Dynamic VPN - VPN on demand
In certain industrial IoT settings there are limitations with regards to the use of VPNs. Having many different device vendors opening virtual private networks could be considered a security risk. On the other hand, VPNs can be highly valuable to debug device misbehaviour or to troubleshoot as well as potentially accessing applications on the remote edge devices.
For these cases qbee.io has created the dyncamic VPN or "VPN on demand". In our solution the VPN is already integrated and it works out of the box independent of network infrastructure or if you have a fixed IP or not. But the qbee embedded edge device configuration management solution is not relying on the VPN. Thus it works independently and can be used to enable or disable the VPN dynamically.
What is a VPN on demand?
qbee.io allows you to enable or disable the VPN functionality on a device or group level dynamically. Turn it on when needed and switch it off again afterwards for additional security.
In the "Configuration -> settings" menu there is a toggle called "enable remote console". Set this for the correct device or group level. Then save and commit and wait for 2 agent runs to activate this.
How to toggle the VPN:
In "Configuration -> settings" toggle "enable remote console" for the device or group level that you want to set this. Then save and commmit. After 2 agent interval runs (also defined here) the VPN should be available. Please be patient. This can take 10 minutes. This will be improved in the future.