Network
We have a VPN which connects workplaces and our main LÄB Locations. This allows to easily access devices remotely.
VPN sites
The following sites are currently connected in our LÄB VPN:
Berlin Koppenstraße 8, 5th floor (SI Desks in office)
Accessing the VPN
If you are already connected to a VPN site, nothing needs to be done - you are already connected to the VPN. When you are working from a remote place, the Azure VPN Client is needed with a configuration.
Hint
Only Mac and Windows machines are officially supported.
Get permissions in Azure
Requesting access by creating a ticket here
Provide your username (Microsoft Entra-ID)
State that you want access to the IoT network
Client configuration
Windows
The software and configuration will be automatically installed on your device. If the automatic setup does not work, manually install the Azure VPN Client. Import the configuration (see instructions below for MAC).
MAC
Install the Azure VPN Client.
Import the
Azure VPN Configuration filein the Azure VPN Client.
Attention
In our setup at Enpal it is only possible to connect to one VPN at a time, because IP ranges are overlapping. Other VPNs like ioted or ones used for backend/database access do not work at the same time.
Forwarded Ports
Port |
Description |
|---|---|
ICMP |
Ping |
20, 21, 22, 989, 990 |
FTP, SFTP |
22 |
SSH |
53 |
DNS |
80 |
Webserver (HTTP) |
443 |
Secure Webserver (HTTPS) |
445 |
SMB |
502 |
Modbus TCP |
1883, 8883 |
MQTT |
2049 |
NFS |
3000 |
Grafana |
3306, 5432, 1433 |
SQL |
61631, 61632, 5540, 11097 |
Thread, Matter |
7000 … 7500 |
Test ports |
8088, 8086 |
Influx DB |
8006, 5900-5999, 5404, 5405 |
Proxmox |
22222 |
Balena SSH |