WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Connect SCADA Intouch with PLC M580 through VPN.

0 votes
301 views 7 comments
by anonymous
Hello,

I have an issue with VPN between my SCADA Intouch and PLC M580 through VPN when using RUTX12 and RUT240.

At the current, I can ping or tracert between the SCADA and PLC.

But SCADA cannot monitor and control the PLC. The protocol that I use on the SCADA is Modbus TCP with port 502.

Can everyone help me with this? Thank you

1 Answer

0 votes
by anonymous

Hello,

    

Some clarification would be needed regarding your configuration:

  • What VPN service is used?
  • Is RUTX12 the server?
  • Is SCADA Intouch connected to the RUTX12 or the RUT240?
If OpenVPN is used, make sure the needed routes are added, or port forwarding is set up. More information about OpenVPN configuration can be found here.
Also, try using a different port, and make sure all of the Modbus services are disabled on the RUTX12 and the RUT240 to avoid any conflict.
I will also ask you to generate a troubleshoot file if the steps above did not help. This can be done by navigating to System → Administration → Troubleshoot. This file can be attached to the original question and will only be visible to Teltonika moderators.

  

Best regards,
DaumantasG 

by anonymous
Hi DaumantasG,

I'm using VPN with an IPsec setting for RUTX12 and RUT240.

The RUTX is the server for SCADA Intouch and RUT240 is slave with PLC M580.

I have the public IP for RUTX12.

Which port can I try if I use Modbus TCP protocol?

How to check the Modbus service is disabled on RUTX12 and RUT240 yet?

Thank you and best regards
by anonymous

Hello,

  

Modbus is disabled by default, so if it was not configured separately, it will be disabled. Modbus settings can be found by navigating to Services → Modbus.

As for IPsec, make sure local and remote subnets are configured correctly. Let's say RUTX12 is configured with LAN IP 192.168.1.1, and the RUT240 is configured with 192.168.2.1. So in the IPsec configuration on the RUTX12 specify the local subnet as 192.168.1.0/24, and the remote subnet as 192.168.2.0/24. On the RUT240 it should be the other way around.

It's highly recommended to use the IKEv2 key exchange and use a strong pre-shared key (if PSK is used).

However, without seeing your configuration I will not be able to help much, thus I will ask you to generate a troubleshoot file as described in my last comment. Thank you! I can see that the files were attached after I started writing the response. Will reply once I check them.

  

Best regards, 
DaumantasG

by anonymous
I can see that you have a static route added on the RUT240 to the RUTX12 over the L2TP tunnel which seems to be disabled. As static route has the highest priority when routing, this may cause some issues. Try deleting it and seeing if it helps.

It also seems like there is quite a bit of configuration settings from L2TP in the firewall settings as well, so if L2TP will not be used, I'd recommend deleting the existing instance and any related firewall rules. Even if it does not solve the issue, it will make further troubleshooting easier.

From the configuration point of view, everything seems to be correct in the IPsec config of both devices, thus the issue seems to be somewhere else.

Awaiting an update!

  

Best regards,
DaumantasG
by anonymous

Hi,

This is the troubleshooting file after I deleted the L2TP configuration. The SCADA is still not connected to PLC after I follow your instruction.

Could you check this file again?

Thank you and Best regards.

https://community.teltonika-networks.com/?qa=blob&qa_blobid=7119366565707399080 

https://community.teltonika-networks.com/?qa=blob&qa_blobid=5143508083058652762

by anonymous
Hello,

  

It seems like the internal modem in the RUT240 keeps disconnecting from the mobile network. Were these intentional disconnections?

If not, I'd like to ask you to disable the IPsec instance on the RUT240 and leave the router running, to check if it could be related to IPsec.

I am not sure if this is what is causing the modem to disconnect, ]however, the timing between the IPsec tunnel establishment and mobile connection. The mobile connection can also be monitored by navigating to Status → Network → Mobile.

If possible, I would also like to ask you to factory reset the device (System → Backup), reconfigure the IPsec instance, and check if the behavior reappears. Thank you.

  

Best regards,
DaumantasG
by anonymous
Hello,

I have changed the PLC from RUT240 to RUTX12 to check the connection and I can connect to PLC from RUT240 with the server and plc reverse the position.

The problem is I have one RUTX12 and four RUT240 in our architecture. And the server must be RUTX12.

I think there is some function in the RUT240 that I need to reconfigure.
by anonymous
Hello,

If the other RUT240s functioning well, you could try factory resetting the device and reconfiguring it, as that might be the easiest route to resolve the issue.

You could also upload a backup from another RUT240 assuming they are of the same product code and are running the same or newer firmware.

Best regards,
DaumantasG