Step 7: Reaching PLC/HMI over VPN

STL???

Member
S
Join Date
Sep 2005
Location
UK
Posts
879
Hi Folks,
I have a VPN connection to my company network and would like to be able to remotely support if needed.

On site i can reach any PLC/HMI without issue however i cannot over VPN.

I've done a search on here and havent found anything conclusive, so i was wondering if anybody here has had similar problems and what they did to overcome them?

http://www.plctalk.net/qanda/showthread.php?t=43154&highlight=vpn
Suggests the following:
"You also have to Nat the port 102 in the routers"
"Remember that on router you need unlock TCP port 1723"

Are these the only exceptions needed for communication?

Thanks in advance
Steve
 
What brand PLC and HMI devices are you using ?

Most industrial devices use a TCP port that's one one of the common ones (HTTP on Port 80, Telnet on 24, SMTP on 25) so many VPN setups don't automatically pass those ports.

Allen-Bradley devices, for example, use TCP Ports 2222 and 44818.

You might also need to set up the "Default Gateway" setting on your controllers to work with the VPN server. Is this a PC that's running VPN software, or an appliance or router ?

Edit: Whoops, your title did mention S7. I'm off, then.
 
I have done this type of setup before but never with a S7
So you have verified that the tunnel is working?
Do you have access to both the local and remote modem/router?
 
So you have verified that the tunnel is working?
Click to expand...
Yes VPN is working fine, i can read email,access network drives etc

Do you have access to both the local and remote modem/router?
Click to expand...
Unfortunately no - i need to make a request to our IT headquarters for exceptions if needed - i need to find out what first before the fight begins to get them implemented.

I cannot get any details of the setup either :mad:

Thanks for the Info Ken - good to know
 
IT departments o_O
Maybe they have some type or ACL (action control list) that is blocking your PLC/HMI

Post your fix when you figure it out. I'm always interested in network setup
 
I just connect via VPN (using company laptop) and then use remote desktop to connect to my S7 & InTouch development PC.
 
Thanks everyone for the helpful replies,
dimmarkov
Hi,Did you select a Use router option in HW configuration of S7 PLC?
Click to expand...
I had forgot about this 🙃
LestatZA
Remember it must be the last router address in the routing chain.
Click to expand...
(y)

krk
I just connect via VPN (using company laptop) and then use remote desktop to connect to my S7 & InTouch development PC.
Click to expand...
My setup is laptop based unfortunately - i have a docking station and second screen at my desk.

I have asked for last router IP address so ill see how it goes.

Regards Steve
 
I have done this setup a couple of times, the items to watch have aready been mentioned:
1. Port 102 must be open along the entire communication path
2. The "Use router" connection and IP address must be configured in the HW configuration and already downloaded to the cpu.

I don't think the accessible node and browse features work.
There is a FAQ on the Siemens support site covering the set up.
 
Thanks Mike - i did look for a FAQ on Siemens support without luck, think ill have another look with different search criteria.
 

Similar Topics

P
Encrypted block protection for FBs and FCs from STEP 7 V5.5
I am having a step7 v5.4 program where the blocks are encrypted and locked. And the manufacturer is stopped the support. Is there any ways to...
Replies
2
Views
168
PazhumaliyilBiju
P
S
Siemens S7-200 / Step-7 Microwin
Good Morning, Hoping someone with some Siemens experience can give me a hand with this one. Customer has a S7-200 cpu, which has a 6GK7...
Replies
0
Views
243
Sickify
S
E
SFC IN STUDIO 5000 name current Step
HI! HOW COULD I OBTAIN THE NAMES OF THE STEPS OF A ROUTINE IN SFC LANGUAGE IN STUDIO5000? Or is there a system variable that gives me those...
Replies
0
Views
339
edgardany2k
E
AutomationTechBrian
Siemens Step 7, Simatic Mgr, Adding a DO16 to an existing ET200M (Profibus)
I'm just trying to figure out the right method of adding a DO card to an existing rack. It's not the *next* open slot, but I have to move the AO...
Replies
5
Views
543
AutomationTechBrian
AutomationTechBrian
W
Siemens Step 7 Unknown Call in STL
Hi Siemens Experts, I am hoping someone can shed some light on my issue. I have uploaded the code from a S7-300 (317-2PN/DP) using Step 7...
Replies
9
Views
656
woolie161
W
Back
Top Bottom