02-14-2012 09:44 AM
The issue can be corrected in MAX. MAX should ignore the local address in the cRIO configuration, but use the external ip address that I specify when I use the "Remote Device (not on the local subnet)" search function.
02-14-2012 09:46 AM
I agree with Theo. The fact that we have already established the network connection manually and then MAX defaults to whatever the cRIO responds with is the issue.
02-14-2012 09:53 AM - edited 02-14-2012 09:54 AM
Whether the issue is from MAX or the cRIO is a "chicken and egg" problem. I think I will try a hack work around when I get my system back online. This is to set the local cRIO IP address to the same address as my remote router's static WAN side IP address. If my low end router can handle the WAN and LAN address ranges being the same, this may work. It is the only thing I can think may work at this point.
I am personally far more interested in getting the remote target (cRIO) to connect through a LabVIEW project than through MAX. I have been using the MAX connection as the first step.
02-23-2012 11:52 AM
Here is an excerpt from the response I got from NI about using a NI-9163 behind a NAT firewall and may be applicable to the cRIO issue as well.
"... The 9163 modules uses a Datagram Delivery Protocol (DDP) broadcast to communicate with MAX at any level deeper than purely being able to recognize the device. With this sort of protocol, the actual address of the device, in this case the 9163, is embedded in the packet instead of the NAT address which is the only way that MAX would be able to interact with the device through the firewall. Using the hardware you are using, we aren't sure that this device will be able to communicate through the NAT firewall..."
"... Our cDAQ 9181 and 9191 devices use a different protocol, mDNS, to communicate between the device and MAX. The NAT firewall should not cause any issues with these devices..."
So I have to upgrade to get this to work, a solution I am willing to do.
02-23-2012 12:34 PM
Hi Randall-
Hopefully the cDAQ-918x or cDAQ-9191 will be able to meet your needs. One limitation you may want to be aware of, though, is that accessing the device across a NAT boundary does require forwarding all of the ports (indicated in the specifications for those chassis) to a specific IP 'inside' the NAT. So, you wouldn't be able to hook up many cDAQ chassis across a NAT from your host and expect them all to work because the port selection isn't dynamic.
Before we released the cDAQ-9188 (8-slot ethernet), I took one home and hooked it up behind my home router and then forwarded all of the ports listed in the documentation to the cDAQ-9188 client. After that, I could Add and Reserve it in MAX from my machine at the NI offices by pointing the DAQmx configuration at the IP address of my home router as assigned by my ISP. But, we do not support dynamic port assignment for services or other protocols that might or might not allow using multiple chassis behind a NAT, unfortunately.
Hopefully this helps-
02-23-2012 01:00 PM
Randall and I are working together. 🙂
The firewall we are using is an enterprise class firewall. We will configure it with a 1to1 NAT so no port forwarding is needed. Then I will write rules to only allow the required traffic in to the device.
But yes depending on the hardware being used it could be a problem using port forwarding for multiple devices.
We will definitely keep this thread updated on our experience.
Thanks!
02-23-2012 01:47 PM
I couldn't find a listing of specific ethernet ports required for the cRIO-9025 controller. Can you point me in the right direction Tom?
02-23-2012 06:07 PM
Ebnelson,
Please see this other discussion forum where it lists the ports. If you go to the solution it lists all the required ports for the firewall settings.
02-23-2012 06:49 PM
Except the "solution" fails to mention that port 44525 (Ethernet Target Device Discover) only used when the cRIO and PC are on the same subnet. If we were all on a local subnet /w our cRIO targets, none of us would have had a problem. What I'm hoping for is the port numbers and type of connection (TCP, UDP, ...) for all connections required to connect to a remote target, on the other side of a firewall, from a LabVIEW project. If I have a chance to take a simple home router to work I may come with that list myself.
Is the MAX discovery only process that changes ports if the target is on a local subnet vs. external WAN?
02-24-2012 07:50 AM
@ericbnelson wrote:
Except the "solution" fails to mention that port 44525 (Ethernet Target Device Discover) only used when the cRIO and PC are on the same subnet. If we were all on a local subnet /w our cRIO targets, none of us would have had a problem. What I'm hoping for is the port numbers and type of connection (TCP, UDP, ...) for all connections required to connect to a remote target, on the other side of a firewall, from a LabVIEW project. If I have a chance to take a simple home router to work I may come with that list myself.
Is the MAX discovery only process that changes ports if the target is on a local subnet vs. external WAN?
Ebnelson,
you also have to forward the ports for the shared variables.
I personally forward all these ports:
80
44516
44525
21
20
3079
3580
3537
81
2343 (both TCP and UDP)
59110
62602
57616
51700
I found them using wireshark.