Using a VPN Connection to Remotely
Access Lutron Systems
Revision B
November 2010
Lutron Technical Support Center
1.800.523.9466
Overview
This application note describes one method of configuring remote access to a Lutronsystem using an Internet connection to a Virtual Private Network (VPN) router. There are a number of VPN technologies with varying levels of cost and security. To facilitate easy configuration and deployment, this application note covers configuring a router to use Point to Point Tunneling Protocol (PPTP) for VPN access. Microsoft Windows XP®, Windows Vista®, andWindows®
7 have native client support for this type of VPN.
While PPTP VPN is not the most secure type of VPN available, it is more secure than exposing the homeowner’s system directly to the Internet. It should be noted that any time remote access is provided for a homeowner’s site there is a risk of having the network and equipment compromised by unauthorized access.
Key Terms
VPN Virtual Private Network
VPN Router A piece of hardware or software that provides a virtual connection through a public network (such as the internet) to a private network.
VPN Client Hardware or software that connects to a VPN router over a public network connection and provides an additional network connection to the private network which the VPN router is connected to.
ISP Internet Service Provider
Static IP An IP address assigned to a network computer or device which does not change at a given time interval or during the network connection process.
Dynamic IP An IP address assigned to a network computer or device which changes at a predetermined time interval or during the network connection process.
URL Universal Resource Locator: a readable name that represents a network IP address (i.e. google.com or myname.dyndns.org). A URL is often referred to as a host name or web address.
DNS Server A server on a public or private network that translates URL’s into network IP addresses.
Dynamic DNS A service that maps static or dynamic IP address to a URL.
Before You Begin...
In order to connect to a VPN router the VPN client must be able to find the VPN router. This is done with one of the 1.
following two options:
a. A static IP address from the client’s ISP. This address must be known to complete the setup and will be provided by the ISP.
b. An account with a dynamic DNS service. This application note uses DynDNS.org. This will allow the use of a host name (URL) instead of a static IP.
A VPN router.
2
Lutron Technical Support Center
1.800.523.9466
Configuring the Router
Setup a private network with the VPN router:
1. Follow the manufacturer’s instructions included with the router to
connect computers and other network devices to the router. Power up the router and access the router’s internal configuration pages.
Verify the VPN router has the latest firmware:
2. Once logged into the router’s configuration pages, ensure that
the Linksys® RV042 Firmware Version is version 1.3.9 or higher. If it is lower, do not proceed prior to upgrading the
firmware by following the manufacturer’s instructions. The current firmware version information can be found in the upper-right-hand corner of the configuration page.
Configure the VPN router for remote access:
3. There are only a few changes that need to be made to the router’s
default configuration in order to setup the router for remote access. Each change is listed below. a. Configure the VPN router’s network settings:
Note: The default LAN IP address is set to 192.168.1.1. If the VPN client computer is on a network with a different LAN IP address then 192.168.1.1 is fine. The PC using a VPN client will be assigned an IP address by the VPN router. If the home or office network uses IP addresses in the same range, the PC will get confused when you connect to the VPN router due to address conflicts. To alleviate address conflicts, Lutron recommends changing the LAN IP address to something more obscure. In this example, we will use 192.168.100.1 as the LAN IP address. i. Select the Setup tab from the top, and then select Network.
ii. Modify the network address as shown below. If the ISP provides a dynamic IP address the only field that will need modification is the Device IP Address field under the LAN Settings section. If this is the case skip to step iv after completing this step.
3
Lutron Technical Support Center
1.800.523.9466
iii. If the ISP does not provide a dynamic IP address, the VPN router must be configured for a static IP address. Change the WAN Connection Type for WAN1 as shown below and fill in the IP Address, Subnet Mask, Default Gateway and DNS Servers which the ISP has provided.
iv. NOTE: Make sure to click on the Save Settings button at the bottom of the screen. Otherwise the changes that have been made to the Network Settings will not be saved.
b. Configure Dynamic DNS Hosting Settings if necessary:
i. If the ISP provides a Dynamic IP address, a dynamic DNS service must be used (dynamic DNS services can be used with static IP addresses also). This can be done using an account with DynDNS.org. To configure a dynamic DNS service, click on the More…>> tab under the Setup tab. Click on the DDNS tab which will now appear under the Setup tab.
ii. Select DynDNS.org for the DDNS Service. Provide the correct User Name, Password, Host Name and Custom DNS settings for the DynDNS.org account being used.
4
Lutron Technical Support Center
1.800.523.9466
iii. NOTE: Make sure to click on the Save Settings button at the bottom of the screen. Otherwise the changes that have been made to the Network Settings will not be saved.
c. Configure VPN Access:
i. First select the VPN tab on the tab menu at the top of the screen and then select the PPTP Server tab under VPN.
ii. Check the box labeled Enable PPTP Server. The default Range Start and Range End fields should not need to be changed. Create a username and password that will be used to log into the VPN. Click Add to list.
iii. NOTE: Make sure to click on the Save Settings button at the bottom of the screen. Otherwise the changes that have been made to the Network Settings will not be saved.
5
Lutron Technical Support Center
1.800.523.9466
Configuring Your PC to Connect to the VPN Router
After the VPN router is successfully configured, you will need to create a Virtual Private Network (VPN) connection within Microsoft Windows®. This connection can then be enabled anytime you need to connect to the client’s network.
Instructions for Windows XP
®On the Windows desktop, right click the
1. My Network Places icon and select Properties. (Alternatively, open the
Control Panel and open Network Connections.) In the
2. Network Connections window, double-click on the New Connection Wizard.
In the
3. New Connection Wizard, advance to the Network Connection Type screen by clicking Next >. Select
6
Lutron Technical Support Center
1.800.523.9466
On the
4. Network Connection screen select Virtual Private Network connection and then click Next >.
On the
5. Connection Name screen type in your client’s name in the Company Name text field, then click Next >. If the
6. Public Network screen appears (some network configurations skip this screen) select the option Do not dial the initial connection then click Next >.
7
Lutron Technical Support Center
1.800.523.9466
On the
7. VPN Server Selection screen type in the static IP address of your client’s network or the DynDNS host name then click Next >.
If the
8. Connection Availability screen appears (some PC configurations skip this screen) select the desired availability then click Next >.
Click
9. Finish to complete the setup.
After finishing the
10. Connection Wizard, you will be prompted to enter the User name and Password. This is the same
username and password that you created in step 3./c./ii. under Configuring the Router. You will also notice that in the Network Connections box a new connection has been created. Use this connection next time you need to connect to this VPN router.
8
Lutron Technical Support Center
1.800.523.9466
Instructions for Windows Vista
®and Windows
®7
Open the
1. Control Panel and click on Network and Internet and then click on Network and Sharing Center.
In the
2. Network and Sharing Center click Set up a connection or network.
On the
3. Choose a connection option screen click Connect to a workplace and click Next.
On the
9
Lutron Technical Support Center
1.800.523.9466
On the
5. Type the Internet address to connect to screen type in the static IP address of your client’s network or the DynDNS host name into the Internet Address box. Type the name of the client into the Destination box and click Next.
On the next screen, type in the
6. User name and Password that you created in the router to log into the VPN. Click
Connect to complete the setup.
A new connection will have been created for the VPN. In the
7. Network and Sharing Center, click Connect to a
10
Lutron Technical Support Center
1.800.523.9466
Instructions
for
Apple iPhone/iPod Touch
Open
1. the “Settings” App. Click
2. on “General”.
Click
3. on “Network”.
Click
4. on “VPN”.
Click
5. on “Add VPN Configuration”. Select
11
Lutron Technical Support Center
1.800.523.9466
Enter the appropriate information, based on how you configured the VPN router. 7.
a. “Server” will be the IP address or Dynamic DNS name to access the router from the internet b. “Account” is the user name set up for the PPTP server on the VPN router
c. “Password” is the password set up for the user name on the VPN router Save
8. the VPN configuration.
Slide the “VPN” switch to the ON position (this establishes the connection with the VPN, if available). 9.
Once connected, there will be an icon at the top of the screen indicating the VPN session is active.
Launch
Lutron Electronics Co., Inc. 7200 Suter Road
Coopersburg, PA 18036-1299 U.S.A.
Made and printed in U.S.A. 11/2010 P/N 048-231 Rev. B
Using a VPN Connection to Remotely Access HomeWorks
®Illumination
TMOnce you have the VPN router configured and a VPN client connection setup within Microsoft Windows®, you can use
the VPN along with the HomeWorks Illumination software to connect to the client’s system remotely. The software will work just as if you were plugged into the processor through the network at the client’s site.
1. Connect to the client VPN by using the connection that you setup in the steps above. Enter your username and password when you are prompted for them.
2. Once you are connected to the VPN, launch the HomeWorks Illumination software and use it like you normally would if you were at the client’s site.
Using a VPN Connection to Remotely Access RadioRA
®2
RadioRA 2 Essentials and Inclusive software will not work over a VPN connection. To achieve remote access, an on-site PC running the RadioRA 2 Essentials or Inclusive software must be used. Once the VPN connection is
established, the remote PC can connect to the on-site PC using “Remote Desktop Connection” or similar software and then access the Lutron system using the RadioRA 2 Essentials or Inclusive software on the on-site PC.
Using a VPN Connection to Remotely Control
RadioRA
2 or
HomeWorks
Illumination
using
Apple iPhone/iPod Touch
Applications
The Lutron iPhone/iPod Touch Applications can be used to remotely control RadioRA 2 and HomeWorks Illumination
software when a VPN connection is established.
1. Connect to the client VPN using the iPhone/iPod Touch.
2. Once you are connected to the VPN, launch the Lutron iPhone/iPod Touch Application and use it like you normally would if you were connected to the local network.
For detailed information on setting up and using the Lutron iPhone/iPod Touch Applications, please refer to the following:
RadioRA 2: http://resi.lutron.com/Portals/4/docs/appnotes/RadioRA 2 iPhone iPod Touch App guide - revision B.pdf HomeWorks Illumination: http://resi.lutron.com/Portals/3/Support/App Notes - FAQs/048-244a.pdf
Trademarks
Microsoft Windows, Windows Vista, and Windows XP are registered trademarks of Microsoft Corporation, Redmond, Washington. Linksys is a registered trademark of Cisco Systems, Inc., Irvine, California.
Apple, iPhone, and iPod touch are trademarks of Apple Inc., registered in the U.S. and other countries.
Lutron, HomeWorks, RadioRA, and the Lutron logo are registered trademarks, and Illumination is a trademark of Lutron Electronics Co., Inc.
Lutron Contact Numbers
WORLD HEADQUARTERS USA
Lutron Electronics Co., Inc. 7200 Suter Road
Coopersburg, PA 18036-1299 TEL: +1.610.282.3800
FAX: +1.610.282.1243 Toll-Free: 1.888.LUTRON1
Technical Support: 1.800.523.9466 intsales@lutron.com
North & South America Technical Hotlines USA, Canada, Caribbean: 1.800.523.9466 Mexico: +1.888.235.2910 Central/South America: +1.610.282.6701 EUROPEAN HEADQUARTERS United Kingdom
Lutron EA Ltd. 6 Sovereign Close
London, E1W 3JF United Kingdom TEL: +44.(0)20.7702.0657
FAX: +44.(0)20.7480.6899 FREEPHONE (UK): 0800.282.107 Technical Support: +44.
(0)20.7680.4481
lutronlondon@lutron.com
ASIAN HEADQUARTERS Singapore
Lutron GL Ltd. 15 Hoe Chiang Road #07-03, Tower 15 Singapore 089316 TEL: +65.6220.4666 FAX: +65.6220.4333
Technical Support: 800.120.4491 lutronsea@lutron.com
Asia Technical Hotlines
Northern China: 10.800.712.1536 Southern China: 10.800.120.1536 Hong Kong: 800.901.849
Indonesia: 001.803.011.3994 Japan: +81.3.5575.8411 Macau: 0800.401 Taiwan: 00.801.137.737 Thailand: 001.800.120.665853 Other Countries: +65.6220.4666
