1. Description
This description applies to the web.direct integrated in DevicePro and mCOP 2.0
1.1 What can 'web.direct' be used for?
With web.direct, users have the ability for easy remote access via a specific HTTP or HTTPS port to a web server in the mobile network, for example:
- Mobile routers
- Cameras
- Data loggers
- Control systems (e.g. XWEB500).
- Web servers (e.g. IIS, Apache, NGINX ...)
- etc.
Remote access via web.direct occurs without the need for a publicly accessible IP address or an additional VPN connection. Furthermore, the URL associated with this web.direct link can be used in a web browser, even outside the mCOP 2.0 or DevicePro environment. This flexibility ensures that users can manage their devices from different locations without being tied to specific software.
1.2 What security does web.direct provide?
Devices are protected from threats and risks from the internet, such as cross-site scripting attacks, port scans, search engines, and more, through appropriate security settings of web.direct.
Through individual user authentication, the web.direct links can be used securely.
1.3 How web.direct works
The following explains the basic operation of web.direct for remote access to an HTTP/HTTPS web interface of a device in the mobile network in detail.
Requirements:
- The mobile router uses a Wireless Logic SIM card in SIMPro, which is activated for DevicePro. Alternatively, an mdex SIM card (mCOP) with the mdex fixed.IP+ IP service can be used.
- For remote access to a connected device (e.g. camera, solar logger, ...) at the mobile router, port forwarding for the required HTTP/HTTPS port must be set up in the router.
- The web.direct link must be set up for the corresponding HTTP/HTTPS port.
- The PC or smartphone from which remote access is to take place must have an internet connection.
Operation:
- To access the web interface remotely, use the URL of the web.direct link in the browser of your PC or smartphone, which only requires internet access.
- The browser establishes a connection to the mdex gateway via the web.direct URL.
- The mdex gateway receives the authentication request. Depending on the security option set, authentication occurs either automatically or through additional user authentication.
- The mdex gateway forwards the request to the (private) IP address of the SIM card and thus to the mobile router.
- The mobile router forwards the HTTP/HTTPS port specified in the web.direct link to the connected device via port forwarding.
- The connection to the web interface of the mobile router or the connected device is now established.
1.4 Supported web.direct protocols
Remote access to devices is only possible via a specific HTTP/HTTPS port to devices with a web interface (web server). This includes, for example, router configuration interfaces, controllers, cameras, and similar devices. However, it should be noted that cameras that transmit their live images via the Real Time Streaming Protocol (RTSP) are not supported. Some cameras, however, offer an alternative solution using WebSockets.
| Supported web.direct Protocols | |
|---|---|
| HTTP | Yes |
| HTTPS | Yes |
| WebSocket (WS) (1 | Yes |
| WebSocket Secure (WSS) (1 | Yes |
| Real Time Streaming Protocol (RTSP) | - |
| FTP | - |
| SSH | - |
| SMTP | - |
| Other Protocols | - |
1) Some devices, such as certain webcams and data loggers, require the WebSocket protocol for bidirectional communication, which is now supported. When using the traditional 'web.direct (legacy)', some content in the web display may have been missing.
1.5 Comparison 'web.direct (legacy)' → web.direct
Below are the differences between the traditional web.direct (Legacy) and the web.direct available for mCOP 2.0 and DevicePro:
| Function: |
web.direct (legacy) |
web.direct (mCOP 2.0 / DevicePro) |
| Direct Links | Yes | Yes |
| Login Links | Yes | Yes |
| URL Parameters (1 | Yes | - |
| WebSocket (WS) | - | Yes |
| WebSocket Secure (WSS) | - | Yes |
| Individual Link per Device (2 | - | Yes |
| Two-Factor Authentication | - | Yes |
| Optional SSL Certificates (for End Devices) | - | Yes |
| Additional URL Path (3 | - | Yes |
| Temporary Links (4 | - | Yes |
1) The URL can be manually adjusted for protocols/ports (e.g. port -p, protocol -s, caching -c).
2) In 'web.direct (legacy)', the web.direct links are accessible via all devices (accesses) in the 'mdex VPN'. With web.direct, individual links can be specifically assigned to a device.
3) A path is appended to the URL of the web.direct link to access specific pages. It must start with /, e.g. /motor.
4) Temporary web.direct links can be created under the link timeout and are only valid for a specific period.
2. Setup and Operation
The configuration of web.direct 2.0 is done in the mCOP portal or in SIMPro under DevicePro.
The templates of web.direct are managed in the "web.direct" section. Here are the details for the web.direct options and settings:
- web.direct Templates
- web.direct Settings: Link Display
- web.direct Settings: Browser -> mdex Gateway
- web.direct Settings: mdex Gateway -> End Device
Below you will find more information about setup and operation:
- How to activate web.direct?
- How can a web.direct link be adjusted?
- How is remote access via web.direct link carried out?
- All further information can be found under web.direct.