Electrician and IT guy - Electrician Talk - Professional Electrical Contractors Forum
CLICK HERE AND JOIN OUR COMMUNITY TODAY, IT'S FREE!
Go Back   Electrician Talk - Professional Electrical Contractors Forum > Electrical Forum > General Electrical Discussion


Reply
 
Thread Tools Display Modes
Old 12-19-2012, 06:08 AM   #1
Senior Member
 
Join Date: Aug 2012
Location: PA
Posts: 127
Rewards Points: 101
Default Electrician and IT guy

My job is now entailing setting up a web based controller to monitor the control systems we install, and they pushed it off to me to get them on the net for remote access. I'm OK with getting them on the local network, but not too familiar with remote access and port forwarding. Does anyone know of a class available that teaches this type of thing without teaching full blown IT work?

Thanks.
cc2kj is offline   Reply With Quote
Join Contractor Talk

Join the #1 Electrician Forum Today - It's Totally Free!

ElectricianTalk.com - Are you a Professional Electrical Contractor? If so we invite you to join our community and see what it has to offer. Our site is specifically designed for you and it's the leading place for electricians to meet online. No homeowners asking DIY questions. Just fellow tradesmen who enjoy talking about their business, their trade, and anything else that comes up. No matter what your specialty is you'll find that ElectricianTalk.com is a great community to join. Best of all it's totally free!

Join ElectricianTalk.com - Click Here JOIN FOR FREE


Warning: The topics covered on this site include activities in which there exists the potential for serious injury or death. ElectricianTalk.com DOES NOT guarantee the accuracy or completeness of any information contained on this site. Always use proper safety precaution and reference reliable outside sources before attempting any construction or remodeling task!

Sponsored Links
Advertisement
 
Old 12-19-2012, 05:58 PM   #2
NO high voltage here
 
Join Date: Feb 2009
Location: Chicago, IL
Posts: 2,438
Rewards Points: 1,248
Default

www.portforward.com
mikeh32 is offline   Reply With Quote
Old 12-20-2012, 05:02 PM   #3
Senior Member
 
I_get_shocked's Avatar
 
Join Date: Apr 2009
Location: Hackville, USA
Posts: 785
Rewards Points: 516
Default

Just browse around the router its pretty easy to accomplish but its insecure. The device will see a large amount of traffic and attacks. A vpn router is what we recommend.
__________________
last shocked on 6/24
I_get_shocked is offline   Reply With Quote
Sponsored Links
Advertisement
 
Old 12-20-2012, 06:02 PM   #4
Senior Member
 
FlyingSparks's Avatar
 
Join Date: Dec 2012
Location: US
Posts: 1,099
Rewards Points: 502
Default

I just wanted to add that the security of the network is totally dependent on the application you are opening the port for. There is no problem opening a port, as long as the application is secure.

Port forwarding basically uses the public IP address and desired port of the router as the destination for the remote user. The remote user enter the public IP address assigned to the router and the port for that application. The router then internally translates this to the local IP address and port on that machine.

For example:

Router: 187.213.134.138
Application: 192.168.1.28 port 80

When you setup the router the user enters 187.213.134.138:80 and the router knows to act as the translator to 192.168.1.28:80. This is necessary because you cannot get to 192.168.1.28 directly from the internet, it is a local IP not visible to the rest of the world.

All of this is a sub-topic of Network Address Translation.
FlyingSparks is offline   Reply With Quote
The Following User Says Thank You to FlyingSparks For This Useful Post:
Wirenuting (12-20-2012)
Old 12-20-2012, 06:48 PM   #5
Coffee drinking member
 
Wirenuting's Avatar
 
Join Date: Sep 2010
Location: Ceti Alpha V
Posts: 11,959
Rewards Points: 5,504
Default

Quote:
Originally Posted by FlyingSparks
I just wanted to add that the security of the network is totally dependent on the application you are opening the port for. There is no problem opening a port, as long as the application is secure.

Port forwarding basically uses the public IP address and desired port of the router as the destination for the remote user. The remote user enter the public IP address assigned to the router and the port for that application. The router then internally translates this to the local IP address and port on that machine.

For example:

Router: 187.213.134.138
Application: 192.168.1.28 port 80

When you setup the router the user enters 187.213.134.138:80 and the router knows to act as the translator to 192.168.1.28:80. This is necessary because you cannot get to 192.168.1.28 directly from the internet, it is a local IP not visible to the rest of the world.

All of this is a sub-topic of Network Address Translation.
How secure do you think the older DSL routers are?
I've read recently that older routers from ISP's are not very secure.. I looked to see about updating the firmware and its not an option.
Mine is about 10 years old and I was thinking of a new one.. The rest of my network is up to date.. I'm hard wired and the wireless connections are all based on each MAC address so that's not an issue.
__________________
Teacher, my brain is full... Can I go home now?
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Wirenuting is offline   Reply With Quote
Old 12-20-2012, 06:55 PM   #6
Senior Member
 
FlyingSparks's Avatar
 
Join Date: Dec 2012
Location: US
Posts: 1,099
Rewards Points: 502
Default

Thats a good wifi access control strategy that most are unwilling to do. Is it a combo router modem?

Anything 10yrs old likely has some unpatched security holes. I would recommended a netgear router.
__________________

FlyingSparks is offline   Reply With Quote
The Following User Says Thank You to FlyingSparks For This Useful Post:
Wirenuting (12-20-2012)
Old 12-20-2012, 07:48 PM   #7
Coffee drinking member
 
Wirenuting's Avatar
 
Join Date: Sep 2010
Location: Ceti Alpha V
Posts: 11,959
Rewards Points: 5,504
Default

Quote:
Originally Posted by FlyingSparks
Thats a good wifi access control strategy that most are unwilling to do. Is it a combo router modem?

Anything 10yrs old likely has some unpatched security holes. I would recommended a netgear router.
Yes that one is..
The wifi router and all the others are set up as hubs only..
Thanks.
__________________
Teacher, my brain is full... Can I go home now?
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Wirenuting is offline   Reply With Quote
Old 12-20-2012, 07:56 PM   #8
Senior Member
 
I_get_shocked's Avatar
 
Join Date: Apr 2009
Location: Hackville, USA
Posts: 785
Rewards Points: 516
Default

The devices in question are usually very low powered solid state computers. In some cases just the amount of traffic received by port forwarding from a public address can cause the device to stop functioning.

Control systems should never be exposed to the internet and belong behind a firewall. Expose your home network all you wish, but once you introduce things such as site lighting controls, exhaust fan controls, zone temp controls, additional precaution should be taken to avoid unwanted guests (ie firewall/ VPN router).


http://www.washingtonpost.com/invest...6dW_story.html
http://www.net-security.org/secworld.php?id=14121
__________________
last shocked on 6/24

Last edited by I_get_shocked; 12-20-2012 at 08:00 PM.
I_get_shocked is offline   Reply With Quote
Old 12-20-2012, 08:01 PM   #9
Senior Member
 
FlyingSparks's Avatar
 
Join Date: Dec 2012
Location: US
Posts: 1,099
Rewards Points: 502
Default

I was just clarifying that it depends on the application's security. You are right that a ddos attack can take most systems down. In the end it comes down to what the client wants. We have our lighting control and cctv on a seperate network.
__________________

FlyingSparks is offline   Reply With Quote
Old 12-21-2012, 12:27 PM   #10
Senior Member
 
Join Date: Aug 2012
Location: PA
Posts: 127
Rewards Points: 101
Default

Not to sound like an idiot, but soesn't the DNS server keep it more secure?
cc2kj is offline   Reply With Quote
Old 12-21-2012, 12:31 PM   #11
Senior Member
 
FlyingSparks's Avatar
 
Join Date: Dec 2012
Location: US
Posts: 1,099
Rewards Points: 502
Default

DNS turns hostnames into IPs.
__________________

FlyingSparks is offline   Reply With Quote
The Following User Says Thank You to FlyingSparks For This Useful Post:
jeffmoss26 (12-21-2012)
Old 12-24-2012, 07:34 AM   #12
Senior Member
 
Join Date: Aug 2012
Location: PA
Posts: 127
Rewards Points: 101
Default

If I did all my sites with VPN, and they currently didn't have a VPN setup I would need to install VPN software on their network, correct?
cc2kj is offline   Reply With Quote
Old 12-24-2012, 08:12 AM   #13
Senior Member
 
FlyingSparks's Avatar
 
Join Date: Dec 2012
Location: US
Posts: 1,099
Rewards Points: 502
Default

VPN software allows you to remotely connect to your network as if you were there.

To accomplish this there are hundreds of solutions. Routers, windows server, etc. You should talk to your client's IT person to figure out the best solution for them.
__________________

FlyingSparks is offline   Reply With Quote
Old 12-24-2012, 08:23 AM   #14
Senior Member
 
JohnR's Avatar
 
Join Date: Apr 2010
Location: here
Posts: 2,416
Default

You would need to install a VPN server. If they didn't have one. Probably the easiest way for you to do it would be to get the server/ router, and have there IT dept open the DMZ or ports to that new network. Just make sure your that server has a different sub domain than the main network. This would look like 255.255.255.0 in your home network. You Probably should limit how many computers can connect to it by setting the internal subnet to 255.255.255.248 which makes sure only up to 6 devices can be on the network. 2 of which are the router/ server and your control device
__________________
Signed out.

Last edited by JohnR; 12-24-2012 at 08:25 AM.
JohnR is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Journeyman electrician vs navy ship electrician Oscar General Electrical Discussion 11 12-25-2014 08:31 PM
Soon to be electrician needs help Wildcat95 New Member Introductions 22 10-27-2012 02:35 PM
Whats the difference certified electrician and electrician trainee? ludex99 General Electrical Discussion 4 08-17-2010 09:42 AM
30 year electrician but new to electrician talk hiamp New Member Introductions 16 04-05-2010 09:03 PM


All times are GMT -4. The time now is 02:41 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.1
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Our Pro Sites Network
ContractorTalk.com | DrywallTalk.com | HVACSite.com | PaintTalk.com | PlumbingZone.com | RoofingTalk.com