Remote Access Simplified with eWON and Talk2M

So you're an OEM or Machine Builder and you'd like to remotely access your PLC for troubleshooting? You purchase a typical industrial VPN router, throw it into your control cabinet, connect the WAN port into the business network for internet access, but then what? Turns out your incoming VPN request and session is dropped by the facility's IT firewall and IT must modify the configuration to allow the VPN. This well-known hurdle has stunted remote access objectives for many years. The hurdle is quite simply most remote access solutions involve traffic that goes the "wrong way" when you consider that IT firewalls appropriately DROP inbound traffic initiated from the "untrusted" outside.

So what if we change the picture? Below, the industrial VPN router initiates an outbound connection (utilizing TCP Port 443 typically used for HTTPS) to the hosted service called Talk2M. Next, the remote user establishes a connection to the same Talk2M service, selects a router to connect to and thereby establishes a bi-directional tunnel to the PLC. The key? While IT firewalls drop inbound traffic initiated from the "untrusted" outside, they typically ALLOW outbound HTTPS and other traffic initiated from the "trusted" inside. Fortunately, the eWON + Talk2M solution requires nothing more!

Below is a more complete picture of the overall solution provided with eWON industrial VPN routers and the hosted Talk2M service. The remote user can communicate through the eWON to serial or Ethernet PLCs, HMIs, etc. Thanks to a feature called Plug'n Route, this remote access is enabled without needing to modify the PLCs to add default gateway configuration.

 

In the following video, watch a remote user connecting to an Allen Bradley PLC with RSLogix over the Talk2M VPN connection.

Finally, a remote access solution leveraging the existing high-speed internet connection at the facility without requiring modifications by the IT department! Also, for cases where no hardwired Internet connection is available, there are eWON models with built-in GSM cellular modems. eWON has changed the game with this very unique solution. 

In future posts I will demonstrate how easy it is to get this solution up and running in minutes. Having setup many of the other solutions dozens of times over the last several years, I can easily attest eWON's configuration for remote access is simple, quick, and can be completed with limited networking expertise. Nevertheless if you prefer assistance setting up your first unit, we can certainly walk you through it.

I'd be remiss not to at least mention eWON can also perform some advanced SCADA functions including data logging (drivers for Rockwell/Allen-Bradley, Schneider/Modicon, Omron, Hitachi, Mitsubishi, SNMP), Web HMI, and data push via SMS, E-mail, FTP, web services etc. but I'll save further detail on these options for additional future posts.

Related Posts

• eWON Industrial VPN Router Model Selection 
• eWON Talk2M Free+ vs. Talk2M Pro 
• eWON Industrial VPN Router E-mail Relay  
• eWON Config Post 1: Update eBuddy, Set eWON IP Address, and Upgrade eWON Firmware  

Links of Interest

• eWON Industrial VPN Routers