wagner_sarto
Posts: 1
Joined: Fri Jan 11, 2019 6:12 pm

accessing device connected in eth0

Fri Jan 11, 2019 6:31 pm

Hello,

I am trying to solve the following problem.
I have a TCP / Modbus device connected to the eth0 of my rasp. The wla0 interface is connected to a router with internet access.
Through a VPN (https://www.dynvpn.com) I am accessing by accessing my raspberry, this service provides me an IP, example 44.128.0.2 and through my PC (windows) with IP 44.128.0.3 I can access the rasp in different networks.
My goal is to access the device that is in eth0, any suggestions?

appreciate!

any suggestions are welcome!

Att

User avatar
thagrol
Posts: 1285
Joined: Fri Jan 13, 2012 4:41 pm
Location: Darkest Somerset, UK
Contact: Website

Re: accessing device connected in eth0

Fri Jan 11, 2019 7:07 pm

Two spring to mind but search further for full details on how to do them:
  • A NAT firewall on the Pi with suitable port forwarding for the device on eth0
  • Bridge the Pi's wifi and ethernet interfaces.
Note to self: don't feed the trolls

If I've asked you a question, please answer it. I'm unlikely to be able to help without that information.

User avatar
Joel_Mckay
Posts: 250
Joined: Mon Nov 12, 2012 10:22 pm
Contact: Website

Re: accessing device connected in eth0

Fri Jan 11, 2019 7:30 pm

In general, a good VPN will create a local virtual network device, and sand-boxed networks.
After a client connects to the tunnel, a local IP is assigned for each remote user in the sand-boxed network.
The admin must then decide how to route packets between the sand-boxed area, and other actual LAN areas.
Note, this setup may require manually editing the routing tables rules, checking the clients gateway configuration, and ensuring VPN/IPsec is supported by the routers on each end of the tunnel.
It is very easy to get wrong, which is why CISCO is still in business ;-)

Note modbus/tcp is similar to the era of telnet/FTP, and is notoriously difficult to reliably secure.
Also, running industrial machinery over wifi is a really bad idea from a safety standpoint.

Best of Luck,
J

Return to “Advanced users”