Posts: 4694
Threads: 24
Joined: Aug 2017
Reputation:
213
This is blocked for security. In LM we have Zerotier which lets you connect securely. Contact SE support directly.
------------------------------
Ctrl+F5
Posts: 1770
Threads: 6
Joined: Jul 2015
Reputation:
118
Check the official communication from KNX Assosiation later today.. Then you know why we closed it ..
Posts: 94
Threads: 29
Joined: Nov 2020
Reputation:
1
I understand the problem, and I'm aware of the KNX secure process etc etc, but I have an old installation without a VPN and I have to reach it, is there a way?
Posts: 4694
Threads: 24
Joined: Aug 2017
Reputation:
213
If you use VPN then you don't need NAT. Only public IPs are blocked. When you are on VPN then you use local IPs,
------------------------------
Ctrl+F5
Posts: 94
Threads: 29
Joined: Nov 2020
Reputation:
1
Yes, I know it, but I didn't have a VPN there, is it possible to reach the bus via ETS in that case?
Thank you
Posts: 4694
Threads: 24
Joined: Aug 2017
Reputation:
213
Via LM yes, Wiser NO
------------------------------
Ctrl+F5
Posts: 38
Threads: 11
Joined: Jul 2017
Reputation:
0
Hi,
I have LM in local network behind the firewall and I made a custom port with restricted source IP that redirects to LM 3671.
However it does not work - my i3pro application does not work from outside the network even the fw shows all redirects are working properly.
What could cause a problem? is there any way to check LM logs for KNX connections?
thanks
Posts: 1770
Threads: 6
Joined: Jul 2015
Reputation:
118
Did you enabled "NAT mode" in the ETS connection settings?
Posts: 265
Threads: 37
Joined: Apr 2019
Reputation:
4
Hello, in LM devices with old Firmware, would it be enough to uncheck the option of 'KNX IP Features'? so the access would be blocked by the 3671?
Posts: 7820
Threads: 42
Joined: Jun 2015
Reputation:
450
Yes, disabling IP features is enough
Posts: 4694
Threads: 24
Joined: Aug 2017
Reputation:
213
Only if you use TP-UART mode, If Routing is selected then this is still enabled.
------------------------------
Ctrl+F5
Posts: 7820
Threads: 42
Joined: Jun 2015
Reputation:
450
Dynamic DNS does not provide any kind of protection. It does not matter if it's a domain name or an IP address. Opening port 3671 is a security issue in a any case.
Posts: 11
Threads: 2
Joined: Mar 2016
Reputation:
0
There is no other way to connect to port 3671 other than via VPN, otherwise it is not possible?
I have a problem on my computer with an L2TP connection, it is disabled by WIN-10. I've already gone through what, no change in settings has helped, not even in the registers.
Posts: 4694
Threads: 24
Joined: Aug 2017
Reputation:
213
Have you tried ZeroTier? It is not VPN strictly speaking.
------------------------------
Ctrl+F5
Posts: 11
Threads: 2
Joined: Mar 2016
Reputation:
0
16.02.2022, 17:13
(This post was last modified: 16.02.2022, 17:43 by Dan22.)
I haven't tried zero tier, there is a guaranteed guide somewhere, I would not like to go to LM at the customer's
Daniel,
Thanks for the advice, ZT works.