Old IXON Cloud Support

Already using the new IXON Cloud? Look here instead.

Articles in this section

Mobile VPN

  • Updated

Many industrial manufacturers have their own smartphone app to operate, read, or configure their devices (PLC, HMI, controller, etc). This requires your smartphone to be connected to the device, often via Wi-Fi, locally. Mobile VPN enables you to utilise a manufacturer's smartphone app remotely.

As the name "Mobile VPN" implies, you can set up a secure VPN connection from your mobile phone to the IXrouter. Once connected, you can freely switch to any other app on your smartphone without losing your VPN connection.

Mobile_VPN.png

How do I use mobile VPN?

Requirements

  • Smartphone running on iOS 9 or higher, or Android 5 or higher
  • The IXON Cloud mobile app (available for iOS and Android)
  • If you're using an IXrouter2 it needs to run firmware 2.13 or higher. In case of an IXrouter3 it needs to run firmware 3.14 or higher. Please upgrade your firmware if you are running an older version.

Stealth mode

Mobile VPN currently does not support Stealth mode.

If you meet these requirements it's quite simple.

  • Start the IXON Cloud mobile app and login.
  • Navigate to an IXrouter.
  • Press [Connect] as you would do on a desktop computer.

Next step

You now have a VPN connection and can switch to another app on your smartphone to connect to the PLC, HMI, or other devices. The VPN connection stays active in the background.

Technical background

With Mobile VPN, you create a secure layer 3 VPN tunnel to your IXrouter or IXagent. Traffic destined for the IXrouter, or the machine(s) connected to it, will be routed through the tunnel and allow for communication between you and the remote site.

The VPN API available in Android and iOS only provide the ability to create layer 3 VPN tunnels to route traffic through, as opposed to a layer 2 VPN tunnel which would make a true bridge possible, such as in a switch. In practice, the vast majority of the industry standard protocols rely on IP, TCP, or UDP, and work fully over layer 3. One of the many examples of layer 3 traffic, which works via Mobile VPN, is VNC traffic. Examples of layer 2 traffic, which doesn't work via Mobile VPN, are most broadcasting and scanning functions. Keep in mind that you can always reach your machine based on its IP address, as that is layer 3 traffic.