47
Security for remote access
User Manual PoolManager
®
84
TIP
Alternative port 55555
Some Internet service providers block access to the
standard HTTP port 80. In that case, port 55555 can be
used, which PoolManager
®
offers as an alternative.
Port forwarding on the pouter has to be set up
accordingly for port 55555.
In the browser, you simply need to add the port to the
IP address or URL. The port is separated with a colon,
such as
http://myPoolManager.dtdns.net:55555
or
http://192.168.1.99:55555
46.4
Multiple PoolManagers
®
on one network
If there are multiple PoolManagers
®
running on one network, then
each device will be given its own IP address. Remote access from the
local network is realised via the corresponding IP address.
For remote access from the Internet, however, direct access of the
various IP addresses is not possible.
Instead, external access can be realised various ports, which the
router forwards to the individual devices' IP addresses.
Example:
PoolManager
®
1
•
IP address 192.168.1.88
•
External access via port 80 (standard port), for example:
http://myPoolManager.dtdns.net
(standard port 80 does not have to be indicated in the URL)
•
Port-forwarding on the router:
Port 80
192.168.1.88:80
PoolManager
®
1
•
IP address 192.168.1.99
•
External access via Port 81, for example:
http://myPoolManager.dtdns.net:81
•
Port-forwarding on the router:
Port 81
192.168.1.99:80
47
Security for remote access
In order to guarantee maximum security, remote access is equipped
with comprehensive security mechanisms:
•
Data transmission in remote access is encrypted
(SSL encryption)
•
Login with username and password is required
•
Supplemental access code necessary
in order to modify parameter settings
•
The default setting is for remote access to be deactivated
•
User rights for remote access can be configured individually
•
It is possible to assign different rights for Internet access and for
access from the local network
When security requirements are particularly high, established IT
concepts can be applied, such as VPN (virtual private network).
Consult an IT specialist as needed.
HAZARD!
Unauthorised access
Despite the highest security standards, there is
fundamentally a residual risk for potential unauthorised
access when releasing remote access. Unauthorised
access can lead to dangerous configurations.
Potential consequence: Death or the gravest
degree of injury, heavy material damage.
•
Do not use trivial
usernames or passwords
•
Handle usernames and especially
passwords strictly confidentially
•
Restrict user rights for remote access according to
your individual security needs in
a sensible manner.
•
Only release remote access for the user level
actually needed.
•
Where possible, use remote access on the local
network only and secure it against unauthorised
access via the standard measures.
•
Where possible, use additional security standards
for Internet remote access, e.g. VPN
(virtual private network)