Manualshelf

User`s manual

ManualsBrandsMoxa Technologies ManualsNetworkingSMG-6100
12345678910
SMG-1100/6100 Introduction
1-2
Overview
The SMG-6100 can be used as a smart gateway with sophisticated Machine-to-Machine solutions to help
construct a tunnel server (IPSec) and bi-directional IP communications. When used with Moxa’s SMG-1100, the
SMG-6100 can serve as a secure networking host over IPSec to back-end host computers and MODBUS TCP
Master/Slave devices.
In addition, the SMG-1100 features 2 software selectable RS-232/422/485 ports, 1 Ethernet port, and
quad-band GPRS/EDGE 900/1800/850/1900 MHz for cellular communication.
The SMG-1100 series provides a sophisticated wireless M2M solution for distributed MODBUS devices.
Implemented with protocol conversion functionality, the SMG-1100 can serve both serial masters and slaves
and the built-in IPSec function guarantees that data transmission is encrypted in a wireless connectivity
environment.
Introduction to IPSec VPN Connectivity
This section describes how to use and manage IPSec VPN on the SMG-6100.
IPSec VPN Requirements
The following requirements must be met to use IPSec VPN on the SMG-6100:
You must have a fixed public IP address accessible to the Internet.
You must have a computer running Device Configuration Gateway (DCG) and SMG Manager to set up and
monitor IPSec VPN for the SMG-6100.
Typical IPSec VPN Scheme
An SMG-6100 acting as an IPSec VPN gateway can create multiple IPSec VPN tunnels between its VPN subnet
interface and remote mobile SMGs via the Internet. An IPSec VPN tunnel is created between the remote
SMG-1100s and the SMG-6100. Computers on the same VPN subnet as the SMG-6100 can securely and
mutually communicate with remote mobile SMGs via IPSec VPN tunnels.
Planning IPSec VPNs
The IPSec tunnel provides mobile operators with an independent solution that considers remote mobile SMGs
part of the internal intranet, allowing several remote mobile SMGs to be implemented on the same subnet. In
the example illustrated below, the SMG-1100 is assigned the IP address of 192.168.30.95 during LAN 1 port
network configuration. After it is deployed to the remote site, its IP address does not need to be changed. This
is convenient as it allows administrators to configure programs such as SCADA and remote device monitoring
at the local field site with a fixed IP address.