6 software firewall configuration, 7 data security and encryption, 2 installation – Maretron INTERNET PROTOCOL GATEWAY IPG100 User Manual

®

®

If you wish to connect to an N2KServer

®

from outside your vessel’s LAN via an Internet

connection, you have two choices. First, you can request a static IP address from the ISP for
your vessel; secondly, you may register your N2KServer

®

’s IP address with a “dynamic DNS

service”, such as the ones offered freely by www.dyndns.org, among others. Please visit their
websites for more information on how dynamic DNS services operate.

1.7.6 Software Firewall Configuration

If you wish to run N2KView

®

and N2KServer

®

on two separate computers and are running a

software firewall product other than Windows Firewall, please read this section. Otherwise,
you may skip this section.

A fire

nt

uter

ur

s

these adjustments to the Windows Firewall software when it is installed. If you are running

ave to configure your firewall software to

urity concerns.

irst, it is desirable to keep anyone from viewing your vessel’s data without authorization.

ace

erver component and any N2KView

®

tation components is protected using industry-standard SSL encryption. This encryption

m encryption key every time a connection is established. This

makes the data secure over public and private Wi-Fi networks, as well as the internet.

rver server over the encrypted communication link.

he N2KServer compares the server password to the one it was programmed with. Only if

hen unpacking the box containing the Maretron IPG100, you should find the following items:

wall is designed to protect your computer from unfettered access from the Internet.

There are two kinds of firewalls: software and hardware. A software firewall is a compone
such as Windows Firewall or Norton Internet Security. A major function of these programs is to
allow your computer to initiate connections out onto the Internet, but to block your comp
from receiving incoming connections from the Internet. If you wish to be able to view yo
vessel’s data from another computer, your N2KServer

®

computer’s software firewall must be

configured to allow incoming connections from N2KView

®

stations. The N2KServer

®

make

firewall software from another vendor, you may h
allow this incoming TCP protocol connection on port 6544.

1.7.7 Data Security and Encryption

Making your vessel’s data available over a LAN or WAN presents multiple sec
F
Second, and more important, it is imperative that no unauthorized persons be able to pl
data onto your vessel’s NMEA 2000

®

network.

The N2KView

®

system protects your vessel’s data with multiple levels of protection.

First, any data that passes between the N2KServer

®

s

s
standard is widely used to protect financial information on the internet. Each communication
session negotiates a rando

Second, each N2KView

®

station that wishes to connect to an N2KServer

®

server component

must authenticate itself by means of a server password. The server password is transmitted
by the N2KView

®

station to the N2KSe

®

®

T
the server password received from the station matches the server’s stored password is the
station granted access to the NMEA 2000

®

network data.

2 Installation

2.1 Unpacking the Box

W

Revision 1.2

Page 7