Announcement

Collapse
No announcement yet.

View Sitelink Data Usage

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Brandon_
    replied
    Originally posted by OkiePC View Post

    Do look into AuthSMTP for your email problem, it's a very small price to pay for a solution that just works.
    That doesn't really solve the problem though. My C-More can send authenticated email, the problem is the Sitelink is blocking DNS requests, so you have to manually resolve the IP and use that. While mail server IP's generally don't change, it's certainly possible that my server or even AuthSMTP's server will eventually one day change. If we used "mail.authsmpt.com" as the server and they changed from 123.123.123.123 to 170.170.170.170, nothing would break since the C-More would just resolve a new IP when they change servers. Using a static IP breaks that. (I realize you probably know much of that, just clarifying for those reading that may not understand the reasons behind it)

    Leave a comment:


  • OkiePC
    replied
    Originally posted by Brandon_ View Post
    Disable DHCP and set everything as static. Unless the user plugging in knows the the IP of the class C network, they would never "get on" the network.

    The email issue that I'm having issues with is simply that it can't resolve a FQDN. That's an issue when your provider bounces around IP's.
    Yes, I did disable DHCP, so yeah, they would have to be trying really hard and way more tech savvy that this particular operator for me to really be concerned about opening up LAN -> WAN Internet.

    Do look into AuthSMTP for your email problem, it's a very small price to pay for a solution that just works.

    Leave a comment:


  • Brandon_
    replied
    Originally posted by OkiePC View Post
    Just an FYI about emails. For my HMI to send emails, In my Sitelink device I had to enable the firewall option for internet access LAN -> WAN. Without that enabled, the HMI could not ping the email server or succeed in sending them. With it enabled, my outgoing emails work.
    That is expected behavior. Without LAN > WAN access enabled, the only thing the VPN can access is the user endpoint (IE, Ixon client). The LAN > WAN access allows access to the "internet" rather than just the tunnel to the remote user.

    ]This should not be a problem for my end users, but it might be beneficial if the Sitelink allowed more specific access to be granted like only allowing SMTP protocol or certain ports to be opened up. I can't imagine someone opening the PLC panel and plugging in to watch Netflix from the little water plant I am putting this in, but somewhere someday somefool will think of it.
    Disable DHCP and set everything as static. Unless the user plugging in knows the the IP of the class C network, they would never "get on" the network.

    The email issue that I'm having issues with is simply that it can't resolve a FQDN. That's an issue when your provider bounces around IP's.

    Leave a comment:


  • OkiePC
    replied
    Just an FYI about emails. For my HMI to send emails, In my Sitelink device I had to enable the firewall option for internet access LAN -> WAN. Without that enabled, the HMI could not ping the email server or succeed in sending them. With it enabled, my outgoing emails work. This should not be a problem for my end users, but it might be beneficial if the Sitelink allowed more specific access to be granted like only allowing SMTP protocol or certain ports to be opened up. I can't imagine someone opening the PLC panel and plugging in to watch Netflix from the little water plant I am putting this in, but somewhere someday somefool will think of it.

    Leave a comment:


  • Brandon_
    replied
    I got some info back from engineering today.

    I was correct that there is simply no way to directly connect to the VPN via mobile at the current time. In Okie's instance, a HTTP service was added to the Sitelink config pointing towards the RedLion's IP. The Redlion has an internal web server that allows you to access that data. It's basically a port forward through a secure tunnel. Unfortunately for C-More users, a HTTP port forward doesn't do anything beneficial for us (or at least, me). We need a direct connection to be able to use the C-More mobile app and at the moment, that is a huge limitation of the Sitelink platform that Cosy does not have as a limitation.

    Leave a comment:


  • OkiePC
    replied
    Originally posted by Brandon_ View Post

    It very much sounds like the Sitelink is configured to pass traffic to the corporate network via port forwarding (this is an option in the config of each router). So even through you're connected to the shop wifi, it still passes traffic through behind the VPN. This would be a completely expected and normal scenario with any VPN configured as such.



    From what I can tell, there is no way to connect Android or iOS to the VPN if you're off of the local network. There is no cloud-based connection (unless I'm completely blind). You can edit config and such from the mobile site, but there is no way to connect. You can see that the VPN is "Online" but you're not connected to it, you're connected to AD / Sitelink's management portal that has no connection to the router.
    I do not have the options enabled in my device firewall for Lan > Wan or Wan > Lan.

    I can connect to the web browser in my HMI from anywhere with my personal Android phone which uses Verizon as the provider. So the app does get through the VPN, even though there is no "connect" button, it does work. Yesterday when I was talking with tech support, I think he said that the phone app is always connected when running, so there is no connect button like with the PC based VPN app.

    EDIT: I have been corrected in an email with tech support: "I saw your last post on the forum and wanted to clarify. The connection from the phone/SiteLink app to the cloud is encrypted through HTTPS at all times, but it is not connected by VPN. VPN is currently not supported on the mobile devices. The reason Brandon and others want mobile VPN is because it allows them to connect by the C-more mobile app and control C-more devices remotely from their phone. You are able to securely connect and control through the SiteLink app to the webserver for the Red Lion HMI. The C-more webserver only allows viewing data, not control."

    Here is a screenshot from my cellphone which is not connected to the shop wifi:
    Click image for larger versionName:	Screenshot_20180222-104110.pngViews:	1Size:	204.3 KBID:	111499
    Last edited by OkiePC; 02-22-2018, 04:32 PM.

    Leave a comment:


  • Brandon_
    replied
    I too just ran into the issue with using a FQDN for the email server. sub5.mail.dreamhost.com doesn't fly, but the resolved IP does. Cosy has no problem with the original configuration. I'm tempted to use 8.8.8.8 in the C-More for a DNS server , but at this point I'm scared to make such a config change since I no longer have physical access to the panel.

    Leave a comment:


  • Brandon_
    replied
    Originally posted by OkiePC View Post
    A/D Tech support has contacted me about my concerns and let me know that the usage data will soon be available. They also got an understanding about my confusion with the Android application. And for my work phone not working right, we have replicated the issue with my boss' phone. It seems that when we are connected to our shop wifi, the connection works fine. This is the same wifi that the Sitelink uses for internet access. When I turn off wifi on my work phone, it can't connect. Not sure under the hood why this is a problem, but it has something to do with the same wifi information being present in the Sitelink and our phones or the fact that my phone is "remembering" a path that I later make unavailable. In any case, we have some things for them to chase down.
    It very much sounds like the Sitelink is configured to pass traffic to the corporate network via port forwarding (this is an option in the config of each router). So even through you're connected to the shop wifi, it still passes traffic through behind the VPN. This would be a completely expected and normal scenario with any VPN configured as such.

    As for Brandon not being able to use it as a VPN connection, I think what the manual is saying is that it is not a direct VPN connection, but will be cloud based when using a phone. I would expect that you can still use a phone based VNC viewer through the Sitelink app to do what you want.
    From what I can tell, there is no way to connect Android or iOS to the VPN if you're off of the local network. There is no cloud-based connection (unless I'm completely blind). You can edit config and such from the mobile site, but there is no way to connect. You can see that the VPN is "Online" but you're not connected to it, you're connected to AD / Sitelink's management portal that has no connection to the router.

    Leave a comment:


  • OkiePC
    replied
    A/D Tech support has contacted me about my concerns and let me know that the usage data will soon be available. They also got an understanding about my confusion with the Android application. And for my work phone not working right, we have replicated the issue with my boss' phone. It seems that when we are connected to our shop wifi, the connection works fine. This is the same wifi that the Sitelink uses for internet access. When I turn off wifi on my work phone, it can't connect. Not sure under the hood why this is a problem, but it has something to do with the same wifi information being present in the Sitelink and our phones or the fact that my phone is "remembering" a path that I later make unavailable. In any case, we have some things for them to chase down.

    As for Brandon not being able to use it as a VPN connection, I think what the manual is saying is that it is not a direct VPN connection, but will be cloud based when using a phone. I would expect that you can still use a phone based VNC viewer through the Sitelink app to do what you want.

    Leave a comment:


  • Brandon_
    replied
    Interesting.

    I guess I'm an isolated incident? I would blame it on the P2K PLC at the other end as they've had network connectivity issues in the last revision of the software, but my C-More panels are taking and absurdly long time to transfer as well. What takes 20 seconds when I'm local to the panel or PLC is taking 2-3 minutes. As I'm remotely programming a PLC right now while another guy is on site, 1 minute runtime transfers are getting incredibly annoying.

    I did just realize that I was on firmware 3.1 (current is 3.5). It's in no way obvious that there is a firmware update if you do it from a PC. It wasn't until I logged in with my Galaxy Note 8 that I saw the firmware update notification. I updated, no change in performance.

    Nail in the coffin was pounded in tonight. I assumed that since there is an iOS and Android app, that would allow remote VPN so I can at least remotely do troubleshooting via C-More. I was completely unaware until I read the section in the manual that you cannot establish VPN connections via iOS or Android.

    Back to eWon Cosy's I guess. I REALLY wanted to love this VPN. The built in wifi AP is fantastic and something that I have begging eWon for so that I don't have to hang an external AP off of it (I buy the wifi model but never use the wifi for internet connection). The speed issues and lack of Android VPN connectivity are deal breakers for me.

    Leave a comment:


  • OkiePC
    replied
    I am not having any problems uploading and downloading to a Micrologix 1400 and Red Lion G15 using the VPN. It took 51 seconds to upload all programs and data from the ML1400. It took 20 seconds to extract the image from the G15 using Crimson 3.0. I just did this from a hotel room in Denver reaching across the web to our office in Oklahoma.

    My work phone will no longer connect at all to the HMI webpage. My personal (Verizon) phone works flawlessly even with a poor cell signal. Both phones are Samsung Galaxy S7, the work phone is the "Active" ruggedized variant with AT&T as the provider.

    Leave a comment:


  • tpeery
    replied
    PLCnut, Yes, before using the SiteLink Router I have used a Verizon HotSpot. The Default Gateway has been set properly in both situations and with the same result. The system works flawlessly with DHCP. However once you change all settings to static it will not resolve the name of any email server. So the email server has to be set to a static IP address.

    Leave a comment:


  • plcnut
    replied
    @tpeery,
    When setting up the Cmore to a static IP, are you entering your Sitelinks LAN IP as the gateway? Or are you leaving it at 0.0.0.0?​​​​​​
    ​​​​

    Leave a comment:


  • tpeery
    replied
    Hello Okie,

    I have not had any problem with email being authenticated. I had set it up on my personal Verizon account using my personal profile and servers. It worked fine. When I set up the Gmail account I had to change a security setting in account settings to allow less secure apps to have access and the smtp authentication works. I am however only using one account, and one Cmore at this time. I have not attempted any phone apps to view the system over VPN but I have viewed the web server via my home PC and it worked well with hardly any delay.

    My Email problems have all been with DNS. I have upgraded to the latest firmware and it made no difference in this area. I have two Cmores and both of the operate the same. See attached image of email set up. It will only work with a static email server address.

    for Brandon I have not attempted to load any program remotely so I can not comment on delay issues.
    Attached Files

    Leave a comment:


  • Brandon_
    replied
    Is anyone having issues with their Sitelink other than what has been talked about above?

    I'm seeing huge delays in transfer times of programs. IE, update a C-More display is taking 2-3 minutes, locally it would be 30 seconds. The local internet connection is 1g fiber (900/870 typical speeds), remote is 100 down / 5 up (so effectively I have a 100mbps link between the two locations).

    The biggest issue I'm having is similar to above, but 90% of the time if I do a stop mode transfer to a PxK, the transfer fails. Massively compounding the issue, when a stop mode transfer fails, it loses the static IP I had set in the program and it goes out and grabs an IP from DHCP. Great that it has an IP, horrible that I have no idea what IP it is to reconnect to it. Even runtime transfers take ~60 seconds.

    Leave a comment:

Working...
X