Skip to content

Remote access VPN

If enabled, the AL300 Gateway allows users to create a secure remote access VPN connection to the devices connected to the Gateway itself. This is useful, for example, to connect and modify the program of a PLC remotely.

Creation and download of certificate and VPN client (only for the first time)

To access this functionality, you need to have administrator permissions.

  1. open the VPN menu

    VPN Menu

  2. if it has never been done, you need to create your certificate for VPN access

    Certificate creation

  3. download your certificate and install the VPN client following the instructions provided

    Client installation

Creation of VPN tunnel

VPN access does not give access to any device. For each device you want to connect to, you need to create a VPN tunnel. Each VPN tunnel is automatically deleted after 10 minutes of inactivity:

  1. Open the Asset Explorer:

    1. Go to the configuration interface

    Configuration UI 2. Open the Explorer menu

    Explorer

  2. Navigate to the AL300 Gateway of interest, until you see the device you want to connect to (e.g. PLC)

    Explorer

  3. Click on the 3 dots of the device

    Tunnel creation

  4. Click on Create VPN tunnel

  5. Confirm the creation of the VPN tunnel. You can choose whether to query the device with the destination IP address (local IP of the device), or whether to use a virtual IP

    • Keep destination IP address: useful for TIA Portal. It requires a subsequent disconnection and reconnection of the PC to the VPN because the tunnel is received by the user's PC
    • Virtual IP: useful for web interfaces of devices in the field, or when you need to connect to different devices with the same IP connected to Gateways in separate local networks

    IP choice

  6. If you chose to Keep the destination IP address, disconnect and reconnect your PC to the VPN

  7. You can now ping or reach the web interface of the device. For use with TIA Portal choose the TAP adapter network interface

Diagnostics and troubleshooting

In case of problems, you can analyze the operating status of the VPN tunnel.

  1. check that the device responds to pings (instructions). If it responds to pings, the VPN is working correctly. Check the application parameters (e.g. IP in the browser)

  2. check that your PC is connected to the VPN. The procedure is different depending on your VPN client

  3. check the status of the VPN tunnel in the VPN menu:

    1. open the list of active tunnels Tunnel list
    2. click on the diagnostics icon for the tunnel to be tested
    3. check that all checks have been successful. To solve some problems, it may be necessary to delete and recreate the tunnel Diagnostics