PLC HMI VNC Access

#1

My application is remote access to my PLC controllers HMI, I have a Compactlogix PLC processor with a PanelView Plus 7 HMI display.
The PLC network is on a static network on the Max-BR1- Mini LAN port, I have VNC enabled on the PVP7 HMI, I’m using Tight VNCs application called Ripple for Android.
I can get the remote HMI access on the WiFi to work perfectly, but I have tried to Port Forward the HMI static IP to my Cellular Public IP, I’ve tried to NAT the HMI Static IP to my Cellular Public IP.

Has anyone out there tried this previously and can give some advice?

Steve

#2

Is your cellular public ip , a public routable ip address? A lot of providers do not provide a routable ip address. What provider is it, and what are the first three octets of the ip address?

1 Like
#3

Yes, the static public IP provided by AT&T starts with 166.130.103.80
I can ping the unit from the internet

#4

Tell the ports that you’ve opened with this website.
https://www.yougetsignal.com/tools/open-ports/

If it’s still not working post a screenshot of your port forward or reference the setup here:
https://forum.peplink.com/t/how-to-configure-inbound-port-forwarding/8268

1 Like
#5

The port availability on the static Public IP I was issued from AT&T
is attached

#6

You suggestion of following the port forwarding at the following link
https://forum.peplink.com/t/how-to-configure-inbound-port-forwarding/8268
It says " go to ***Network>Inbound Access>Servers>Add Server to define a new server."
my version Firmware does not follow as the same paths, my firmware version is
7.1.0s021 build 2883, there is no mention of “Peplink Balance” in my version

That is one of the things that is so confusing about Pepwave in general

under my version, under “Network” there is no “Inbound Access”

#7

On the MAX line of routers you find port forwarding under the “Advanced” tab. Please see section 16 of the manual (p. 119 and onwards) available at https://download.peplink.com/manual/pepwave_max_firmware_manual-fw7.1.1.pdf.

I hope this is of assistance.

Cheers,

Z

1 Like
#8

Yes, I have that version of the manual, and I still can’t get my application to get to my controller thru the internet connection.

#9

Regardless of what I set for inbound access, I can’t access the IP server specified

#10

I have even tried NAT Mapping, see my NAT rule

#11

Try to disable the NAT mapping, and specify the individual TCP Port on port forwarding.

1 Like
#12

That was the first set up I tried, port forwarding using TCP protocol using port 80
port 80 was also used for the admin
next I tried any port to see if anything would go thru

#13

Some providers block common ports, have you tried a random one like 5901 mapping to it’s real port, I assume 5900?

1 Like
#14

the application does work over the wifi connection on port 5900, I tried porting 5900 thru to the cellular connection, but it didn’t work either

#15

On the Verizon SIMs we use for our customers we can assign a public ip address to them and then also specify if the sim is restricted or unrestricted. If restricted it blocks all inbound traffic. You may want to followup with your provider or check your plan details.

1 Like
#16

I’ve contacted AT&T and they are telling me that my SIM card is open there are no inbound / outbound restrictions.
I can access the admin over the internet and can ping the node i need to reach on the LAN side.
I’m starting to think instead of just Port Forwarding or NAT Mapping the IP on my LAN to the Cellular WAN, I should be using one of the VNC functions.
I’m trying to use TightVNC to a remote static IP on my LAN, the static IP on my LAN is a ALLEN BRADLEY PanelView Plus 7, with TightVNC Server built in.

#17

@Scorless

The easier way to troubleshoot this is to perform packet capture at the BR1 Mini and open the captured results using Wireshark to check whether the traffics is port forwarded or NAT Mapping.

You can do this via the support.cgi.

If you found the traffics is not mapped correctly, please open a support ticket for support team to check.

1 Like
Forwarded port shows as "Stealth" in GRC Port checker
#18

your software version must be different, I don’t recognize this page you posted.
However I did set a NAT rule and on the status tab UPnP / NAT-PMP and look at the forwarded ports, and none appear, can anyone tell me why, even when NAT-PMP is enabled

#19

You need to remove the index.cgi page on the url address bar and replace it with support.cgi then you can access the page above.

1 Like