RsLinx Communication via TCP Port Forwarding

Bullzi

Lifetime Supporting Member
Join Date
Jun 2012
Location
Colorado
Posts
1,530
Hi everyone,
I have a customer that is using wireless modem to communicate to many different PLC's and HMI's. I just added my PLC and HMI to their network IP structure. They don't use VPN's like I am use to they use Port Forwarding. I will admit my IT skills are the weakest part of my game so what is Port Forwarding? Next question is how do I set up my RsLinx so that I can talk to the PLC on the network?


Thanks for the help!!
 
The plant's network is a private network, a LAN, in which private IPs are used, usually 192.168. *. * or 10. *. *. *, if one of those IPs has a PLC waiting for external connections, (i.e. on port 5000) then that port will not be accessible from the internet.

For that port to be accessible, a Port Forwarding rule (or NAT rule) must be defined on the router (or gateway) of the LAN so that incoming TCP connections on port 5000 are derived to the PLC IP.

With this system the only way to distinguish one PLC from another is to use a different port number for each one.

Alert your client that this system is very insecure, because theoretically anyone who knows the public IP of the router and the port number can connect to the PLC. Much better to use a VPN
 
Last edited:
I figured it wasn't the most secure system but that is what they use.

How to set up my RSLinx so I can communicate with my PLC that is on that network?
 
I figured it wasn't the most secure system but that is what they use.

How to set up my RSLinx so I can communicate with my PLC that is on that network?


I can't speak for RSLinx specifically, but this is typically not possible in Industrial software. The ports are often fixed inside the PLC programming tool, and not configurable. You can forward the port to the first PLC, but after that you need more IP addresses, which is usually the thing the IT dept wants to avoid.
 
Any Port in a Storm?...

mk42 said:
I can't speak for RSLinx specifically...

I can...

Bullzi said:
I figured it wasn't the most secure system but that is what they use.

How to set up my RSLinx so I can communicate with my PLC that is on that network?

Hi,

"If" I'm reading "that" network's setup correctly...

RSLinx Classic specifically requires port 2222 TCP and port 44818 UDP Port Forwarding to be configured to the Private IP address of the controller. This would need to be configured through all routing appliances on the network. If there is only a single destination modem/router path to the controller then it would just need Port Forwarding configured for the above ports.

The controller's Gateway address should be set to the Private IP address of the router appliance that the controller is directly connected to. Again, a modem/router could simply be the next hop back for the controller. In this case, the Private IP address of the modem/router is used as the controller's Gateway address.

You then need to know how to remotely connect to their "modem" appliance. They should have configured this already.

Example: Using Web Browser, type in address: 74.22.168.14:2850
Then login credentials, and you are now connected to the modem appliance. This should give you access through the modem/router, or several routers, to reach the nodes on the network.

Once connected, you can try to PING the Private IP address of the controller. This will confirm that the routing is configured correctly and the controller is now reachable.

In RSLinx Classic, the "EtherNet/IP Driver" will usually not work as most network switches/routers will be configured to block "Broadcast" and/or "Multicast" traffic. Instead, you can try the "Ethernet Devices" driver, as it uses Unicast and Explicit IP targeting. For the driver, set the Private IP address of the controller and then attempt to browse the driver for the controller. "If" there was NAT being used (Network Address Translation), it is possible the Private IP address of the controller has been translated to a Public IP address. "If" this were the case, then you would use this Public IP address for the "Ethernet devices" driver.

Alternatively, in RSLinx Classic there is also the "Remote Devices via Linx Gateway" TCP driver. Using this driver you would configure the "Server's IP address or hostname" as the Public IP address of the router before the controller. Then browse this driver and the controller may respond active.

That's "loosely" the norm. We'd really need to know the full architecture of the network and the path to the particular controller you would like to reach. The architecture of the controller might also be useful to know - Logix 500/5000? For instance, you could be remotely connecting to their network via ADSL and then routed to a wireless modem appliance which then polls the radios modems wirelessly at each controller. Here you are not remoting in directly to a "modem" and instead it would be the ADSL router's Public IP address you would use to configure the "Ethernet devices" driver, and so on.

I would also agree that a VPN is a must really when opening up your IACS to the Wretched Wild Web.

Regards,
George
 

Similar Topics

Hey! In my previous queries on how to handle an OPC server like RSLinx in the ArchestrA IDE galaxy, I have succeeded and the answer was to just...
Replies
0
Views
1,784
Hey guys, I'm messing around in my rslinx classic program trying to get familiar with the Porgram, under the Driver Diagnostic General tab I...
Replies
0
Views
1,146
Dear All, I have just experience running RSLinx Ver. 2.59 to connect with ControlLogix 5000 1756-L73 with Firmware rev. 24.11, found: the RSLinx...
Replies
2
Views
1,815
Good day, Does anyone know if the device shortcuts can be backed up, if they are stored in a SQL-Database?
Replies
3
Views
2,001
Hello all, I'm trying to talk to a PanelView Plus 1000 on an ethernet network. The PanelView, along with a CompactLogix L35E and some other...
Replies
4
Views
1,743
Back
Top Bottom