grnick50
Lifetime Supporting Member
Hello all,
I am facing a problem with excess 3G Data consumption.
In the attached topology you will notice that there is a VPN network setup in the following way:
In the main Pumphouse there is an ADSL landline with static public IP. From there a VPN Router (Teltonika RUT500) has its WAN interface connected to the ISPs Router so that it can have access to Internet.
The VPN Router is then connected to the Pumphouse Ethernet network. Also there are two remote locations with S7-1200 PLCs and RUT500 routers that are connected using VPN (Bridge mode) to the main pumphouse VPN Router.
That way a PLC-PLC communication is possible between "Comms Handler PLC"-TSE1 and between "Comms Handler PLC"-TSE2, using Modbus TCP-IP.
Note that the same amount of data with the same poll rate is being communicated in both above mentioned PLC connections.
Everything worked fine for a few months with no interruptions of service and no excess data consumption (1.2Gb/month on a 5Gb contract) on both connections.
Then a couple of months ago it was noticed that TSE1 SIM card consumed 30Gb of traffic. It was assumed that someone may have hacked the router's wifi key (although the SSID was hidden) and used it for personal use. Please note that the application is district heating and TSE1 is located to municipal gym where a lot of people are there most of the day. I did not manage to take any log files from the router to see if someone was connected nor I could retrieve any data regarding the traffic, as I suppose it is a low end VPN router.
I then disabled the WiFi interface hopping that it would fix the issue. Unfortunatelly the issue is not fixed and TSE1 continues excess consumption of data trafic.
Thinking about my problem I thought that there may be an issue of the routing of internet traffic.
What I mean is that the two SCADA servers in the pumphouse are connected to the internet via the VPN Router (firewall is used). That is because we need to perform teleservice or remote assist the operators.
My worry is that maybe all the teleservice and remote connection Data is not routed through the local pumphouse Internet connection but through the VPN and TSE1 internet connection instead.
Any Ideas and suggestions on how to check the data routing are welcome.
I am facing a problem with excess 3G Data consumption.
In the attached topology you will notice that there is a VPN network setup in the following way:
In the main Pumphouse there is an ADSL landline with static public IP. From there a VPN Router (Teltonika RUT500) has its WAN interface connected to the ISPs Router so that it can have access to Internet.
The VPN Router is then connected to the Pumphouse Ethernet network. Also there are two remote locations with S7-1200 PLCs and RUT500 routers that are connected using VPN (Bridge mode) to the main pumphouse VPN Router.
That way a PLC-PLC communication is possible between "Comms Handler PLC"-TSE1 and between "Comms Handler PLC"-TSE2, using Modbus TCP-IP.
Note that the same amount of data with the same poll rate is being communicated in both above mentioned PLC connections.
Everything worked fine for a few months with no interruptions of service and no excess data consumption (1.2Gb/month on a 5Gb contract) on both connections.
Then a couple of months ago it was noticed that TSE1 SIM card consumed 30Gb of traffic. It was assumed that someone may have hacked the router's wifi key (although the SSID was hidden) and used it for personal use. Please note that the application is district heating and TSE1 is located to municipal gym where a lot of people are there most of the day. I did not manage to take any log files from the router to see if someone was connected nor I could retrieve any data regarding the traffic, as I suppose it is a low end VPN router.
I then disabled the WiFi interface hopping that it would fix the issue. Unfortunatelly the issue is not fixed and TSE1 continues excess consumption of data trafic.
Thinking about my problem I thought that there may be an issue of the routing of internet traffic.
What I mean is that the two SCADA servers in the pumphouse are connected to the internet via the VPN Router (firewall is used). That is because we need to perform teleservice or remote assist the operators.
My worry is that maybe all the teleservice and remote connection Data is not routed through the local pumphouse Internet connection but through the VPN and TSE1 internet connection instead.
Any Ideas and suggestions on how to check the data routing are welcome.
