Accesing the Modbus Device from Internet without VPN Connection

H

Thread Starter

Heru Iqbal

Normally, to access the modbus device on the local network, it needed a VPN connection. So how, if we do not have a VPN Server, but we want to connect with this device directly from the Internet?

To answer this question, use the Windows PC that can be connected to the internet, and this Windows PC also can be connected to the local network. After that, run the Modbus Master Slave Server application that you can download in here https://dl.dropboxusercontent.com/u/3351822/HINETSlaveServer2016.rar

after that, create a new Modbus port as shown in the following picture: https://dl.dropboxusercontent.com/u/3351822/ModbusGateWayPic.jpg

After click create button, now you double click field 'status port' on the grid to run this service.

And now your Modbus devices it can be accessed via Modbus Master Application from the Internet, via accessing to the IP public used by this windows PC.

Good luck..
 
H
Thanks for your question Mr. David_2

HINET is short of Heru Iqbal Network Enterprise Technology..
Of course, I was a software developer, and my software has been widely used for gas and energy company in Indonesia.

HINET Modbus DDE Server, completely free and can be used by anyone who needs..

You can download this software here -> https://dl.dropboxusercontent.com/u/3351822/HINETIOServer.rar

We use this HINET Modbus DDE Server as a third party software between HMI applications with the Modbus device, like Omni Flow Computer, Emerson Floboss, KingFisher Flow Computer and much more which uses Modbus Protocol for TCP-IP.

Sometimes we need information from Modbus device, which can be monitored in real time via smartphone .. For these needs, we must use the Master Slave Server application, because the features in this Modbus Server is 'Modbus Web Service' based on JSON.

Example like this:<pre>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Modbus JSON Sample</title>
<style>
h1 {
border-bottom: 3px solid #cc9900;
color: #996600;
font-size: 30px;
}
table, th , td {
border: 1px solid grey;
border-collapse: collapse;
padding: 5px;
}
table tr:nth-child(odd) {
background-color: #f1f1f1;
}
table tr:nth-child(even) {
background-color: #ffffff;
}
</style>
<script src="http://code.jquery.com/jquery-1.7.1.min.js"></script>
</head>

<body>
<h1>Modbus Register</h1>
<table>
<tr><th>Register Name</th><th>Data Value</td></tr>
<tr><td>Hour</td><td id="Reg1"></td></tr>
<tr><td>Minute</td><td id="Reg2"></td></tr>
<tr><td>Second</td><td id="Reg3"></td></tr>
<tr><td>Month</td><td id="Reg4"></td></tr>
<tr><td>Day</td><td id="Reg5"></td></tr>
<tr><td>Year</td><td id="Reg6"></td></tr>
</table>
</body>
</html>


<script>
$(document).ready(function(){
ModbusPoll();
});

function ModbusPoll()
{
$.getJSON('http://localhost:8082/api?M=32&I=1&F=3&A=3867&N=6&T=int16', function(data) {
var MyRes = '';
for (var i in data.response){
if (data.response.status == 1) {
MyRes = parseFloat(data.response.register.A3867);
$("#Reg1").html(MyRes);
MyRes = parseFloat(data.response.register.A3868);
$("#Reg2").html(MyRes);
MyRes = parseFloat(data.response.register.A3869);
$("#Reg3").html(MyRes);
MyRes = parseFloat(data.response.register.A3870);
$("#Reg4").html(MyRes);
MyRes = parseFloat(data.response.register.A3871);
$("#Reg5").html(MyRes);
MyRes = parseFloat(data.response.register.A3872);
$("#Reg6").html(MyRes);
}
}
});
setTimeout('ModbusPoll()',1000);
}

Number.prototype.formatMoney = function(c, d, t)
{
var n = this,
c = isNaN(c = Math.abs(c)) ? 2 : c,
d = d == undefined ? "." : d,
t = t == undefined ? "," : t,
s = n < 0 ? "-" : "",
i = parseInt(n = Math.abs(+n || 0).toFixed(c)) + "",
j = (j = i.length) > 3 ? j % 3 : 0;
return s + (j ? i.substr(0, j) + t : "") + i.substr(j).replace(/(\d{3})(?=\d)/g, "$1" + t) + (c ? d + Math.abs(n -
i).toFixed(c).slice(2) : "");
};
</script></pre>
For that reason, mechanisms need to data polling from Modbus device into this server application ..

However, if the Modbus device is in the local network, then we must use the 'Modbus Gateway', so that server application from the outside can do polling data with this features.

If you want to try this Modbus Master Slave Server, please email me your product number, I will give you a serial number for free..

Thanks..
 
J

James Ingraham

Some things I will not be doing on production equipment:
- Download a RAR file from someone's Dropbox.
- Expose my Modbus data directly on the Internet.
- Expose a PC directly on the Internet.

I will say this is very clever, and I understand the appeal. But I can't see it as anything but an attack vector.

-James Ingraham
Sage Automation, Inc.
 
H
Thank you so much Mr. James Ingraham for your opinions..

I agree with your opinion..
But.. Suppose that we install Modbus devices are in the Borneo jungle wilderness, And there's only GSM Modem, Industrial Mini PC, Solar Cell and Ethernet Cable connected to a Modbus device.

Then .. to do polling the data to the device, directly from Head Office without using a VPN Server, we can use HINET Master Slave Server 2016 ..

Of course, this is an option for a System Integrator.
that is to say : "quite simply with this app, now you can poll data more quickly and safely .. even though the device was located in the forest"

Heru Iqbal
 
Do keep in mind, Modbus is a known protocol - ideally you'd at least encrypt the traffic - I don't know if HINET could handle that; ideally it would. Plus avoid ports like 502 or 8502 or anything 'hinting' at it being Modbus.

The thing I'd add is even with GSM, you must pay for all cell traffic, so if your 'public IP' attracts the attention of as student somewhere, you could find out your socket resources are consumed by someone running point-less scripts against it.

People like James & I - who've done these things for nearly a decade - have seen all the "Oh, but who would bother my ..." fail. And as I say YOU pay for all traffic. A simple example; I once worked with a customer who set up a simple publically exposed system. A week later, they called said it was broken (my fault no doubt). It turns out they'd select a 'random' TCP port which happened to be some SUN microsystems service and some IP in China had 3 sockets open trying to crack some mythical SUN server ... despite it being something else. In the end, the customer had to power off the cell modem for a week to cause the student (I assume) to lose interest & deal with a many MB overage in charges.

We all like to think "Oh, it won't happen to me ..." So just be careful and plan for problems.
 
Top