Articles in this section

See more

Communicating Between Two FlexEdge Devices via OpenVPN

Avatar
Red Lion Controls
  • Updated
Follow

Abstract

This document describes setting up an OpenVPN connection that allows two FlexEdge devices to communicate through it via Modbus TCP.

Products

FlexEdge (DA50A and DA70A)

Use Case

Establishing a secure communications connection between multiple FlexEdge devices.

Required Software

Crimson 3.2 BUILD 3.2.0025.0 or later

Introduction

Using a VPN is a way to establish a secure connection between remote networks. Modbus is a common protocol used to communicate between Red Lion devices. Using them in combination allows secure communicate between multiple Red Lion devices located on remote networks.

OpenVPN Setup

Go to OpenVPN.net and create an OpenVPN account.

mceclip0.png

Go to users and create an OpenVPN connection for your computer.

mceclip1.png

Click on Networks and set up an OpenVPN profile for the DA50A device which is going to be the Modbus Master. 10.11.12.x is the subnet Ethernet 2 of DA50A device is on.

mceclip2.png

Similarly, set up an OpenVPN profile for the DA70A device which is going to be the Modbus Slave. 172.16.0.x is the subnet Ethernet 2 of DA70A device is on.

mceclip3.png

Click on the download icon and download the OpenVPN profile for both Master and Slave

mceclip4.png

And select “Download profile in .ovpn format'

mceclip5.png

Crimson 3.2 Configuration

Upload the .ovpn file in the Crimson database by navigating to Tunnels -> VPN1. Do this for both Master and Slave database.

mceclip6.png

mceclip7.png

Ethernet 1 port of both the Master and Slave databases are on 192.168.0.12 and 192.168.0.14 respectively with gateway address of 192.168.0.6 which is the LAN IP of the cell modem that they are connected to.

Ethernet 2 of Master is 10.11.12.31 and Ethernet 2 of Slave is 172.16.0.34. They are connected through an unmanaged switch.

Go to the system GUI of DA50A (Master) and ping the Slave to verify that VPN connection is established and similarly go to the system GUI of DA70A (Slave) and ping the Master. Below are screenshots showing the ping being successful.

mceclip8.png

mceclip9.png

With the VPN connection now established between the two devices, Modbus communication can now be set up to get a Master on 10.11.12.X subnet to talk to a Slave on 172.16.0.X subnet through OpenVPN connection.

Master Configuration

mceclip10.png

mceclip11.png

Slave Configuration

mceclip12.png

mceclip13.png

A tag could be configured to increment On Tick as shown below, this will provide a changing value to be monitored by the master device.

mceclip14.png

Proving Communications

Network Capture and web Interface of Master showing that Modbus comms is working correctly through OpenVPN. Tag 1 and Tag 2 are set up for Isdeviceonline () and Getdevicestatus ()

mceclip15.png

Wireshark Capture taken from the DA50A (Master) device with VPN1 set up as capture source and port number of 502.

mceclip16.png

Disclaimer

It is the customer's responsibility to review the advice provided herein and its applicability to the system. Red Lion makes no representation about specific knowledge of the customer's system or the specific performance of the system. Red Lion is not responsible for any damage to equipment or connected systems. The use of this document is at your own risk. Red Lion standard product warranty applies.

Red Lion Technical Support

If you have any questions or trouble contact Red Lion Technical Support by clicking here or calling 1-877-432-9908.

For more information: http://www.redlion.net/support/policies-statements/warranty-statement

 

Related articles

Powered by Zendesk