Overview
This article provides guidance on troubleshooting connectivity issues with EWON Cosy 131 VPN devices used for remote access to production equipment via the Talk2M cloud service. It focuses on common causes related to network configuration, firewall settings, and VPN connection protocols.
What is EWON Cosy 131?
EWON Cosy 131 is an industrial VPN device that enables remote troubleshooting by connecting production machines to the internet through a secure VPN tunnel. BestPack’s technical support team accesses these devices remotely via the Talk2M cloud VPN service to assist with machine diagnostics.
Common Causes of VPN Access Issues
1. EWON Device Configuration
Ensure the EWON device is configured using the latest eBuddy and eCatcher software.
Confirm LAN and WAN port assignments are correct (WAN ports typically highlighted in red, LAN in green).
Verify the internet connection settings (DHCP or Static IP) are correctly configured.
Confirm the activation key for Talk2M VPN access is properly generated and applied.
2. Firewall and Network Restrictions
Firewall rules must allow outbound connections to Talk2M servers:
Whitelist the domain
*.talk2m.comfor:TCP port 443 (HTTPS)
UDP port 1194 (OpenVPN)
If wildcard domains are unsupported, whitelist individual Talk2M servers such as:
as.pro.talk2m.comdevice.api.talk2m.comclient.vpnX.talk2m.com(where X is the VPN server number)
Disable or exclude Talk2M URLs from Deep Packet Inspection (DPI) or SSL/TLS inspection in firewalls or antivirus software to prevent certificate errors.
Proxy servers, if used, must permit outbound TCP 443 traffic to Talk2M domains.
3. Talk2M Access and VPN Servers
EWON devices first connect to Talk2M Access Servers to discover which VPN server to use.
Blocking access to Access Servers prevents VPN connection and disables remote communication.
Validate DNS settings on the EWON device to ensure Talk2M domains resolve correctly.
Use the Talk2M connection checker tool to test network accessibility.
4. VPN Connection Tests and Failover
EWON performs a UDP connection test on port 1194; if this fails, it attempts TCP port 443.
Both UDP 1194 and TCP 443 outbound traffic must be permitted.
TCP port 80 tests may be performed during setup but are not mandatory for VPN connectivity.
5. Other Considerations
EWON devices perform NTP time synchronization after reboot; UDP port 123 should be accessible.
Firmware updates and Talk2M server changes may require firewall updates.
Troubleshooting Workflow
Verify EWON device setup: Check configuration using eBuddy and eCatcher software.
Confirm firewall/proxy rules: Ensure all required Talk2M domains and ports are allowed outbound.
Check for SSL interception or DPI: Disable SSL inspection for Talk2M domains.
Use Talk2M diagnostic tools: Analyze connection logs and error messages.
Coordinate with IT teams: Engage network and security teams for firewall or proxy changes.
Escalate if needed: Request updated certificates or network configurations from HMS Networks support.
Comments
0 comments
Article is closed for comments.