If you are using a dedicated firewall for the Project Node and SCADA Nodes or are using a Firewall with access from Public IP addresses and Private IP Addresses, you should use this feature to modify the BwClient.ini file on your Project Node and SCADA Nodes.
This will allow the Project Node and SCADA node to access itself using a Private IP Address and allow external users to access the Project Node and SCADA Nodes via Public IP Address.
Most Firewalls do not allow a Computer in a Private Intranet to access itself or other computers on the Private Intranet using Public IP Address mapped to the Private IP Address. If the Project Node or SCADA Node uses a dedicated firewall, the Project Node will not be able to connect to itself using its Public IP Address.
If there are Clients on the same Private Network as the Project and SCADA nodes, and Public Clients (i.e. external to the private network), and you are using a Firewall, then the Private Network clients will not be able to access the Project Node or SCADA nodes using the Public IP Address. Also the Project and SCADA nodes can not access each other on the same Private network using Public IP Addresses.
The solution is to use the Public IP Address (and ports) in the WebAccess Project Manager to allow Public Users to access the Project and SCADA Nodes. Then modify the bwclient.ini file on the SCADA nodes and Project Node behind the Firewall.
If you have a modern router, you don’t need to do Address Mapping since a router will essentially redirect a Public IP Address back to the Private IP Address. Although, this may help improve speed of response by reducing reliance on the router to redirect Private IP addresses back to the private network.
To MAP IP Addresses:
1. On each SCADA Node and Project Node behind a Firewall, edit the bwclient.ini file with Notepad.exe or other text editor.
drive:\Webaccess\node\bwclient.ini
Typically it is at:
C:\Webaccess\node\bwclient.ini
2. Create a section named [mapping]
3. Enter the Public IP Address and Port and the Private Address and Port of the SCADA Node(s) or Project Node behind the same firewall (i.e. on the same private network).
You use can a Network Name (the Microsoft Net Bios Name).
If using a dedicated Firewall for each SCADA Node or Project Node you can use the private IP address, localhost or even 127.0.0.1. The format is
[mapping]
64.55.156.4:0=192.168.0.175:0
Where the address listed in Project Manager (and deploy file) is on the left, and will be replaced by address on the right (usually a private IP address).
4. Save the bwclient.ini file to drive:\WebAccess\Node. Optionally copy it to the Project node or other SCADA nodes. Optionally copy it to the drive:\WebAccess\Client (for use by web local browser).
Note - even though it says bwclient.ini,when copied to drive:\Webaccess\Node, it is used by the SCADA and Project Node software for acting like a client to itself!
5. Stop webvrpcs.exe in Task Manager on the SCADA Nodes and Project node.
6. Restart webvrpcs.exe. Start -> Programs -> Startup -> WebAccess Network Service.
Example bwclient.ini file for Client, SCADA or Project Node connecting with network addresses using Private IP Address (i.e. behind a firewall on an Intranet) and with other clients and/or SCADA nodes (who do not use this file) connecting via Public IP Address.
C:\Webaccess\node\bwclient.ini
[viewer]
bitmap=mspaint.exe
bitmap_width=
bitmap_height=
text=notepad.exe
actlog=notepad.exe
almlog=notepad.exe
[mapping]
64.55.156.4:0=192.168.0.175:0
64.55.156.4:4592=192.168.0.175:4592
64.55.156.4:14592=192.168.0.175:14592
64.55.156.4:80=192.168.0.175:80
About Private IP Addresses (Reserved Addresses)
Note that 192.168.0.175 in the above example is a private IP address also known as a Reserved Addresses.
The "blackhole" Servers, "blackhole-1.iana.org" and "blackhole-2.iana.org", are an obscure part of the Internet infrastructure. Specifically, these servers are part of the Domain Name System (DNS), and respond to inverse queries to addresses in the reserved RFC 1918 address ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
These addresses are reserved for use on private intranets, and should never appear on the public internet. The 192.168.0.0 addresses are especially common, being frequently used in small office or home networking products like routers, gateways, or firewalls.