We maintain BMS controllers in customer buildings. This requires us to access both a server on site (providing a web-based frontend), and the individual devices on their LAN. In most buildings, the IT department will either open the ports we need, or provide VPN access. However some of the buildings don't have IT departments. They have a cable or DSL connection for building management and/or public wifi use, and we're expected to just "do whatever you need to do" to get remote access. When the router password is the default, we set up the forwards we need.
But there are a few buildings where either the password was changed at some point in the distant past (and nobody currently employed at the building knows it), or they have those infuriating "cloud" routers where you need the actual ISP account info to access it. For these buildings, we use teamviewer to at least get access the to the server and web UI for the system. This is mostly sufficient, but any major changes require direct access to the controllers themselves.
Teamviewer is able to create a VPN on a virtual network adapter. What I want to do is connect to our devices on the remote LAN by using the remote server to route between the virtual adapter and the physical adapter. I found a program called Multi Port Forwarder that appears to be able to do this, but the specific setup for this use-case is slightly above my capability. I've read the (limited) online help documentation, but they don't have an example that is doing quite what I am trying to accomplish, and the help screenshots are from an older version with slightly different config options.
For the connection I'm currently trying to set up, my TVVPN IP address is 7.150.157.92, the remote server's TVVPN address is 7.81.229.26, the remote server's LAN address is 192.168.0.108, the LAN address of the remote device to which I'm trying to connect is 192.168.0.240, and the port on which I need to connect is 4911.
I have MPF installed on the remote server and have both remote desktop and VPN connections established with teamviewer. Here's my best guess as to how MPF needs to be configured. I point my controller programming tool at 7.81.229.26 and attempt to connect to the controller over port 4911, but no joy. The activity monitor on MPF lights up, so it's seeing the incoming request at that port and triggering the rule, but either it's not passing it to the LAN, or it's passing it in some weird way so that a proper connection can't be established. I've tried fiddling with various settings and turning things on and off, but none of my fumbling has been successful.
What am I doing wrong?
No comments:
Post a Comment