PLC Network IP Address

auto_macs

Member
A
Join Date
Jan 2019
Location
Cartagena
Posts
6
Hello.
I want to know if there is a way to tell if someone is online with a PLC from an specific IP address.
To elaborate my inquire:
there's a PLC with 2 ethernet adapters, one is connected to a 192.168.xxx.xxx network and the other to a 10.20.xxx.xxx network which means, someone can go online with the controller using any of the two networks.
on the other hand, there's a PC with 2 ethernet adapters, enabling access to the PLC through any of the two networks and i want to know if there's a way to tell if the PC is online with the PLC and which network is the person using to connect to the PLC, the 192.168.xxx.xxx or the 10.20.xxx.xxx.
is there a way to add the PC as a device under the PLC's device tree and use a GSV instruction to determine that PC's IP address?
The PLC is an Allen Bradley controller and I'm using RSLogix 5000 v20.04.00/Studio 5000 21.03.02
 
You can find out which IP address the PC is using to connect to the PLC by looking at the Path in RSLogix 5000. The location of the Path is highlighted in the attached image.

If this doesn't give you useful information, you can find the IP address in RSLinx (which must have been configured for the PC to connect to the PLC in the first place).

Studio5000_Path.jpg
 
Last edited:
Papplebeast said:
You can find out which IP address the PC is using to connect to the PLC by looking at the Path in RSLogix 5000. The location of the Path is highlighted in the attached image.

If this doesn't give you useful information, you can find the IP address in RSLinx (which must have been configured for the PC to connect to the PLC in the first place).
Click to expand...

Thanks for your reply but this is what I mean:
Using the GSV instructing and a mask I can determine whether a module is runnig or not. what I dont know is how do I configure this "generic ethernet module" to be the PC that connects to the PLC. if I assign one of the IP addresses to the module and check if it's running or not, I can tell what network the PC is using to connect to the PLC.
 
You can look at the Bridged Connections section of the embedded web page in a 1756-ENxT module, you can tell what IP addresses have a "Class 3" connection to the module.

Those are going to be either HMIs or engineering workstations.

I don't know of a way to get the same information programmatically from the 1756-ENxT, or how to tell a Studio 5000 workstation from anything else.

In theory you could send an identity request to an IP address to determine if it's running RSLinx versus another driver.
 
I would be cautious of programs like wireshark for example (it was mentioned, I never used it before).

if the network is rather large, you can cause communication issues in the plant.
a coworker nearly brought the plant communications to a halt using a snooping type program.

james
 
James Mcquade said:
I would be cautious of programs like wireshark for example (it was mentioned, I never used it before).

if the network is rather large, you can cause communication issues in the plant.
a coworker nearly brought the plant communications to a halt using a snooping type program.

james
Click to expand...

I don't believe that Wireshark can cause that kind of issue on a network. It only reports what your network card "sees"

From Symantec
Wireshark puts your network card into promiscuous mode, which basically tells it to accept every packet it receives. It allows the user to see all traffic being passed over the network.
Click to expand...

Cheers
 
Chuck Woodbury said:
Do you have Asset Center? It list all of the programs, who has it, what edits were done by who when, etc. Searchable. Great tool for version control.
Click to expand...

As a matter of fact, yes, I do have AssetCentre and it is exactly the reason why I started this threat. You see, AssetCentre is a very handy tool BUT I found a big security breach...
All the PLC's that we have installed in the plant have 2 Ethernet adapters: one to comunicate point-to-point to field devices like drives, soft starters, encoders, etc (which are on the 192.168.xxx.xxx network), and the other is to connec to the 10.20.xxx.xxx network in which other services monitor the behavior and the production of manufacturing lines. The AssetCentre Server is on this 10.20.xxx.xxx Network.
On the other hand, we have client PC's at different stations that also have 2 ethernet adapters, they are used to connect to the PLC's locally (using the192.168.xxx.xxx network because it is faster) or remotely (using the 10.20.xxx.xxx network but it's slower).
We ran a couple of tests on these PC's with 2 ethernet adapters and found out that the AssetCentre allows connnections from Users on the FactoryTalk Directory as long as it is from an AssetCentre Client PC. The AssetCentre server detects changes made to the PLC only if the cliente is connected to the network in which the server is on so when someone wants to make a change "off the grid" all he/she has to do is disconnect the cable that connects the PC to the 10.20.xxx.xxx network.... the user will still be restricted/allowed from the actions he/she was intended to but the AssetCentre won't know what or who did something to the PLC.
I figured that if what I have in mind is possible, then all I'd have to do is program a coil that activates when "the module" is not running to tell when someone disconnects the cable...
I'm not a native english speaker so excuse me if I'm not explaining myself clearly, I'm trying! :ROFLMAO:
 
auto_macs said:
As a matter of fact, yes, I do have AssetCentre and it is exactly the reason why I started this threat. You see, AssetCentre is a very handy tool BUT I found a big security breach...
Click to expand...

We, too, have AssetCentre. In the sales pitch from Rockwell, I recall them saying it is possible to enable security at the processor level to require some type of "authentication" from the AssetCentre client to restrict access for certain changes (e.g., read-only, data table only, logic editing, etc.) This type of access/change control is only supported by newer hardware and firmware platforms.

Since we still have many older products (PLC-5, SLC), this would not be applicable for all of our assets, and we decided not to use this feature. So I cannot comment on setup or functionality. However, I will say that after a couple years working with the FTAC client, I would be concerned about getting "locked out" of a secured processor when the client crashes or fails to start -- a relatively common occurrence in my experience.
 
kvogel,

I just used the name as a reference.
i'm not sure what he used, but I do know communications between our plc's, scada, sql db was at a snails pace.
when he killed the program, we were back to normal.

I was just wanting for auto_macs to be cautious and read up on any snooping program he used.

james
 
Maybe a simple windows service running on a server on your plant network that uses a heartbeat to determine if the Ethernet cable on that card has been disconnected. All you would have to do is poll the PLCs for a trigger and when it goes logic high set it to logic low. The PLC would set it to high again. Then just use a timer to set the alarm. I've done this many times. If you have a scada system, that could be used instead of a service.
 
Last edited:
James Mcquade said:
kvogel,

I just used the name as a reference.
i'm not sure what he used, but I do know communications between our plc's, scada, sql db was at a snails pace.
when he killed the program, we were back to normal.

I was just wanting for auto_macs to be cautious and read up on any snooping program he used.

james
Click to expand...

since you don't know what he used or how he used it...
normally, just snooping hurts no one but the machine running the snooping program. was this his own pc/laptop/whatever or a production machine running some server?
or was he maybe trying to hack by injecting (illegal?) packages to generate responses. can be done with something like (ze)nmap also...
 

Similar Topics

K
PLC network connection using RS Linx with Dynamic IP address
I'm attempting to set up a network that will enable me to monitor/program an Allen Bradley Micrologix 1100 that is connected to a cellular router...
Replies
4
Views
8,931
ken c
K
T
Siemens PLC and double network
Hello All, IÂ’m starting a new project where the plc is connected throught LAN with external software which write some data on PLC db, obviously...
Replies
1
Views
501
mk42
M
A
One computer Ethernet port for PLC and company network
My customer wants me to set up their industrial computer hmi running factory talk view se client in the following way. They want to use a single...
Replies
11
Views
1,021
joseph_e2
J
A
PLC Ethernet/IP Network Layout Suggestions
Hello, folks. Looking for suggestions on network layout. I'm designing 3 stations with 6 pieces of conveyor on each. They are part of the same...
2
Replies
21
Views
5,711
cardosocea
C
J
Allen Bradley PLC and VFD network issues.
Has anyone ever encountered an issue where PLC's seem to lose connectivity momentarily, as well as all ethernet VFD's in different areas across...
2
Replies
18
Views
3,978
jeffwitda240
J
Back
Top Bottom