FieldPoint Family

Qualified yes.  I would recommed that you run the FP unit in private ip space (192.168.x.x or similar) on a VPN.
We do exactly that with remote FP units on our VPN.  Works just fine except that you can't browse for nodes in
MAX; you have to know and type in the IP address.  I wouldn't expose the FP controller to the open internet.

Matt

Matt

    Thanks for the notes.  I'm not exactly sure how to set up a VPN.  Being that I am an engineer the IT people never let me near the network equipment for fear that I may have an adverse effect on it.  I already have the controller on its own IP address 192.168.x.x connected to a router.  Do you know where I would be able to find instructions on setting up a VPN and how to connect to the controller through MAX via a VPN?

Thanks
Scott

Are you able to ping the 192.168.x.x number already assigned to the controller from your remote location?
If so, there is already a VPN setup.

As far as setting up a VPN if one doesn't exist, I expect IT will have to do that for you.  There are many
low cost gadgets (Linksys BEFVP41, etc.) that will do the job but if they are serious about security they
will insist on having control.  If you have telecommuters they may already have the infrastructure in place
and you might just need to setup a client on your remote pc.  Lots of different ways to do this, but all
will probably require IT cooperation.

Matt

The unit isn't powered up right now but it will be tomorrow and through the week.  The IP address I assigned is pretty simple.  I would bet that there are a million devices out there with the same IP address connected to the internet in one fashion or another.  So if more then one device is no the internet with a VPN hooked up how would I be able too ping the right one?  I'm assuming I have to talk to the router first and ping it through the router.  I appreciate your help; I'm not very knowledgeable about the inner-workings of internet communication.

A 192.168.x.x address is a private address, meaning that it will not be routed out on the internet.  In general,
any properly configured internet router will drop a message destined for 192.168.x.x into the bit bucket.  There
are several other private spaces, including 10.x.x.x.  These spaces are used within an organization so that
they don't have to use up 'real' (i.e. routable) internet addresses for all the devices on their network.

The router between your internal network and the internet will do something called Network Address Translation,
NAT, where the 192.168.x.x addresses are translated into routable addresses as required.  If you connect to
a web server that is internal to your company, there is no translation; you connect to 192.168.1.6, for example,
and it sees your computer as 192.168.1.7.  When you connect to an external webserver, the router will translate
your 192.168.1.7 into a routable internet address, so the webserver you connect to will see your request as
coming from 209.137.185.23 (for example).  When that external webserver responds to that address, the router
will convert the addresses back to 192.168.1.7 and send the packet on to your computer.

VPNs work as kind of another layer on top of NAT.  Imagine location A with an internal address space of
192.168.4.x and location B with an internal address space of 192.168.7.x.  Each has an internet router
that does NAT as above.  Each of the routers also knows of the private ip space that the other has.
When a device at location A (192.168.4.x) sends a message to an address at location B (192.168.7.x),
the routers communicate directly with each other and translate the addresses appropriately.  If you were
looking at the internet connection between the routers, the translated packet would probably also be
encrypted.

There is a good picture here, about half way down under 'VPN Technology Examples':
http://www.draytek.co.uk/products/about_vpn.html

Some more background:
http://www.iec.org/online/tutorials/vpn/index.html

Matt