I have a device which has embedded web-server as well as modbus/tcp interface. I want to protect this device with firewall, so I bought the one really cheap and simple to play with. I want to access this device through the firewall (currently it's completely open) but once the communcation is initated java program uploaded to my PC tries to negotiate with the device - with modbus/tcp and fails. Is it possible that the firewall thinks that modbus/tcp frame is malicious and drops them even though the negotiation port is not closed?

 

I imagine you only allow traffic to port 80. You have to be sure to open port 502 also.

 

Like others wrote, check that the firewall is letting port 502 through.

If you want a firewall to protect the device from malicious modbus/tcp traffic, take a look at modbusfw - it's a firewall module to screen modbus packets by function number, so you can make the device accessible for reading only (as well as the usual firewall rules like "no more than X per second"). http://modbusfw.sf.net

Jiri
--
Jiri Baum <[email protected]> http://www.csse.monash.edu.au/~jirib
MAT LinuxPLC project --- http://mat.sf.net --- Machine Automation Tools