Setup of the Device configuration (u-link Web portal) 4.5 Preparing of the Service PC 4.6 Configuration of the Router V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved.
Chapter 4 – Setup of a remote access scenario (Example) 4. 1 Illustration of sample application (Setup described on next slides) Internet Router Sample application is connected to a DSL-Router. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.2 Creating a new user account (u-link Web portal) Creating a new Service user (Step 1) Note: After registration of a new u-link system account only the administrator account exists. For doing a remote access the administration account also can be used, there is no need to create an additional service user. Next slides describe how to create and maintain a service user.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.2 Creating a new user account (u-link Web portal) Creating a new Service user (Step 2) ▪ As next step the new user will be informed by mail that the administrator has created a u-link user account. ▪ After clicking button ‘Insert’ this window will be displayed to send the ‘User registration mail’ to the mail address of field ‘Destination address’. ➢ Click button ‘Send email’.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.2 Creating a new user account (u-link Web portal) Creating a new Service user (Step 3) (Note: Step 3 is a To-Do by new Service user) ▪ Screenshot shows the mail (Type ‘User Registration’) which the new user has received from the u-link administrator. ▪ At his time the user account already is active but before login to the u-link Web portal the new user has to set an initial password. ➢ Open the mail.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.2 Creating a new user account (u-link Web portal) Creating a new Service user (Step 4) (Note: Step 4 is a To-Do by new Service user) ▪ Screenshot shows u-link Web page „Create password‘“ which will be opened after clicking hyperlink ‘Generate password’ in user registration’ mail. ➢ Enter the password twice. ➢ Click button ‘Create’. ▪ After successful creation the u-link Login page is displayed.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.2 Creating a new user account (u-link Web portal) Creating a new Service user (Step 5) ▪ The new user now is displayed in section ‘Users’ and automatically assigned to group ‘Service’. ▪ The permissions of this user are based on the permissions of group ‘Service’ having following rights: ▪ User Management is prohibited (only allowed for Administrator account).
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.3 Administration of an user account V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.3 Administration of an user account (u-link Web portal) Actions to maintain a service user ▪ Following user-related actions are provided: ▪ View user data ▪ Edit user data ▪ Send an information mail to user containing the user data ▪ Delete the user account Note: The administration of user accounts only can be done by the Administrator.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.3 Administration of an user account (u-link Web portal) Action ‘View user data’ ➢ Click button ‘View’ to open a new window showing the user data on tabs − User Data − Status Information Button ‘View User Data’ − Activation Code ▪ In viewing mode no data can be changed. After first VPN connection of this service user to the u-link VPN server the status is changed to ‘In Use’. V1.5.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.3 Administration of an user account (u-link Web portal) Action ‘Edit user data’ ➢ Click button ‘Edit’ to open a new window showing the user data on tabs − User Data − Activation Code Button ‘Edit User Data’ ▪ In this mode data can be changed. Changeable parameters Password change by Administrator V1.5.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.3 Administration of an user account (u-link Web portal) Action ‘Send information mail to user’ ➢ Click button ‘@’ to open a new window for sending an information mail (containing the user data) to the users mail address. Button ‘Send mail with user data’ This window will be displayed after clicking button ‘@’. Sample mail which the addressed service user will receive. V1.5.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.3 Administration of an user account (u-link Web portal) Action ‘Delete user’ ➢ Click button ‘Delete’ to delete the user. ▪ A window will appear asking you if you are sure to delete the user. After confirmation the user will be deleted. ▪ The list user item in the section ‘Users’ will be removed. ▪ After deletion the mail address used for user login then can be used again. V1.5.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.4 Setup of the Device configuration V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.4 Setup of the Device configuration (u-link Web portal) Create a Router object (Step 1) ➢ Goto menu “Device Management”. ➢ Click Tab “New” to configure the first Router object (access point to devices at remote network). ➢ Drag the Router/Firewall object from “Device selection” and drop it on the container object in ‘Device Topology’.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.4 Setup of the Device configuration (u-link Web portal) Configuration of properties of new Router object (Step 2) ➢ Highlight the Router/Firewall object and click Tab “Device configuration” to display object specific item parameters. ▪ Section “Properties” All items with an “Edit Icon” (except parameter Activation code) can be edited to store individual data to this object.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.4 Setup of the Device configuration (u-link Web portal) Screenshot of created Router object after changing the values of some parameters in section Properties. Changed name also is displayed in section Device Topology This screenshot shows the - on previously slide - created Router object after changing the properties of this Router object. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co.
Chapter 4 – Setup of a remote access scenario (Configuration u-link Web portal) 4.4 Setup of the Device configuration (u-link Web portal) Configuration of a ‘User defined end device’ connected to Router LAN port (Step 3) ▪ The object type „User defined end device“ can be used to define any device type being accessible by an Ethernet communication (TCP/UDP).
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 Preparing of the Service PC Install and configure the u-link VPN client software V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Download and Installation Download u-link VPN Client ➢ Logon to the u-link Web portal using your user name and password ➢ Goto menu “News & Downloads” ➢ Download the provided software from section “News and Downloads from global u-link administration” In this section we provide updates of all downloadable files. Unzip the downloaded file and install the software ▪ For installation you may need admin rights.
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Start program Start software u-link VPN Client on the Service PC ▪ The program window will be opened and the u-link icon will be displayed in the notification area of the taskbar. ▪ Initially the software is not assigned to a u-link user account.
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Configuration (Step 1) ➢ Go to Tab Configuration ➢ Select your language (English / German) ➢ Dependant of your Internet connectivity configure your Proxy Server configuration (often necessary if your Internet access is controlled by corporate IT systems). The Proxy server parameters will be provided by your IT department).
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Configuration (Step 2) Steps of registration process after clicking button ‘Register user profile’ ➢ Click button ‘Next’ (Screenshot 1). ➢ Enter your activation code and click button ‘Next’ (Screenshot 2). ▪ Wait some seconds until the registration process is done (Screenshot 3). Finally the result is displayed. ➢ Click button ‘Finish’ (Screenshot 4).
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Configuration (Error handling when registration process failed) Possible errors if the registration process has failed: ▪ No Internet access Ensure that your PC can access the Internet. ▪ Registration process blocked by Proxy Server If you are located inside of your company network please check if your company Internet connection uses a Proxy server.
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Establish a VPN connection to the u-link VPN server ▪ Conditions: ▪ The u-link VPN client is registered (Profile status ‘activated’ and displaying the user data). ▪ The WWH connection is established (Status ‘Connected’). VPN status: Not connected N2A7YCVXXXXX Icon taskbar ➢ Click button ‘Connect VPN’. ▪ The Client is starting the VPN connection to the u-link VPN server (wait around 15..20 seconds).
Chapter 4 – Setup of a remote access scenario (Configuration Service PC) 4.5 u-link VPN Client → Error management if the WHH connection or the VPN tunnel could not be established WWH error (WHH connection failed) After successful registration the u-link VPN client automatically is trying to initiate a WHH connection to the u-link WWH server. If this fails it can be caused by following reasons: ▪ PC cannot resolve DNS names ▪ An outgoing SSL connection using protocol TCP / port 443 cannot be established.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Download of latest Router firmware (Step 1) ▪ All the Router models except –FN version (which does not support VPN functions) can be used for u-link. ▪ If you would like to use an already running Router with u-link then you need a firmware version 3.0.2 or higher. ➢ Logon to the u-link Web portal using your user name and password. ➢ Goto menu ‘News & Downloads’.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Connecting to the Router and open the Web interface (Step 3) ▪ We assume that the Routers configuration is set to factory default values (LAN IP: 192.168.1.110, WAN IP: 192.168.2.110 or DHCP for 6Port models). ➢ Connect the PC to the Router LAN or WAN port (Here we use the LAN port). ➢ Configure the PCs Ethernet interface to the same IP network range as the Router (e.g. 192.168.1.99).
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Updating the Router firmware to a u-link enabled version (Step 4) ▪ Note: If you update an individually configured Router with an older firmware version the stored configuration will not be changed as long as if you not enable checkbox “Reset to factory defaults”. ➢ Go to menu System → Software Update. ➢ Click button browse and select the firmware file (eg. IE-SR2GT-LAN_FN_3G_V3.1.0_Build_74521.bin).
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Currently connected to PC via Router LAN port (IP: 192.168.1.110) Configuration of basic IP parameters (Step 5a) Internet access via WAN port and using DHCP Screenshot after parameter configuration (but still not applied). ▪ Now the IP parameters of the Routers Ethernet interfaces have to be configured. The LAN port has to be set according to the IP range of the remote network.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Currently connected to PC via Router LAN port (IP: 192.168.1.110) Configuration of basic IP parameters (Step 5b) Internet access via WAN port and using a static IP address Screenshot after parameter configuration (but still not applied). ➢ Goto menu Configuration → IP Configuration. ▪ Configure the WAN IP settings according to the network to which the WAN port will be connected.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Router now is connected via IP 192.168.1.254 Configuration DNS server (Step 5c) Only necessary if WAN port is using a static IP address for Internet access. ▪ Note: To resolve DNS names (like www.google.com) the Router must have access to a DNS Server. If the WAN port is configured using DHCP then the IP address of the DNS server automatically will be provided by the DHCP server.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Configuration of date / time parameters (Step 6) ▪ Note: The VPN connection to the u-link VPN server will use a certificate for encryption. Generally the validity of a certificate depends on date/time stamps (valid from/valid until). For this reason the Routers date and time settings should be set to a current value.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Configuration of HTTP proxy parameters if the Internet connection is passing a Proxy server, requiring authentication by user name and password (Step 7) ▪ See section ‘Preparing the Service PC (u-link VPN client)’ for additional information in terms of proxy settings. Be aware that the Router proxy parameters depend on the network security settings of the Routers location.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Establishing a network connection via WAN port (Step 8) / In this example we use DHCP for IP settings of WAN port. ➢ Connect the WAN port to a network which is providing DHCP and allowing Internet access. ▪ Wait around 30 seconds that the Router is getting IP data from DHCP server. Router now connected via IP 192.168.1.254 1 ➢ Goto menu Diagnostic → System state (Home page).
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Activate the Router for u-link (Step 10) ➢ Goto menu Configuration → VPN → u-link (Tab ‘Configuration’). ➢ Enable checkbox ‘Enable u-link instance’. ➢ Use default values of section ‘VPN connection settings’. ➢ Enable checkbox ‘Use a system wide HTTP proxy’ if the Router Internet access is passing a Proxy Server.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Explanation of u-link configuration parameters Inactivity timeout (Dropdown box) The Router automatically will shutdown a VPN connection after the selected time if no traffic was recognized during this time.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Screenshot u-link Web portal (Menu Device Management) Register (Assign) the Router to the defined Router object configured in the u-link Web portal (Step 11) ▪ For the registration process we need the unique activation code of the Router object. The activation code can be found in the properties of the created Router object (u-link Portal: Menu ‘Device Management’). ➢ Select Tab ‘Registration’.
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Router Web interface (Menu u-link / tab State) Status: • WWH online • No VPN connection to the u-link VPN server Check the status of the u-link connection (Step 12) ➢ Select tab ‘State’. ▪ After successful registration the Router is initiating the WWH communication to the u-link (Status ‘Online’).
Chapter 4 – Setup of a remote access scenario (Configuration Router) 4.6 Configuration of the Router Save the Router configuration (Step 13) ➢ Go to menu System → Save. ▪ If you have changed and applied any settings then in each menu a flashing disk icon is displayed, indicating that the applied settings not yet are saved to the flash memory. By clicking on the disk icon the menu ‘Save’ directly will be opened. Flashing disk icon indicates an applied but not saved configuration.
Chapter 5 – Initiating a remote access to remote LAN devices Chapter 5: Initiating an access to remote LAN devices Conditions Device configuration in u-link Web portal has been done. Software ‘u-link VPN client’ is installed on Service PC and registered. Router has been configured and registered. Note: For demonstrating the access to remote LAN devices we will use the Administrator account. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved.
Chapter 5 – Initiating a remote access to remote LAN devices 5.1 Starting a remote access session Logon to the u-link Web portal using your administrator account (Step 1) ▪ Enter user name and password of the u-link administrator. ▪ Click button ‘Login’. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 5 – Initiating a remote access to remote LAN devices 5.1 Starting a remote access session Goto menu Service Desk (Step 2) ▪ In section ‘Device Topology’ the same defined objects are displayed which previously have been created in menu ‘Device Management’. ▪ In section ‘Connection status PC’ the current VPN connection status (of this PC) to the u-link VPN server is displayed.
Chapter 5 – Initiating a remote access to remote LAN devices 5.1 Starting a remote access session Connect the Service PC to u-link VPN server (Step 3) ➢ Start program ‘u-link VPN client’. ➢ Click button ‘Connect VPN’. N2A7YCVXXXXX ▪ When successfully connected the status and some additional information will be displayed in the program window. ▪ The u-link icon in the task bar is displaying a connected status. Status: Connected ➢ Go back to menu ‘Service Desk’ of the u-link Web portal.
Chapter 5 – Initiating a remote access to remote LAN devices 5.1 Starting a remote access session Start the Router VPN connection remotely via Web-Portal (Step 4) ▪ The VPN connection of the Router to the u-link VPN server can be activated via WWH communication. The permission to activate the Router VPN tunnel remote via u-link Portal can be set or prohibited in menu ‘u-link’ of the Routers Web interface (default allowed).
Chapter 5 – Initiating a remote access to remote LAN devices 5.1 Starting a remote access session Initiate a pass-through connection between Service PC and remote Router (Step 5) ➢ Click button ‘Connect VPN PC ↔ u-link ↔ Router’ to establish a pass-through connection between Service PC and the Router. ▪ A successful pass-through connection is displayed in section ‘Connection Status PC’ containing following information: ▪ Connected to: Name of the selected accessible Router / remote network.
Chapter 5 – Initiating a remote access to remote LAN devices 5.1 Starting a remote access session Accessing a remote LAN device (Step 6) Example shows a Web access to an u-remote IO device. ▪ When having a VPN pass-through connection then generally all devices at the remote network matching the LAN net/subnet - are accessible by the Service PC. In this example we will access the Web interface of device ‘u-remote coupler PN’ (is of type ‘User defined end device’) via IP 192.168.1.55.
Chapter 5 – Initiating a remote access to remote LAN devices 5.2 Closing the remote access session Disconnect from the selected Router / remote network (Step 7) (Finish the remote access session) ➢ First close all active sessions or programs which are accessing IP addresses of the remote network. ➢ Click button ‘Disconnect’. ▪ Now you will have the previous status that both the Service PC and the Router are still connected to the u-link VPN server but you have no longer a pass-through connection.
Chapter 5 – Initiating a remote access to remote LAN devices 5.2 Closing the remote access session Background color of u-link icon in the notification area will change from green to white. Shutdown the VPN connection of the Service PC / Logout from u-link Portal (Step 8) ➢ Open the window of the ‘u-link VPN client’ by clicking the u-link taskbar icon. ➢ Click button ‘Disconnect VPN’. N2A7YCVXXXXX ➢ Go back to menu ‘Service Desk’ of the u-link Web portal.
Chapter 6 – Further Functionality Chapter 6: Further functionality 1 – Dashboard 2 – User defined actions 3 – News from your administrator V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 6 – Further Functionality 6.1 Dashboard ➢ For Router objects there is a dashboard available, which will open in a new tab, when klicked on action button “Open Dashboard” ➢ On the dasboard you will get status information about the selected router. Open Dashboard to get status information V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 6 – Further Functionality 6.1 Dashboard ➢ The dashboard is devided into 4 zones: Device Information, Active Service Connections, WWH History and VPN History Device Information: Shows router specific information and offers the possibility to show the router event log. The function “Show event log…” is only available on active WWH connection The router event log will be deleted by power-loss. WWH History: Shows the WWH connection of the router to the ulink WWH Server.
Chapter 6 – Further Functionality 6.1 Dashboard ➢ Action button “Show event log…” opens a popup which shows the eventlog of the router. The router eventlog will be deleted after power-loss. It can be exported in a .csv file ➢ Action Button “Show History…” opens a popup which shows the history of service PC’s connected to the router. This information can be used to document service accesses and e.g. to invoice an exact service fee. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co.
Chapter 6 – Further Functionality 6.2 User-defined actions ➢ For all objects (Routers, User defined end devices, Groups and Locations) actions can be defined in the Device Management. ➢ In section actions click on button “Add” to create a user-defined action ➢ A popup will appear with an actions list. The action “Open a Web page (new Tab)” is listed. More actions may be added later.
Chapter 6 – Further Functionality 6.3 News from your administrator ➢ As administrator you can create news for all users in this u-link system account. ➢ To create news press “Add News” in the “News and Downloads” page ➢ A popup with an html editor will open Design: Write text or copy and paste images in the editor. The editor will create html code out of the formatted text. HTML: Write direct html code, copy it from another html editor or view/edit the html code of the news created in “Design”.
Chapter 7 – Standard-Version Functions Chapter 7: Standard Functions - Further functionality in Standard Version 1 – Firmware Management 2 – China Access 3 – Password Policy 4 – Access Rights 5 – Eventlog 6 – Templates V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 7 – Standard-Version Functions 7.1 Managing Firmware of connected Routers ➢ In the menu Firmware Management there is a list of all routers that were created in the portal. ➢ Only Routers with Internet Connection (as indicated by ) can be updated or selected for update. ➢ Information about Product, Serial No, Version and Build of the router are displayed (status of last WWH connection) and empty if router wasn’t connected before.
Chapter 7 – Standard-Version Functions 7.1 Managing Firmware of connected Routers ➢ With the filter function it is possible to search for specific devices ➢ The History function shows all Firmware related information with timestamps ➢ The Schedule Update function is for updating. ➢ Select which Firmware should be the new one.
Chapter 7 – Standard-Version Functions 7.1 Managing Firmware of connected Routers ➢ After scheduling an update, information about the update are displayed in the Firmware Management window. ➢ With “Change” the planned updates can be edited or deleted. Date and time, when ➢ When more than 10 devices per u-link account (including all users) are scheduled at the same, they will be bunched together in update will be performed groups of 10, which will be updated successively. E.g.
Chapter 7 – Standard-Version Functions 7.1 Managing Firmware of connected Routers ➢ After start of an update the current status will be displayed. ➢ The status will be updated by reloading of the website/the table which is every 5 seconds. ➢ After successful update the router will restart. The restarting of the router might take up to 60 seconds Status of the update, will be renewed every 5 seconds After sucessful or disrupted update the status will be deleted after 10 minutes.
Chapter 7 – Standard-Version Functions 7.2 China Access ➢ China prevents cross-border VPN connections with the so called Great China Firewall. As soon as VPN tunnels are detected they are shut down immediately, which also prevents remote access solutions to machines.
Chapter 7 – Standard-Version Functions 7.3 Password Policy ➢ To ensure the security of the user accounts, a password policy can be set for the whole account ➢ In the password policy the settings for minimum amount of: ➢ Characters (Password Length) ➢ Symbols ➢ Uppercase characters ➢ Lowercase Characters ➢ Number Characters Can be set.
Chapter 7 – Standard-Version Functions 7.4 Access Rights ➢ Access rights can be set for every object in the Device Topology.
Chapter 7 – Standard-Version Functions 7.4 Access Rights Examples for several entries: IP address list Ports Protocols * * * 192.168.1.110 80 UDP Line 1 includes Line 2, so that all IP addresses with all Ports and Protocols are allowed. IP address list Ports Protocols * * TCP 192.168.1.110 80 UDP Line 1 allows access to all IP addresses with all Ports and TCP Protocol. Line 2 allows additionally access to IP 192.168.1.110 on Port 80 with UDP Protocol.
Chapter 7 – Standard-Version Functions 7.4 Access Rights ➢ If a user has restricted access to the local network of a router, the information will be displayed in the service desk as “Accessible network (restricted)” ➢ To get more information the user can click at the info button. A window will turn up which will show the access settings. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Chapter 7 – Standard-Version Functions 7.5 Eventlog ➢ The Eventlog displays all actions that happen in the portal. ➢ The Date for the Eventlog will be the Servertime, which is (Winter UTC+1, Summer UTC+2). ➢ The eventlog can be filtered to show a specific timeframe, category level or messages with a specific text. ➢ The export-function will generate an .csv file with all entries fitting to actual filter rules V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved.
Chapter 7 – Standard-Version Functions 7.
Appendix Appendix 1 – Registration of Router to u-link failed (How to solve) 2 – General support in case of Router problem issues 3 – Functional diagram of u-link 4 – Connection requirements of u-link VPN clients (Service PC / Router) 5 – Activating / de-activating Router VPN connection by digital input 6 – Technical u-link support V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Appendix 1 – Registration of Router to u-link failed (How to solve) A1 - Router registration failed Failure message 1: Registration failed - Check registration code, ensure that status of activation code in u-link portal is set to ‘not used’ or ‘Released for additional activation’ Following issues can cause this error: Error 1 - A wrong activation code was entered. ➢ Please verify the activation code. If entered wrong repeat the registration process.
Appendix 1 – Registration of Router to u-link failed (How to solve) A1 - Router registration failed Failure message 1 continued Error 3 - The entered activation code already has been used either for registering another Router or you have tried to register this Router a second time. A registration / activation code may be used only one time for registering a Router. The activation code is used to dedicate uniquely a physical Router to a configured u-link Router object (u-link Device Management).
Appendix 1 – Registration of Router to u-link failed (How to solve) A1 - Router registration failed Failure message 2: Registration failed - Network error (Check network and proxy settings) 1. Investigate generally the Internet accessibility in terms of configured network parameters: ➢ Check via menu ‘Diagnostics → Ping test’ if an Internet IP (eg. 8.8.8.8) is accessible. ➢ Check via menu ‘Diagnostics → Ping test’ if an Internet device via DNS name (eg. www.google.com) is accessible.
Appendix 2 – General support in case of Router problem issues A2 - General Router support by Weidmüller If any problems in terms of u-link connectivity or other Router features require support from Weidmüller please proceed as described below. ➢ Goto menu ‘System → Backup settings’ Router Web interface Menu System → Backup settings ➢ Click button ‘Download settings’ to export the configured Router settings (a file with extension .cf2) will be created.
Appendix 3 – Functional diagram of u-link A3 - Functional diagram of involved u-link components Service PC Router V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.
Appendix 4 – Internet connection requirements of u-link VPN clients (Service PC / Router) A4 - Overview of used u-link connection parameters Minimum required communication parameters for u-link VPN Clients (PC and Router): Version Registration Router VPN Client (PC) Updated October 09, 2020 Protocol / Port Used DNS name Currently used Target IP Comments Connection type TCP / 443 / 80 TCP / 443 / 80 u-link.weidmueller.com www.u-link.weidmueller.com 13.69.30.109 Registration Outgoing 217.119.57.
Appendix 4 – Internet connection requirements of u-link VPN clients (Service PC / Router) A4 - Overview of used u-link connection parameters including fallback and backward compatibility servers All possible communication parameters for u-link VPN Clients (PC and Router): Version Registration Router VPN Client (PC) Updated December 03, 2018 Protocol / Port Used DNS name Currently used Target IP Comments Connection type TCP / 443 / 80 TCP / 443 / 80 u-link.weidmueller.com www.u-link.weidmueller.
Appendix 5 – Activating / de-activating Router VPN connection by digital input A5 - Activating / de-activating a u-link VPN tunnel via 24 VDC digital input Start/Stop VPN tunnel: ➢ Establish VPN tunnel by connecting Pin 2 (VPN initiate) to 24 VDC and Pin 4 (GND) to ground of power supply. ➢ Deactivate VPN tunnel by removing 24 VDC from Pin 2. ▪ The status of the u-link VPN tunnel (on-/offline) is signalized by Pin 3 (Digital output “VPN active”).
Appendix 6 – How to change IP address/netmask of Router LAN port via u-link VPN connection A6 - Change LAN IP address/netmask of a remote Router via u-link VPN connection Situation (Example): ▪ Current IP configuration of remote Router: LAN port IP/Subnet: 192.168.1.110 / 255.255.255.0 WAN port IP/Subnet: 192.168.99.206 / 255.255.255.0 Requirement: ▪ The LAN port IP/Subnet shall be changed via u-link to: IP address: 192.168.50.254 Subnet mask: 255.255.255.
Appendix 6 – How to change IP address/netmask of Router LAN port via u-link VPN connection A6 - Change LAN IP address/netmask of a remote Router via u-link VPN connection Note: The connected PC still has the routing entries to previous Router LAN and WAN IP networks 192.168.1.0/24 and 192.168.99.0/24. To update the PCs routing table do following: New accessible networks at Routers LAN/WAN ports ➢ Disconnect the PC from the remote Router. ➢ Disconnect the Router VPN connection to u-link.
Appendix 8 – Technical u-link support A7 – Technical customer support For any technical issues or support requests in terms of the u-link Remote Access Service please send a mail to address u-link-support@weidmueller.com. V1.5.1 / Oct, 2020 Copyright © 2020 Weidmüller Interface GmbH & Co. / All rights reserved. Reproduction without permission is prohibited.