13. Child Device Access
13.1. Overview
Accessing Child Devices by utilizing Connectiviy Suite can be done in two different ways.
Network Address Translation (NAT) on Parent Device
Custom Routes on Parent Device
Given by the network architecture, Connectivity Suite, the Parent Device and the Child Device reside in different IP Networks. In order to access (end)devices, located in Local Area Networks behind routers (as per Fig. 13.1), either a NAT Table or Custom Routes are required to be setup. (see Fig. 13.1).
13.2. Network Address Translation (NAT)
To access Child Devices, such as CCTV Cameras, WiFi Access Points, etc., the Device VPN Network address needs a Network Address Translation (NAT) to the Local Area Network address. For example, the Device VPN Network 10.0.0.0/24 is translated into the Local Area Network 172.16.0.0/24, as per the illustration in Fig. 13.2.
Note
The Subnetmasks of both, VPN Network and the Local Area Network, have to be identical in order for the NAT to work.
13.2.1. NAT Example Use Case
Network Architecture:
VPN Network using an IP Address Block of /19
Device VPN Netowrks using IP Subnetmasks of /24
Local Area Netowrks using the same IP Subnetmask size of /24
The Child Device is given the IP address of 172.16.0.111
A Network NAT from LAN (17.0.0.0/24) to the Device VPN Network (10.0.0.0/24) is setup
Benchmark Data / Limitations of NAT Example Use Case:
Max. 32 routers can be connected to a VPN Network
Max. 256 Child Devices that may be connected to a router
13.2.2. Router Settings for NAT
In order to carry out a NAT, various steps are necessary which are explained in this chapter Section 11.3
13.3. Custom Routes
For the same purpose of setting up direct access to Child Devices, Custom IP Routes may be setup as an alternative to NAT or on top of it. The working principle of Custom Routes is depicted in the illustration Fig. 13.3 below. In contrast to a NAT based Network Design, direct Routes require the LAN Addressing to be unique within a VPN Network. Custom Routes are configured on top of other Routes, such as those required by the System of Connectivity Suite. Furthermore Custom Routes can be configured on a “as needed” basis and do not require the entire system to be configured with them.
13.3.1. Configuration
Enabling custom routes, requires the feature to be switched on under the general settings. In a second step, the effective custom routes are to be configured per device under the device details tab.