• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Siemens PLC -Uploading and downloading using netPI & VPN
#1
Dear Sir,

Our Customers want to access the Siemens S-7 PLC (Site Location ) to Remote Location PC for Uploading and downloading PLC projects using PLC software.

This application netPI/netConnect Gateway with VPN work?

Please send the details.


BR,
Sandip

I try to check with open VPN.
Please find the attached document for your reference.


Attached Files Thumbnail(s)
   

.pdf   Project 4_Install OpenVPN for Raspbian.pdf (Size: 239.62 KB / Downloads: 7)
  Reply
#2
Hello Sandip,

in the document I see an access to https://files.ovpn.com/raspbian/ovpn-se-gothenburg.zip. But https://files.ovpn.com/ link is down. It cannot be reached. So I cannot test the PDF file.

Thx
Armin
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#3
I want to add the product mentioned here https://forum.hilscher.com/Thread-TOSIBO...m-anywhere.

It can manage fleets of devices over a portal. But it is not for free.
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#4
Thanks for your support.

BR,
Sandip
  Reply
#5
Hello Sandip,

the problem is Hilscher's office network that does not allowed to reach www.openvpn.com.

I can test this only during homeoffice times next week.

Thx
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#6
VPN solution tested on netPI to get connection to the local netPI eth0 network interface from remote: https://forum.hilscher.com/Thread-VPN-tu...10-minutes
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#7
Hello Armin,

Greetings! what is your suggestion to use Tosibox container? or openVPN? 

we already contacted to Tosibox yesterday & they are planning for us some online demo . Also some free trials are available.

what I understand is with both these , we can get VPN server functionality to our netPI which can be then accesed remotely anywhere by  the VPN client software ---is it correct?
Field PLCs connected to ethernet port of netPI are also accessible remotely for configuration upload/download?

please guide as we have few customer enquirers regarding VPN application.

Thanks & BR
Madhumati
  Reply
#8
Well Madhumati,

I don't know if Tosibox is really using VPN technology to be honest ... what they do is just simply said opening a tunnel from a remote computer to a device and also to all devices connected to this device. It can be compared to VPN ... but if it is really I don't know.

Here is my opinion about using Tosibox or OpenVPN:

With OpenVPN I personally see that it is 100% for free which is good in the first view. But I see OpenVPN is something you would use if you have a single device you want to get access to it or maybe two or three devices. Using OpenVPN is nothing you would use for a management of a device fleet like 100 devices or so from a central station. With OpenVPN you need to take care of port forwarding in your router, you have to take care of dynDNS server and provider, you need to open port 1194 in the OpenVPN server, you need to create certificates per user per device and this you need to do device by device ... so these are many manual things you have to do per device.

With Tosibox this is different. Tosibox logs in to the central Tosibox server on the Internet when it is started. It automatically generates certificates, IDs and registration on the server all for you. The only thing you need is an activation key. And then once you have the key you can install a Client on your Windows system and with the key it automatically finds the path and way to the device without the need for dynDNS server or configuration of a port forwarding. With this method I was able to run Tosibox in our Hilscher office in my own office wtihout any problem ... with OpenVPN this would never be possible because I can never configure Hilscher's "big" Internet Router to forward OpenVPN telegrams to my netPI device or to configure dynDNS in the router. But of course using Tosibox costs you money ... but with the Windows client software you receive from Tosibox you can centrally manage ALL your devices with a single tool. This is not possible with plain OpenVPN if there are no other additional tools used that maybe can handle fleet management across OpenVPN. To he honest I don't know any fleet management OpenVPN software.

So ask you customer if he wants to have a single device managed and has acccess to his own Internet router  ... then choose OpenVPN.
If your customer want to have multiple netPIs and has no access to the Internet router for reconfguration and he wants an installation in an network environment he maybe don't know cause it is the end customers network ... then the only chance to install remote management is using Tosibox.

If you install next to OpenVPN container or Tosibox container the container "Ethernet LAN" at https://registry.hub.docker.com/r/hilsch...ernet-lan/  then this container turns the two netX extra Ethernet ports into standard TCP/IP ports. This Ethernet interface and all the other physically connected network devices are also adressable through the tunnel either via OpenVPN or Tosibox.
You never fail until you stop trying.“, Albert Einstein (1879 - 1955)

  Reply
#9
(June-10th-2020, 01:00 PM)Armin@netPI Wrote: Well Madhumati,

I don't know if Tosibox is really using VPN technology to be honest ... what they do is just simply said opening a tunnel from a remote computer to a device and also to all devices connected to this device. It can be compared to VPN ... but if it is really I don't know.

Here is my opinion about using Tosibox or OpenVPN:

With OpenVPN I personally see that it is 100% for free which is good in the first view. But I see OpenVPN is something you would use if you have a single device you want to get access to it or maybe two or three devices. Using OpenVPN is nothing you would use for a management of a device fleet like 100 devices or so from a central station. With OpenVPN you need to take care of port forwarding in your router, you have to take care of dynDNS server and provider, you need to open port 1194 in the OpenVPN server, you need to create certificates per user per device and this you need to do device by device ... so these are many manual things you have to do per device.

With Tosibox this is different. Tosibox logs in to the central Tosibox server on the Internet when it is started. It automatically generates certificates, IDs and registration on the server all for you. The only thing you need is an activation key. And then once you have the key you can install a Client on your Windows system and with the key it automatically finds the path and way to the device without the need for dynDNS server or configuration of a port forwarding. With this method I was able to run Tosibox in our Hilscher office in my own office wtihout any problem ... with OpenVPN this would never be possible because I can never configure Hilscher's "big" Internet Router to forward OpenVPN telegrams to my netPI device or to configure dynDNS in the router. But of course using Tosibox costs you money ... but with the Windows client software you receive from Tosibox you can centrally manage ALL your devices with a single tool. This is not possible with plain OpenVPN if there are no other additional tools used that maybe can handle fleet management with OpenVPN. To he honest I don't know any fleet management OpenVPN software.

So ask you customer if he wants to have a single device managed and has acccess to his own Internet router  ... then choose OpenVPN.
If your customer want to have multiple netPIs and has no access to the Internet router for reconfguration and he wants an installation in an network environment he maybe don't know cause it is the end customers network ... then the only chance to install remote management is using Tosibox.

If you install next to OpenVPN container or Tosibox container the container "Ethernet LAN" at https://registry.hub.docker.com/r/hilsch...ernet-lan/  then this container turns the two netX extra Ethernet ports into standard TCP/IP ports. This Ethernet interface and all the other physically connected network devices are also adressable through the tunnel either via OpenVPN or Tosibox.


Thanks Armin for this differnce explanation.
I will check with customer & let you know if any further guidance needd.

BR
Madhumati
  Reply
#10
Hello Armin,
 

I am trying today testing with netPI FW V1.2.0.0. But I am not able to pull the image from Tosibox registry. I get below error as attached.
 


Attached Files Thumbnail(s)
   
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Profinet to Siemens PLC j.langlois 4 3,502 January-26th-2021, 06:11 PM
Last Post: j.langlois
  Detecting NetPI in Siemens TIA via Profinet andrewc 3 3,788 April-11th-2019, 06:42 PM
Last Post: Armin@netPI

Forum Jump:


Users browsing this thread: 1 Guest(s)