Use Edge Lite as a Building Management System (BMS) Remote Access Gateway

Use Edge Lite as a Building Management System (BMS) Remote Access Gateway

Introduction

Big Network Edge Lite is an ideal remote access gateway for building management systems (BMS) including HVAC, Security, Access Control, Video Surveillance, and IoT Sensors. Using Edge Lite, you can deploy a clear point of demarcation between network segments, isolate BMS devices to their own network / subnet / VLAN, and enable remote access at Layer 2, all without the need for public IP addresses or port forwards.

Design Diagram / Application Concept


This solution provides an isolated network segment for Remote Sensors, BMS Workstation, Access Control Systems, Security Systems, and Video Surveillance. Edge Lite provides a gateway / NAT / DHCP function, leveraging the Site's existing Broadband ISP connection. Remote Technicians, staff at HQ, NOC, or SOC can remotely access these BMS devices via Big Apps for Windows, Mac, iOS, and Android via a Secure Cloud Network. Edge Lite does not require any Public IP Addresses or Port Forwarding. Staff can obtain simple and secure Layer 2 remote access to the BMS elements.

Design Implementation and Configuration

Step #1: Define a Cloud Network

Start by creating a “Cloud Network”. A Cloud Network is a collection of devices that share a common Layer 2 network. Devices joined to a Cloud Network have complete access to each other. Communication between devices via a Cloud Network is completely secured using encryption. 

  • Navigate to Cloud Networks
  • Click on “Create Network”; a wizard will appear to collect details about your Cloud Network.
  • Provide a Name and Description for your Cloud Network
  • Click “Next”
  • Define an IP Address Pool - An IP Address Pool is used by a Cloud Network to assign IP addresses to devices as they join the Cloud Network.
    • The Address Pool Range should be your non-DHCP, non-overlapping IP addresses reserved - in this example 192.168.250.200-250.
  • Click “Next”
  • Define access to the Cloud Network - Existing users may be granted access to the Cloud Network, or you may invite users to join by email address.
  • Click “Next”
  • Now finalize
  • To proceed, click “Create”
  • To proceed, click “Network”
  • With a Cloud Network defined, you can link Users with Big Apps and real-world network ports with Edge Lite.

Step #2: Bridge Cloud Network to Edge Lite LAN Port to Create BMS Network Segment

If you have not yet on-boarded your Edge Pro or Edge Lite, please follow our Guides to on-board the devices.
Connecting physical ports on your Edge Pro to Cloud Networks create the final “gateway” connection needed to extend your physical network to a Cloud Network. 

  • Navigate to “Edge Devices”
  • Select “Configure” next to the Edge Pro / Lite you want to use.
  • Select “Networks” to see configured Networks on the device.
  • Select “Edit Config”
  • Select “Create Local Network”
    • Provide the Network a Name.
    • Provide at Network IPv4 Address of the subnet in use: e.g. 192.168.250.0/24.
    • Click “Confirm”
  • Expand the newly created network; Select Local Services:

    • Add an Internet Breakout Service - The Service IP will be 192.168.250.1

    • Add a DHCP Service:

      • Choose a pool suitable for this site - i.e. the "subnet" is 192.168.250.0/24, so 192.168.250.50-199 is reasonable. Adjust as you like.

      • Click Apply

  • Expand the newly created network; select “Connection”
    • In “Connected Cloud Network” select the Cloud Network you defined in Step #2.
    • In “Connected LAN Interfaces” select the physical ports you with to use with your existing network.
  • Click “Validate” to validate the configuration.
  • Click the “Pending Changes” gear to review configuration changes.
  • Click “Apply” to Apply the configuration changes.
  • Click “Back”.
  • Click “Config History” to observe the configuration being applied to Edge Pro. When the new configuration’s checkbox turns from Blue to Green, you know the new configuration is applied.

Step #3: Use Big Apps

Once your Cloud Network is defined, you will need to download and install Big Network’s Apps to join your Cloud Networks. 

Step #4: Test Connectivity

Connect your BMS related devices to the LAN port of Edge Lite. They will be provided IP addresses in 192.168.250.0/24 via DHCP.
Once you have joined a Cloud Network, you can now access resources available across the network as though you were on the same Local Area Network (LAN). For example, if you had a web server running at 192.168.250.199, you should be able to access your server from a remote device joined to the cloud network at http://192.168.250.199


    • Related Articles

    • Remote Access (VPN Substitute)

      Introduction Use this Configuration Guide to setup Remote Access using Big Network. Remote Access with Big Network is an ideal substitute to the traditional VPN. Design Diagram and Concept of Operation Design Diagram / Application Concept In this ...
    • Edge Lite On-Boarding Guide

      Introduction This guide is designed to assist with the Edge Lite on-boarding process. Assumptions Device Model: Edge Lite Facility Requirements: Available Internet access service with DHCP WAN addressing (see below for Static WAN IP) Existing Big ...
    • Deploying Resilient Internet Access with Edge Pro

      Introduction Big Network Edge Pro is the ideal platform to provide resilient Internet Access to offices, branches, or remote locations. Sites seeking high availability of Internet access can use Edge Pro to "abstract" underlying ISPs, such as mobile ...
    • Extending AWS VPC using Big Network and Edge Lite

      Introduction In a prior blog post, we discussed how Big Network extended AWS’ Virtual Private Cloud (VPC) to Digital Ocean. Today, we are going to explore strategies to extend AWS VPC on-premise using Edge Lite. Organizations that are looking to ...
    • High Availability Networks with Edge Pro and Edge Lite

      Introduction Big Network's Edge Pro and Edge Lite include multiple high availability features to assist network architects and engineers in achieving Service Level Objectives (SLOs). These capabilities are realized by applying various policies to ...