craisondigital

Remote Access to CompactLogix PLC

12 posts in this topic

Can the PlC be accessed remotely.

If I hook the CompactLogix L32E up to the internet WAN, would it be possible for an engineer to access and make changes to the program remotely?? Or does it have to be done onsite through the LAN.

1 person likes this

Share this post


Link to post
Share on other sites

Much of your answer can be determined if the outside engineer can remotely connect through your company WAN and ping the PLC?  There are many levels of system architecture that can affect this situation.

A popular method today, but requires a PC with the Allen-Bradley programming and communication software already on it...you at the shop floor connect your PC or laptop to the machine, your PC or laptop must be connected to your company WAN, then utilize something like TeamViewer (remote desktop access through internet). 

Share this post


Link to post
Share on other sites

Ahhhh......The eternal battle between the company IT & Security groups and the Engineering group.

 

There are firewall router devices available from Secomea and eWon.  These are meant to provide secure remote access via corporate WANs and utilizing cloud based secure services.  Thus reducing the conflict between engineering and IT.

Share this post


Link to post
Share on other sites
1 hour ago, craisondigital said:

Can the PlC be accessed remotely.

If I hook the CompactLogix L32E up to the internet WAN, would it be possible for an engineer to access and make changes to the program remotely?? Or does it have to be done onsite through the LAN.

Yes, I worked with one company that used the EWON COSY which is an industrial VPN router, look up their website for more details. It allows service techs to access a PLC remotely.

Share this post


Link to post
Share on other sites

+1 for the eWon Cosy. I've used this method quite a bit, including one installation where I used their WiFi version so the customer didn't have to run a physical cable.

If the customer has the programming software and can connect to the internet while online with the PLC, you could also use a remote access software like Teamviewer. I've used this method as well.

Share this post


Link to post
Share on other sites

Thanks for the info.  I don't have the software.  I have a vpn already set up through my firewall at the facility for sales staff.  My idea was to connect this network to the PLC.  I can run the cable w/o issue.  Next, I'm assuming I will need to change the IP, GATEWAY, DNS settings on the PLC to match my existing network/firewall.  Is this done through the programing software?  I found how to do it on the PanelView but not PLC.

If the remote tech now connects to the VPN he should be able to ping/communicate with PLC.  Am i on the right track??

I'm not opposed to the eWon Cosy.  Looks promising, but am wondering if i can do this with the setup I already have.

Share this post


Link to post
Share on other sites

I highly recommend keeping the process network separate from the office network. Main two reasons are to limit traffic on the networks and to increase security. That being said, if you're talking short-term, then it could work.

You can change the IP settings on the PLC using RS Linx Classic, but then you'll have to change the Panelview Plus program to point all the tags to the new address, as well as changing it's own IP settings. The engineer can do that and send you a new runtime file which you can load in using a USB flash drive. (Though it seems the type of flash drive makes a difference. I just walked a customer through this process this morning, and the first drive he tried didn't work.)

Alternatively, you could have IT set up a router or managed switch to bridge the PLC network to the office network without changing the PLC network subnet. You might still have to change the gateway setting on the PLC and HMI, but this won't affect the HMI comms settings.

Share this post


Link to post
Share on other sites

Our IT folks are very tightly controlled from corporate IT in Michigan (we're in Virginia) and things change periodically.  It seems that every time they upgrade the company network we lose access to more PLCs.  Right now, the building is set up with VLANs in the company switches that are completely controlled from HQ in Michigan.  Some of the switch ports will route our static PLC addresses, some won't.  It depends on which VLAN is set up on that switch port, which we have to beg and wait very patiently for corporate to change for us.  the fastest I've seen one reconfigured is about 2 weeks from submitting the ticket to having it complete.

 

What we've done instead:

Each engineer has a laptop with all of the programming software installed.  That laptop stays at the plant and is logged in to the corporate network at all times.  With the blessing of our IT folks, we bought licenses of LogMeIn Pro, which allows us to use a web interface to remotely log into our laptops from anywhere with an internet connection.  We then have full remote control of the laptop without having to have someone local to the laptop give permission at the time.  Anything the laptop sees, we can see.  If we need to help an off-shift electrician with a particular machine, we have them plug the laptop into the machine, then we do our stuff.  This is the cleanest solution we've found with the way our network is set up.  Unfortunately, LogMeIn costs $150/seat/year.  We found a far more cost effective alternative that claims to be just as secure as LogMeIn but we were never able to get our IT folks to respond to our questions, either "yes, it's ok" or "no, don't use it".  So we're stuck with LogMeIn for remote access for now.

We could log in to the VPN with our laptops from home (or anywhere) but that only gives us access to a very few machines in the plant that are successfully networked to the company LAN.

Share this post


Link to post
Share on other sites

What's the alternative you found? I use the free version of Teamviewer, which can do the same thing as LogMeIn, but I really should be using the professional version. Unfortunately it's cost prohibitive.

Share this post


Link to post
Share on other sites

I switched to  RemoteToPC once logmein costs skyrocketed. Only works on windows currently..

Share this post


Link to post
Share on other sites

The alternative we found is Splashtop:

https://www.splashtop.com/

Ironically, I found it by searching the internet to find a way to change our billing information (or turn off automatic renewal) for LogMeIn since it's not easy to find on their site.  Google led me to a post in their forums where someone suggested Splashtop as an alternative.  We could never get our IT to approve (or disapprove) it, though.

Share this post


Link to post
Share on other sites

Yes, you can make changes to the program remotely using tools like on premise R-HUB remote support servers, TeamViewer, Logmein etc. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now