This article explains the difference between TCP and UDP when selecting the protocol to use for the Talk2M VPN tunnel. It also describes how to verify and change which one the Ewon is using.
APPLICABLE PRODUCTS
Cosy 131
Cosy+
Flexy 20x Series
Table of Contents:
Which Protocol Should I use for my VPN?
Which Protocol Should I use for my VPN?
When using the Ewon product line, you will have the ability to set a VPN tunnel for remote access. Our Talk2m VPN tunnel utilizes one of two different protocols to establish the tunnel. One is UDP (Port 1194), and the other is TCP (Port 443). Choosing the best protocol depends on a number of factors, but UDP typically offers the best performance for a VPN service and is the go-to choice except for some special circumstances.
Characteristics
UDP
UDP is a datagram-oriented protocol. The protocol does not utilize any handshaking, and is a connectionless protocol. It is faster, simpler, and more efficient than TCP. UDP is lightweight, and has no overhead on the network. There is no sequencing of data and an 8 byte fixed length. The data is not retransmitted in case of lost packets and does basic error checking using checksums. UDP is a suitable choice for noise-isolated environments and stable internet connections.
TCP
TCP is a connection-oriented protocol. The protocol utilizes handshaking such as SYN, ACK, and SYN-ACK for communication. TCP is a slower, but more reliable than UDP. TCP is heavy-weight, and has low overhead on the network. There is a sequencing of data when transmitting and it has a 20-60 byte variable length header. Retransmission is possible in the case of lost packets and it utilizes extensive error-checking mechanisms. It provides flow control and acknowledgement of data. TCP is a suitable choice for networks with high noise/interference and with less than stable internet connections.
Choosing
Generally, we recommend using UDP which the Ewon attempts to use by default. This is typical of VPN services as it is faster and uses less data. There are, however, some specific scenarios that may require TCP. For example, when using certain firewalls or Rockwell Automation devices which we have found to perform better using TCP.
Setting the Protocol
Overview
When using the VPN/Talk2M Wizard, it will test the VPN using UDP. If this fails, it will attempt to use TCP as a backup. You have the option to force TCP only if your application requires it. Once the VPN is successfully configured in the Wizard, it'll continue to use the protocol that was selected unless it is changed manually. The results of the Wizard confirm which protocol the Ewon is set to use.
Forcing TCP in setup Wizard
This option will work on all Cosy and Flexy models.
- Go to the Talk2M Wizard in the web interface.
- Register the hardware with your chosen registration method (Ewon Name, Activation Key, Validation) and select the Next button.
-
On the next page you will see a section labeled Advanced parameters. In this section next to the word View, select the checkbox.
-
You will see more options appear. Select the Force To TCP checkbox then click Next.
- Finish the rest of the Wizard. If everything is successful, the Ewon will force over to TCP. The results of the Wizard confirm which protocol the Ewon is set to use.
Manual Update - Cosy
If you don't want to use the Wizard again or wish to view the current VPN configuration, you can still view the parameters within the Cosy's web interface.
-
Load the webpage of your Cosy.
-
Go to Setup->System->Storage.
- In the submenu that appears, go to Tabular edition->Edit COM cfg.
-
Once the page loads, you will see a list of parameters. There is a search bar at the top. Search for and update the following parameters for your desired protocol. Type in both parameters before clicking Save or you will lose connection. Updating these parameters will require you to reopen the VPN connection.
Parameter TCP UDP VPNPortOut 443 1194 VPNProto 1 0 -
Click Save then reboot the device. If you are connected via eCatcher, you will have to disconnect then connect again.
Manual Update - Flexy
If you don't want to use the Wizard again or wish to view the current VPN configuration, you can find it within the Flexy's web interface. The process for a Flexy unit is identical to the Cosy, however it can be done using the GUI menus which is outlined below.
- Load the webpage of your Flexy.
- Go to Setup->System->Communication
- In the submenu that appears, go to Networking->VPN Connection->Global
-
On this page, you need to update two parameters: Port Out and VPN Protocol.
DO NOT UPDATE ANYTHING OTHER THAN THESE TWO PARAMETERS. - Change Port Out to 443 for TCP or 1194 for UDP. Under VPN Protocol, select TCP or UDP.
-
Click Update at the bottom then reboot the device. If you are connected via eCatcher, you will have to disconnect then connect again.
ADDITIONAL INFO
KB-0209-00 - Addresses and ports used by Talk2M