Reach every device in your plant — securely, from anywhere
Mirox gives your team a single, audited path to the real devices on site: a personal VPN for any tool, and an agentless browser proxy for device web interfaces. No more separate dial-ups for every plant.
One personal profile for every plant
Each user issues a single personal certificate that reaches every plant network they are authorized for. The reachable routes are derived automatically from their roles — when access ends, the route disappears.
- One certificate per user — the private key never leaves the device
- Routes managed automatically from your roles and cooperations
- Reach inverter, tracker, logger and control-cabinet UIs, SSH and Modbus tools
- Multi-region failover, read-only by design
Device web interfaces without a VPN client
Open the original web interface of an inverter or datalogger straight from your browser over a unique <id>.proxy.mirox.io address. Nothing to install, with device passwords kept in an encrypted vault.
- Agentless — just your Mirox login and a browser
- The original device UI, including live streams and file uploads
- Encrypted credential vault — no plaintext passwords passed around
- Each web target can be enabled or disabled individually
VPN or Browser Proxy — when to use which
| Personal VPN | Browser Proxy | |
|---|---|---|
| Best for | SSH, Modbus, scripts, any tool | Quickly opening a device web UI |
| Setup | Install one VPN profile | Nothing — just a browser |
| From any machine | Your own device | Any browser with your login |
Audited and compliant by default
Remote access is one of the tasks Mirox handles for you — and it is built to stand up to scrutiny.
Full audit trail
Every VPN (Layer 3/4) and proxy (Layer 7) session is logged: who connected, which device, which pages, how much data.
KRITIS & NIS2 ready
Tamper-resistant records retained for at least 730 days, visible only to the plant operator.
Role-based access
Access follows the same organization, job-role and cooperation permissions as the rest of the platform.
Read-only by design
Mirox never writes to your devices — access is for diagnostics and configuration through the device’s own login.
Frequently asked questions
Can I open an inverter web UI without installing anything?
Yes. The agentless browser proxy opens the device’s original web interface over a unique *.proxy.mirox.io URL using only your Mirox login.
Is the remote access KRITIS- and NIS2-compliant?
Every VPN and proxy session is captured in a tamper-resistant audit trail retained for at least 730 days, accessible only to the plant operator.
What happens to access when a colleague leaves?
Access follows permissions. When a role or cooperation ends, the route disappears automatically and open connections drop at the next sync.
Do I need a separate VPN profile for each plant?
No. One personal certificate reaches every plant you are authorized for; the private key is generated in your browser and never stored by Mirox.
Ready to Simplify Your Operations?
See how Mirox can bring your team together and save you money. Free pilot available — connect your first plant at no cost.