How do I Configure a Router for CBAS?
Computrols recommends the use of an inexpensive Cable/DSL Router, in addition to the modem provided by the Internet Service Provider, when connecting CBAS systems to the Internet. This is recommended because it will provide a high level of security against Virus and Hacker attacks. It does this by blocking packets intended for the internal network on all TCP/IP ports, except those specifically forwarded to the computers, programs, or controllers that will accept them.
In order for computers to work with multiple incoming and outgoing network communication packets, the TCP/IP protocol uses thousands of “ports”. Standard programs use specific ports, called “Well Known Ports”. Some examples of Well Known Ports are: port 80/html(Web pages); port 25/smtp(email); port 110/pop(email). CBAS uses some of the ports in the range from port 8750 to 8790.
Common CBAS Ports
Controllers:
- 2225 – Firmware Tool to Controller – Used to update firmware.
- 8760 – DPU to Controller – Primary Communication
- 8770 – DPU to Controller – Used for RS485 HOST.
- 8771 – DPU to Controller – Used for RS485 SECONDARY.
Headend (DPU) & Workstations (GW):
- 8750 – GW to DPU – Used for Workstation connections.
- 8787 – Controller to DPU – Used for Alternative Controller Connection.
- 8788, 8789, etc. - Controller RS485 to DPU – Used for Alternative Controller Connection RS485. Increase port # by 1 for each additional "Alternative" RS485 channel.
- 16000 – CBASWeb to DPU – Used for connection from CBASWeb to DPU.
CBASWeb:
- 22 – SSH to CBASWeb – Used for factory upgrades and configuration.
- 80 – Web to CBASWeb – Used for standard web browser access to CBASWeb.
The router, by default, is set up to allow all outgoing packets. However, most of the time, only port 80 is needed to access the Internet. NAT, or Network Address Translation, is used to disguise or hide the computer accessing the Internet. The router does this by changing the source IP address of the sender to the IP address of the router itself. Thus, the actual sending computer remains anonymous.
The above figure shows the physical configuration of an Internet connection using a router.
In order to configure a router to allow access to the Internet, you must configure both the WAN interface and the LAN interface. The WAN is the Wide Area Network and the LAN is the Local Area Network.
Configure the WAN interface with the IP address, subnet mask, default gateway, and DNS server address that is provided by the Internet Service Provider. For more information on these terms, see the Network Manual.
The LAN interface usually comes pre-configured with an IP address and subnet mask. However, a computer will have to be configured with the correct IP address in order to access and configure both the LAN and WAN interfaces. Configuration is generally done through a web page based configuration tool on the router itself. Follow the manufacturers instructions to configure the router.
Once you can access the Internet from the computer on the LAN side of the router, you can forward the necessary ports through the router to the correct IP addresses.
Recommended routers:
Linksys BEFSR11, w/ 1 LAN port
Linksys BEFSR41, w/ 4 Port switch
D-Link DI-604, w/ 4 port switch
- Was this article helpful?
- Yes 0 people found this article helpful.
- No 0 people did not find this article helpful.
- Give us feedback
