VPN Hardware/software

I am networking newbie, so please bear with me..

i think i have this but am looking for some clarification.

I have a PLC and an HMI running over ethernet, i am looking to control this set up remotly via high speed internet. This PLC and HMI are on there own network, NOT connected to the plant network in any shape or form. To connect them to the 'net i will be using a wirless high speed connection with a static IP. I do not want to leave a computer at the plant so again there will be a Broadband router connected to the wireless high speed and the plc and hmi..

I think i require a hardware VPN "Module"(For want of a better word), or can this be set up in the router?

The router i am using will let me "VLAN" a connection to a specific IP addy..so if i choose my PLC and open that port (I forget the port number i require but i have it written somewhere in my notes) then i cannot open the same port for my HMI..This is telling me that i need something else there to connect to.

The other question i have is if i leave a PC there and tunnel into it do i need Linx there or can i use the linx on the remote system...this is all very confusing to a dumb old electritian like me...

Thanks

Darren

PS if i have to leave a lap top there i can but then i guess i need to install some software on it??

Thanks

Do you already connect to the PLC/HMI locally by ethernet ?
If so, you only need to get the VPN connection configured in the router at plant side, and connect from office side. See that you get a router that can set up VPN connections.
The idea of VPN is that your are "virtually" on the same physical network when connected. So the HMI/PLC won't notice any difference when you are connecting either locally or by VPN.

Perhaps you can configure different ports to use for the PLC and HMI ?

There are basically two ways to make remote connections. The first is a VPN (Virtual Private Network) and the second is VNC (Virtual Network Connection). With a VPN you make a connection to the remote network and your computer becomes part of that network. With VNC you make a connection with a remote computer and you interact with that computer as if you were sitting in front of it.

VPN can be hardware or software based. I find the hardware versions to be easier to set-up. I have not tried protocols other than TCP/IP over VPNs (not all PLCs use TCP/IP).

VNC is software based. You have a software package running on both computers, you use the software to make the connection, then video from the remote computer is sent back to you and your keyboard and mouse clicks are sent to the remote computer.

I have used this VPN router before – http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&cid=1123638171675&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=7167522279B09

I use this VNC software - http://www.uvnc.com/index.html

OK i ended up with a linsys VPN router, when i "turn on" the VPN feature and enter a user name and password it wants to change its IP addy to 10.x.x.1 and that means i have to change my PLC and HMI IP addy's to, No problem, However when i do nothing will comunicate with anything...i can see the devices in RSlinxs but i cannot connect to them?? My HMI just shows everything with ???? inside the boxes and if i try to "test" the display in rsview ME i get the same...(This is plugged directly into the router..i havent even tried doing remote yet..)

Can anyone think of something i am missing??..also if i leave the Ip addies as they were 192.168.x.x everything works between the HMI and the PLC..the puter cant see an of the devices in linx tho...

Thanks

:?

What model router are you using?

What wants to change it's IP address?

ended up with a WRV54G. The router wants to change its own IP address to 10.x.x.1. It says it wants to change the address to avoid conflics on the remote network...

mmmmmmm..just thought of something..let me see if it works...

Since most routers use 192.168.x.x it makes very good sense to use 10.x.x.x for your network. That said, a lot of routers also use 10.1.1.x as default, so you're best off with something that is not 10.1.1.x and using a class C subnet (unless you need more).

PS> To get a class C subnet use a netmask of 255.255.255.0.

ok here is where we are now...

1 changed the ip address of the router back to 192.168.x.x and now the plc and panelview are quite happy..however i connect to the router and get my address of 192.168.x.x and i cannot see anything in linx...

if i reset the router to default..everything is fine..i can see and browse in linx the plc and hmi communicate and i can go on line..

when the router changes its ip addess becouse i turn on the VPN feature the plc and hmi still communicat..(They still have a 192.168.x.x address) however i cannot see or go on line with them..when i change the PLC and hmi address to 10.3.x.x i can see in linx and rsstudio but cannot go on line..

i am just about to start beating my head against the wall!!!

Or perhaps the router against the wall would be more of a stess releaver...

Thanks

D

Have you tried doing the items listed under #6, Appendix A:Troubleshooting in your owners manual?

Tark said:

Have you tried doing the items listed under #6, Appendix A:Troubleshooting in your owners manual?

Click to expand...

yep i tried all of that, i also went through and diabled all the firewall settings, i was on site today and found out that if my HMI and PLC are using 192.168.0.x and the router was configured for 192.168.1.x i could not see anything in linx, If i forced a static IP on my laptop (192.168.0.x)and disabled DCHP on the router i could see everything on linx, now with the config like this i can connect to the router over a VPN no problem, however i again cannot see anything in linx, so i tried to change the routers address to 192,168.0.x . locally i can see everything in linx but cannot connect with the VPN, according to on line help the remote ip cannot be on the same subnet as the local.....\

mmmmm

d

ok i got it working..i can now connect with the network from remote.howver none of the devices can bee seen in linx i can ping the PLC but get no response from the HMI. if i open rsview and use the comms driver in there i can see the plc and can succesfully test a page. However i still cannot see the HMI...

This caused me to drive back to site to make sure it was still up and running..it was..i double checked the ip address of the hmi and i had it correct when i tried to ping..

any suggestions??

thanks

darren

Take a step back, a deep breath, and give more information.

You haven't posted the IP address range that's local to your controller. You will want to post the model of the controller and type of HMI.

RSLinx Classic's "A-B Ethernet" driver works pretty well across VPN's and tunnels. The "EtherNet/IP" driver requires a local subnet that accepts broadcast messages.

RSLinx Enterprise also uses broadcast messages to detect devices, but you can manually put PV+/VVCE and A-B controllers into the network schema too.

http://www.lookatlan.com/

Look at the LAN when connected locally & remotely.

Ken Roach said:

Take a step back, a deep breath, and give more information.

You haven't posted the IP address range that's local to your controller. You will want to post the model of the controller and type of HMI.

RSLinx Classic's "A-B Ethernet" driver works pretty well across VPN's and tunnels. The "EtherNet/IP" driver requires a local subnet that accepts broadcast messages.

RSLinx Enterprise also uses broadcast messages to detect devices, but you can manually put PV+/VVCE and A-B controllers into the network schema too.

Click to expand...

Its a Compact logix 1769L32E the PV is a PV+1000

i have the router at address 192.168.1.1 the plc is 192.168.1.15 and the HMI is 192.168.1.30

i dont understand why linx doesnt see what rsview can see?

also i am assuming i have to enter the gateway address in the PV and the PLC.

thanks for any suggestions..


Just re-read your post ken..i will try and connect with the ethernet driver, i was just using the ethernet i/p

Darren

What subnets are the devices using?