|
Disable Remote Access but keep the DatamailBox connection - Printable Version +- Ewon Technical Forum (https://techforum.ewon.biz) +-- Forum: Development (https://techforum.ewon.biz/forum-50.html) +--- Forum: BASIC Script (https://techforum.ewon.biz/forum-52.html) +--- Thread: Disable Remote Access but keep the DatamailBox connection (/thread-1215.html) |
Disable Remote Access but keep the DatamailBox connection - simon - 24-03-2020 Hi, I know some people would like to be able to disable the Remote Access connection using the Key switch connected to the DI (like on the Cosy) but keep the DataMailbox connection active. This is actually possible by using an old feature called "VPN protection" that allows you to define up to three IP rules to filter VPN to LAN traffic. See VPNProtection.png (Size: 180,25 KB / Downloads: 42) To be able to set or reset the VPN protection at runtime, I have created a BASIC script function that you can call according to the DI1 value for example (but it could be executed using other triggers like DI2, SMS reception, Webpage...) : Code: ONCHANGE "DI1", "@SwitchOffOnRemoteAccess(DI1@)" //In init section. Calling the function causes a VPN disconnection/reconnectionWith this script, you'll disable the access to any LAN devices (through eCatcher/M2Web or eCatcher Mobile) but you'll keep the web access (FTP access is disable too) to the Ewon itself through its VPN IP using eCatcher/eCatcher Mobile or through M2Web. If you do want to disable the access to the Ewon as well, check the comments in the script. Simon RE: Disable Remote Access but keep the DatamailBox connection - tom.serru - 25-03-2020 Hi Simon, Thank you for this script, exactly what we needed! While testing it, we noticed you also need to put the port as an empty string when you want to block all access towards the eWon device's GUI. When the switch is triggered, it looks like you need to re-connect with eCatcher before the changes are applied. Can this be correct? Regards, Tom RE: Disable Remote Access but keep the DatamailBox connection - simon - 27-03-2020 Hi Tom, - I have modified the script with a new comment about the port (I did test with "0" but empty is probably also ok) - The firewall rule is applied on the Ewon, so eCatcher should not see anything. However, when you turn the switch on/off (and execute the script), it causes a VPN disconnection. So you should loose the eCatcher connection during a short time and eCatcher should reconnect automatically. I have seen sometimes in this case that you have to wait some seconds to get back your connection. Maybe that ? RE: Disable Remote Access but keep the DatamailBox connection - hendrik@shorrock.co.za - 13-08-2021 Dear Simon, Sorry for reviving this old thread, but it was the only applicable one I could find on the Techforum for my question. So here is my question: Can you use the method you described (or another) to lock-out VPN access via eCatcher with the key switch, but to retain the Ewon unit online on M2web for viewing a viewON created dashboard on a Flexy for instance. Kind regards, Hendrik (24-03-2020, 09:30 AM)simon Wrote: Hi, RE: Disable Remote Access but keep the DatamailBox connection - simon - 20-08-2021 Hello Hendrick, Yes, this is exactly what the script is doing :-) Simon |