Welotec Remote Access Portal -
Remote maintenance rethought

With the Welotec Remote Access Portal (RAP), we offer system operators and machine builders a new type of remote maintenance.

With the Welotec Remote Access Portal (RAP), we offer system operators and machine builders a new type of remote maintenance. In addition to highest security, the focus is on maximum convenience, two things that usually do not go well together. For this purpose we have developed a system that automates the entire configuration of the VPN infrastructure after initial setup. Users do not need any IT knowledge and can concentrate entirely on their core area. The days of manual routers and VPN configuration are finally over.

Welotec Remote Access Portal

What can you use the Welotec RAP for?

  • Remote maintenance
  • Installation of patches, firmware updates, configuration, projects
  • Predictive Maintenance
  • Machine Learning
  • Connection OPC UA Server
  • Connection to Monitoring System
  • Data acquisition

Further advantages of the portal

  • System runs in the customer's infrastructure - thus guaranteeing data integrity
  • System can also run in private networks
  • You have complete control over your data and applications
  • Connection to monitoring via simple VPN tunnel
  • No Internet connection necessary
  • Own CA (certificate authority) usable

Remote access with just one click

Automated Routing

Automated Routing

Automated certificate generation

Automated certificate generation

Automated rollout of VPN configuration

Automated rollout of VPN configuration

Automated firewall rules

Automated firewall rules


Welotec RAP Remote Access Portal PKI Firewall

Structure of the Remote Access Portal

The Welotec RAP consists of different components that are all connected by the Welotec SMART EMS. The Welotec SMART EMS is the core component of the Welotec RAP and enables automated router configuration including VPN connectivity.

Further components of the Welotec RAP:

  • Automated certificate generation and management via integrated Public Key Infrastructure (PKI)
  • Provision of the secured VPN infrastructure via integrated firewall
  • User interface for overview of VPN access points and end devices
  • Industrial VPN Router of the TK500 or TK800 series
Welotec Remote Access Portal TK500 TK800 LTE VPN ROUTER

The Welotec RAP is compatible with our TK500 and TK800 routers, which offer several interesting remote access features:

  • Automated configuration: once set up, the system is scalable
  • Zero-Touch Provisioning: Router get your configuration incl. certificates automatically
  • Central administration of all routers possible
  • Firmware and configuration rollout
  • LTE or WAN connection usable (also available as pure WAN router)

The Welotec RAP uses 1:1 NAT within the VPN connection

1:1 NAT - connection to the end device and not only to the router

The Welotec RAP uses 1:1 NAT within the VPN connection and thus connects directly to the end device and not to the router. This eliminates the need for complex port mapping for configuration ports of connected devices.

The unique addressing by the 1:1 NAT also has advantages in series machine construction, where identically configured machines are often delivered. The components in the machines always have the same IP address, but an address conflict is avoided by the virtual address ranges.


Welotec RAP IT Security

IT security

Encrypted connection between user VPN endpoint with direct access to end devices

● Next Generation Encryption - Encryption according to current BSI standard
● End to end encryption
● Connection must be initiated by the user - Security by Default
● Data remains in customer infrastructure - Ensuring integrity and confidentiality
● Concept easily realizable in private networks


Welotec RAP Remote Access Portal can be used worldwide

Worldwide use

The RAP works with our TK500 and TK800 LTE routers. Both router series are very extensive and offer devices with special mobile radio modules and certifications for use all over the world.


Welotec RAP - zero touch provisioning

Zero Touch Provisioning

Mount the router, connect the antennas and supply the device with power - done!

Zero Touch Provisioning (ZTP) enables plug-&-play even in complex networks.

● Cost and time savings through automated processes
● Low personnel requirements and administrative expenditure
● No trained personnel required for commissioning or configuration on site
● High security level through centrally controlled configuration


Welotec RAP Access Control

Access control

● User administration with access control to device types
● Grouping by application / customer (sites)
● End-to-end connection guaranteed by separate VPN instances and firewall rules
● User structure with different correction levels
● Logging of all VPN accesses


Setup and Rollout

With the Welotec RAP you can simplify the setup and rollout of your network as well as its administration.

One-time setup:
First, a VPN structure is set up and the Welotec RAP itself is installed. Then the templates for your infrastructure, i.e. for your terminals and routers, are defined.

Rollout:
After the import of electronic delivery notes, the automated certificate generation and assignment takes place. Then both the OpenVPN connections and the routers are automatically configured.