You can set it up with a dyndns account or register it on the mGuard portal to accommodate for non static public IP addresses. mGuard would be accessible over the internet. mGuard lives in the control subnet with the PLC. I generally have an air gap between my control network and the internet, so I'd grab something like a Phoenix contact mGuard for an industrial edge device and bring the internet to that. Your firewall would block any unsolicited inbound messages. I don't know what your architecture is, but if they're in a vlan where you can setup some routes for them to get out (outbound) to the internet and connect to an OpenVPN endpoint that's accessible over the internet that'd probably be the easiest path for you and it'd be secure because nothing would be going inbound. I use these same processors and have done this application a few times. The other option is to attach an Industrial VPN router to this VLAN and allow remote access.Īre there any other solutions available? I don't have a lot of experience with remote accessing PLC's. I know these devices can connect to an OpenVPN server although this would need some additional settings because they are in an isolated VLAN at the moment. So you can password protect the web server via simple authentication which is easy to exploit it seems: Maybe there are some additional security measures available I don't know they exist? Like mac filtering or something. My boss obviously wants the first option because it's the cheapest. Place an industrial router (like eWON) on PLC VLAN. Port forward the internal web server via the corporate firewall Now there are a few options for remote access: I'm not really familiar with these PLC's (sysadmin background) so I couldn't really counter this argument and told him I would look into it. He told me this is really necessary and these PLC's have some firewall built in where we increase security. I told him we should never make a PLC accessible over the internet even it's just the web server. Now my boss wanted to make these web pages accessible over the internet. These 2 PLC's both have an internal web server to show some visualisation. It works only in coordination with the primary cookie.We have 2 Wago 750 8202 PLC's in an isolated PLC VLAN. Records the default button state of the corresponding category & the status of CCPA. Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance". Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others". Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category. The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional". Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category. Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category. These cookies ensure basic functionalities and security features of the website, anonymously. Necessary cookies are absolutely essential for the website to function properly.
0 Comments
Leave a Reply. |