Articles in this section

M2M Cloud Cluster

  • Updated

The M2M Cloud Cluster is an add-on to the IXON Cloud that enables you to remotely access all of your machines at the same time over VPN. Whereas you normally need to connect to individual machines separately, with the M2M Cloud Cluster this manual action is no longer needed due to the permanent VPN connection on your system.

The M2M Cloud Cluster is commonly used for BMS or SCADA systems that need to control, manage, and monitor various machines that they do not have a direct connection to or that may not even be at the same physical location. Thus requiring a secure remote connection to all machines at the same time, which is exactly what the M2M Cloud Cluster provides.

IXON_M2M_Images_V01_04.jpg

How does it work?

The M2M Cloud Cluster is, underneath, a VPN server with custom rules. This is completely set up and maintained by IXON at a location of your choice. Those custom rules enable simultaneous access to all of your machines from one or more systems. In other words, if you on your computer need access to all your machines at the same time to more easily get your work done, that’s possible. Another example is if you have a local or even cloud server that needs to access all your machines without human intervention.

Your IXrouters will automatically connect to the M2M Cloud Cluster. By default, they will receive an automatic VPN address. However, for reliable long-term communication between your system and the machines it is strongly recommended to configure a static VPN address for each IXrouter. This is easily set in the IXON Cloud and just needs to be followed by toggling the IXrouter’s VPN connection to effectively apply the static VPN address.

Connection method
Your system also needs to connect to the M2M Cloud Cluster and then additionally needs to know how it can reach the devices behind the IXrouters. There are 2 connection methods:

1. Using the OpenVPN client   2. From behind an IXrouter
M2M_Connection_method_-_OpenVPN_Client.png   M2M_Connection_method_-_from_behind_an_IXrouter.png

Connection method 1 is recommended (using the OpenVPN client). With connection method 1, the OpenVPN client can be configured to automatically connect upon system startup and will automatically reconnect if the VPN connection is ever lost. Additionally, a custom rule is set by IXON on the VPN server to allow communication between your system and all machines at the same time. Your system will be able to access, and be accessed from, everything that has an active VPN connection to the M2M Cloud Cluster. This includes IXrouters, IXagents, and users.

With connection method 2 (from behind an IXrouter), the IXrouter will make sure the VPN connection is always active and will automatically reconnect if the connection is ever lost. Additionally, a custom rule is set by IXON on the VPN server to allow communication between your system and all machines at the same time. Everything will be able to access, and be accessed from, everything that has an active VPN connection to the M2M Cloud Cluster. This includes IXrouters, IXagents, and users.

Communication method
Next is the communication method. In other words, how does your system know how to reach the devices behind the IXrouters. There are 2 communication methods:

1. Routing   2. Port forwarding

With communication method 1 (routing), which is only available for connection method 1 (using the OpenVPN client), all you need to do is add a route for every machine at the bottom of the OpenVPN certificate and restart your system’s VPN connection. For example, if the network behind the IXrouter is 192.168.140.x and that IXrouter’s VPN address is 10.187.100.1, then you add: route 192.168.140.0 255.255.255.0 10.187.100.1. This method requires each machine network to have a unique IP range or for each individual device to have a unique IP address. Your system will then communicate with each device’s local IP address. The routing makes sure it securely arrives at its destination and that any replies also securely find their way back to your system.

With communication method 2 (port forwarding) you add a port forwarding in each IXrouter. This VPN port forwarding automatically chooses a port to listen to, starting at port 2000. This in turn means that your system will then need to use this same port to communicate on, instead of the port that it may normally use. This method requires you to configure a custom port for your system or software to communicate on. Your system will then communicate with each IXrouter’s VPN address on the custom port. The IXrouter will then forward that traffic to the destination device at a port of your choosing and any replies will securely find their way back to your system.

FAQ

Is the M2M Cloud Cluster compatible with my system?

You'll need to meet the following requirements.

Requirements for communication method 1   Requirement for communication method 2

bulletpoint.svg Your system needs to be able to run the OpenVPN client (Windows, Linux, macOS).

bulletpoint.svg Additionally, each machine network needs to have a unique IP range or each individual device needs to have a unique IP address.		  

bulletpoint.svg You need to be able to configure a custom port for your system to communicate on.

Also, the network traffic sent to your machines needs to be compatible with our VPN connection. If you have been using IXON VPN without the M2M Cloud Cluster then it will also work with the M2M Cloud Cluster.

In more technical terms, compatible traffic over IXON VPN to an IXrouter includes unicast layer 3 traffic, UDP broadcast traffic, and select layer 2 traffic like Siemens’ PROFINET and B&R’s SNMP. Compatible traffic to an IXagent includes all layer 3 and layer 2 traffic. If you’re unsure about the compatibility, please contact us.

If you are interested in connection method 2, testing is required to verify the compatibility with your system. Please contact your IXON account manager or IXON distributor to discuss your use case.

Where will the M2M Cloud Cluster be located?

The M2M Cloud Cluster location is important. You’ll want it close to your office, your machines, or in-between both to provide the best connection and experience possible. Available locations to choose from:

  • Australia, Sydney
  • Austria, Vienna
  • Bulgaria, Sofia
  • Canada, Toronto
  • Finland, Helsinki
  • Germany, Frankfurt
  • Germany, Munich
  • India, Bangalore
  • India, Mumbai
  • Japan, Tokyo
  • Netherlands, Amsterdam
  • Singapore, Singapore
  • Switzerland, Geneva
  • Switzerland, Zurich
  • United Kingdom, London
  • United States, Atlanta
  • United States, Chicago
  • United States, Dallas
  • United States, Fremont
  • United States, New York
  • United States, Newark
  • United States, San Francisco
  • United States, San Jose

How many IXrouters can I connect to the M2M Cloud Cluster?

Up to 1500 IXrouters or IXagents can be connected.

Can I only connect some of my IXrouters to the M2M Cloud Cluster?

Yes. All IXrouters and IXagents in your IXON Cloud company will connect to the M2M Cloud Cluster. You can transfer IXrouters to another IXON Cloud company to exclude them from your M2M Cloud Cluster.

Does anything change for me in the IXON Cloud?

To enable communication between your system and all machines at the same time, a custom rule is set by IXON on your VPN server. This may change how the IXON Cloud works for you.

If you have chosen communication method 1 (using the OpenVPN client), everything (including IXrouters, IXagents, and users) that has an active VPN connection to the M2M Cloud Cluster will be able to access your system.

If you have chosen communication method 2 (from behind an IXrouter), everything (including IXrouters, IXagents, and users) that has an active VPN connection to the M2M Cloud Cluster will also be able to access everything else that has an active VPN connection to the M2M Cloud Cluster. If you didn’t grant a user access to those machines, they will not see those machines in the IXON Cloud, but they will still be able to access them.

Everything else remains the same.

When will maintenance take place on the M2M Cloud Cluster?

Occasionally, server maintenance is necessary on your M2M Cloud Cluster to make sure everything keeps running smoothly. Generally at most once a year. When maintenance is scheduled, IXON will inform you one week in advance. IXON will perform the maintenance and during this period the M2M Cloud Cluster may be unavailable. If the date/time is not suitable for you, please let us know so we can reschedule.

What is the delivery time of the M2M Cloud Cluster?

The delivery time of the M2M Cloud Cluster can be up to 3 weeks. This is necessary to schedule sufficient time to make sure everything is set up and working correctly.

Where can I get the M2M Cloud Cluster?

If you’re interested in the M2M Cloud Cluster, please contact your IXON account manager or IXON distributor to discuss your use case.

(Download as PDF)