VPN connection ensures safe and secured exchange of private data
Isolated tunnel for data exchange is created between devices
In the PLCnext Technology controllers there is preinstalled OpenVPN software. PLC can be server or client of VPN communication.
After authorization devices can exchange data
To create VPN connection you need certificate, key and configuration files
To generate those files go to openvpn.net
In the „Community documentation” section you will find full description on how to generate those files
You will find it it „2x how to” article
There is a lot of tutorials on the Internet available
The effect of generating is a set of files
To connect PLC with external OpenVPN server, you will need client-specific files and CA certificate
If you’re not generating the files, they should be delivered by OpenVPN server administrator
The only editable file is client.ovpn text file with connection configuration
You need to download certificates and configuration files to the PLC
To download files, you can use any SFTP client, for example WinSCP
While connecting to the PLC with user name „admin”, you will be asked for the password
Default password is printed on the front of the PLC
Place all file in the /etc/openvpn/ catalog
You need to copy: file with CA certificate,
client certificate,
file with client connection key
OpenVPN configuration file
The final step is to establish VPN connection
Log in to the PLC using SSH, for example PuTTY
Enter PLC’s IP address and log in to the admin account
VPN connection must be established with root user credentials
If not yet defined, enter sudo passwd root command
Authorize the command with admin password, and then enter new root user password twice
Log in to the root account using su command and defined password
Go to the /etc/openvpn/ catalog
Use ls -lash command to check if all needed files are in the catalog
Run the connection with OpenVPN server according to the data from configuration file by command openvpn --config client.ovpn
Connection is established correctly, which is displayed in the client panel and in the OpenVPN server
