You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

Reply
 
Thread Tools Display Modes
Old February 15th, 2020, 03:09 AM   #1
BobB
Lifetime Supporting Member
Australia

BobB is offline
 
BobB's Avatar
 
Join Date: Jun 2002
Location: Sydney
Posts: 4,402
Remote access

A customer has asked me about remote access through a VPN. Heve done it with a modem before but not a VPN. I will need to run PLC programming software and do some changes online. I guess I would need an Ethernet port on the PLC as well? Standard Ethernet or Ethernet IP or does it matter?
__________________
The Old Pfhaart

  Reply With Quote
Old February 15th, 2020, 03:48 AM   #2
AlfredoQuintero
Lifetime Supporting Member
Japan

AlfredoQuintero is offline
 
Join Date: Feb 2015
Location: Yokohama
Posts: 267
For a VPN to work, first you need a VPN server and this normally requires not only Internet access but also some cloud service provider that will do all the security authentication administration 24/7. I would recommend you look into companies like Fortinet or HMS Networks which has the a VPN product line. There is a way to do this with a Raspberry Pi and some open-source application. If you have the budget, I advise you use Fortinet or HMS. Free software tends to become unaffordable.
  Reply With Quote
Old February 15th, 2020, 04:42 AM   #3
CX_Luigi
Lifetime Supporting Member
Hong Kong

CX_Luigi is offline
 
Join Date: Sep 2010
Location: Hong Kong
Posts: 17
Omron has issued a document detailing how to connect Sysmac Studio/CX-Programmer to a remote plc using Teamviewer own VPN connection. The document can be downloaded from MyOmron portal.
  Reply With Quote
Old February 15th, 2020, 05:02 AM   #4
drbitboy
Lifetime Supporting Member
United States

drbitboy is offline
 
drbitboy's Avatar
 
Join Date: Dec 2019
Location: Rochester, NY
Posts: 1,355
Quote:
Originally Posted by AlfredoQuintero View Post
Free software tends to become unaffordable.
Yeah, but it's free!
  Reply With Quote
Old February 15th, 2020, 05:55 AM   #5
lfe
Member
France

lfe is offline
 
Join Date: Jun 2007
Location: Barcelona
Posts: 549
Any administrator of computer network systems with a minimum of experience should be able to advise you. Nowadays, it is very common for employees of companies to connect via VPN from remote locations

There are companies that offer these services to companies, surely there are some in your area.

Typically, through VPN you can open session in a computer in the remote place where the monitoring or programming software runs, so it is not important if the PLC is connected to the computer through a serial or an ethernet port.

But there are also pieces of hardware on the market that connect by itself as a VPN client and so you could connect the PLC to the VPN without a computer, in this case the PLC should have an Ethernet port.

Do not confuse Ethernet/IP with Ethernet. Ethernet/IP is an industrial communication protocol used mainly by Rockwell Automation.
__________________
Suppanel HMI
  Reply With Quote
Old February 15th, 2020, 06:09 AM   #6
damica1
Member
United States

damica1 is offline
 
Join Date: Aug 2015
Location: Illinois
Posts: 803
E*W*O*N would be a perfect, simple, affordable, solution.
__________________
David M. Camp

Unlocking the power of IOT in Oil & Gas!
  Reply With Quote
Old February 15th, 2020, 06:42 AM   #7
AlfredoQuintero
Lifetime Supporting Member
Japan

AlfredoQuintero is offline
 
Join Date: Feb 2015
Location: Yokohama
Posts: 267
Quote:
Originally Posted by drbitboy View Post
Yeah, but it's free!
Years ago I read a hilarious article about an IT consulting business whose motto was: "We make free software affordable".
  Reply With Quote
Old February 15th, 2020, 07:40 AM   #8
OkiePC
Lifetime Supporting Member
United States

OkiePC is offline
 
OkiePC's Avatar
 
Join Date: Mar 2005
Location: ENE of Nowhere Oklahoma
Posts: 10,702
If you want easy to deploy, get a Stridelinx VPN router. Set up takes under 10 minutes. We use them in places where there is no PC to gain access to the PLC network and HMI. There is a phone app that the operators can use to monitor the HMI too.
__________________
You can choose a ready guide in some celestial voice. If you choose not to decide you still have made a choice.
  Reply With Quote
Old February 15th, 2020, 04:44 PM   #9
BobB
Lifetime Supporting Member
Australia

BobB is offline
 
BobB's Avatar
 
Join Date: Jun 2002
Location: Sydney
Posts: 4,402
Thank you all. Couple here that are attractive - customer is as tight as!
The **** I note is only 3G but probably OK. Would cost him an M2M card per month. An option for sure.
No IT people there either - it is a caravan park in the middle of nowhere.
It is an Omron PLC - no screen - I will certainly download from My Omron and have a look.
It is a job where I did not want to get involved but it is a good friend of one of my good customers who is quite happy to pay me a good hourly rate and also pays right on the dot of 30 days - a rarity these days so I am sort of obliged.
Will let you know where I finish up.
__________________
The Old Pfhaart

  Reply With Quote
Old February 15th, 2020, 05:02 PM   #10
BAJ
Member
United States

BAJ is offline
 
BAJ's Avatar
 
Join Date: Jan 2006
Location: Maple Grove, MN
Posts: 186
Quote:
Originally Posted by damica1 View Post
E*W*O*N would be a perfect, simple, affordable, solution.

+1 on E_W_O_N (weird that this site *'s that word out - is it bad?). We've used them before and they work well. You still likely need to work with your customer/remote site IT to get an IP address for it on the customer's business network. Assuming that's not a violation of their IT policies.

I don't know if E_W_O_N addressed this issue or not, but the problem we had was that the E_W_O_N would allow the WAN and LAN to be on the same subnet. The WAN and LAN were the same in this case. Our fix was a cheap router to bridge the E_W_O_N LAN port back to the WAN network.

E_W_O_N also has a cellular model, you would have to pay for monthly cellular service but it bypasses the IT headache if you can't get around it.
__________________
A programmer is a tool that converts caffeine into code.

Last edited by BAJ; February 15th, 2020 at 05:06 PM.
  Reply With Quote
Old February 15th, 2020, 05:20 PM   #11
exiled
Member
United Kingdom

exiled is offline
 
exiled's Avatar
 
Join Date: Jun 2002
Location: England
Posts: 122
Quote:
Originally Posted by BobB View Post
A customer has asked me about remote access through a VPN. Heve done it with a modem before but not a VPN. I will need to run PLC programming software and do some changes online. I guess I would need an Ethernet port on the PLC as well? Standard Ethernet or Ethernet IP or does it matter?
Hi BobB,
As stated earlier the *ew*on* cosy range is pretty good. We have around 200 machines with the ethernet version active. They also do a wifi and a cellular version. Ive uploaded/downloaded code changes plenty of times. I love em. There are various security hardware measures available should the customer wish to stop you getting in!
You can connect to them via different protocols & not just ethernet.
All dependant on the hardware you want to connect to i suppose!
  Reply With Quote
Old February 20th, 2020, 09:54 PM   #12
a062549
Lifetime Supporting Member
China

a062549 is offline
 
Join Date: Feb 2012
Location: Home
Posts: 131
Music

Quote:
Originally Posted by OkiePC View Post
If you want easy to deploy, get a Stridelinx VPN router. Set up takes under 10 minutes. We use them in places where there is no PC to gain access to the PLC network and HMI. There is a phone app that the operators can use to monitor the HMI too.
Very cool! Sure take the IT that's not on my of our sites to let us in.
  Reply With Quote
Old February 21st, 2020, 01:25 AM   #13
ojz0r
Member
Sweden

ojz0r is offline
 
Join Date: Feb 2009
Location: 127.0.0.1
Posts: 310
Quote:
Originally Posted by AlfredoQuintero View Post
Years ago I read a hilarious article about an IT consulting business whose motto was: "We make free software affordable".
Free as in speach, not neccessarily as in beer
  Reply With Quote
Old February 21st, 2020, 04:01 AM   #14
JesperMP
Lifetime Supporting Member + Moderator
Denmark

JesperMP is offline
 
JesperMP's Avatar
 
Join Date: Feb 2003
Location: Copenhagen.
Posts: 14,382
Quote:
Originally Posted by BobB
I guess I would need an Ethernet port on the PLC as well? Standard Ethernet or Ethernet IP or does it matter?
Just Ethernet will do. And shame on you if you are using a PLC without Ethernet in 2020 !

To get access for remote support there are 3 ways:

1. The customers IT department provide you with the VPN connection.
It may mean you have to install a special VPN software on your side.
Usually big companies have a IT department and security policies.

2. You install a dedicated VPN router onsite. There are plenty of good VPN router vendors. We use E.won. Others use Stridelinx, MBconnect, etc..
2a. The customer provides the internet connection.
2b. The VPN router can have an integrated 3G or 4G cellular modem.
A good solution for smaller companies without a big IT department.

3. Software based VPN. There are a few. I wrote a guide on how to use Teamviewer as a VPN router. You can find it in the download section of this site.
I use it in a pinch when 1 or 2 is not possible, but always with the customers approval.
Quite a few times, my service guy onsite has had to use his smartphone as a hotspot for the onsite PC to connect via Teamviewer and for me to go online via VPN.
__________________
Jesper
See my profile interests for Q&A
  Reply With Quote
Old February 21st, 2020, 04:29 AM   #15
JesperMP
Lifetime Supporting Member + Moderator
Denmark

JesperMP is offline
 
JesperMP's Avatar
 
Join Date: Feb 2003
Location: Copenhagen.
Posts: 14,382
Quote:
Originally Posted by BAJ View Post
I don't know if E_W_O_N addressed this issue or not, but the problem we had was that the E_W_O_N would allow the WAN and LAN to be on the same subnet. The WAN and LAN were the same in this case. Our fix was a cheap router to bridge the E_W_O_N LAN port back to the WAN network.
That was not the E.won that was to blame.
It is an issue any router, if you have same subnets on either side of the router. IP routing wont work.
You probably have this scenario.
On the machine side you have chosed fixed IP addresses.
On the routers WAN side you have DHCP.
If you on the machine side have chosen an "unfortunate" IP address, the router gets assigned an IP in the same subnet by DHCP.
There are certain IP addresses you should avoid because many routers per default are set to use the same subnet. I mean the higher level router that is the DHCP server, not the e.won router.
Avoid these in your machine network:
192.168.0.x
192.168.1.x
192.168.2.x
10.0.x.x
10.1.x.x
10.2.x.x
172.168.0.x
Maybe some others too...

edit: And yes, if you have gotten in this sitation and cannot change the network in a hurry, than placing an additional router in between the VPN router and your network can fix the problem.
__________________
Jesper
See my profile interests for Q&A
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Thread Thread Starter Forum Replies Last Post
I/O access error, reading raj87 LIVE PLC Questions And Answers 11 October 6th, 2019 03:29 AM
PLC Remote Access with same subnets/IPs on PLCs matt303 LIVE PLC Questions And Answers 6 October 3rd, 2019 03:39 PM
S7 Remote Access Guiness LIVE PLC Questions And Answers 1 April 30th, 2013 11:36 AM
Remote Access - As good as it sounds? orense LIVE PLC Questions And Answers 9 March 11th, 2013 11:12 PM
Remote Access ayyaz LIVE PLC Questions And Answers 1 May 29th, 2005 11:52 AM


All times are GMT -4. The time now is 01:00 PM.


.