SCADADroid VPN server tutorial
There are 3 different options for accessing SCADADroid units and the network behind them (PLCs, RTUs etc.). Port forwarding, private VPN servers and a Reonix hosted VPN server. Below are step-by-step guides and instructional videos on how to implement these solutions.
1. Port Forwarding
- With your computer connected to the SCADADroid unit, open a web browser and type the IP address of your SCADADroid (default IP is 192.168.1.15)
- Enter your username and password
- Under Cellular Settings copy the IP address and paste it into a new browser tab to test if you can connect to the unit from the internet, and then close that tab
- Click Settings under System tab
- Scroll to Internet Connection and for Preferred Connection select “Cell”
- For “Use this device as a network gateway” select “Yes”
- Click Save
- Scroll to the Port Forwarding Table and click “Add Port”
- Fill in the fields for the external port you wish to forward, “Target IP” will be the IP address of the SCADADroid unit
- Scroll to Internet Connection and for Preferred Connection select “Cell”
- Click on the Overview tab
- Click “Reconnect” Next to Data Status under “Cellular Settings”
- Next to “Cellular Settings” title, “Default Internet Route” should appear)
2. Host Your Own VPN Server
- Download SoftEther VPN Server software
- Select Software: SoftEther VPN (Freeware)
- Select Component: SoftEther VPN Server
- Select Platform: Choose your operating system
- Select CPU: Choose your computer’s CPU
- A list of file installation will appear, choose SoftEther VPN Server and SoftEther VPN, most recent version
- Install the file
- When prompted to “Select Software Components to install” choose “SoftEther VPN Server”
- Choose “Launch SoftEther VPN Server”
- Setting up SoftEther VPN Server
- Enter a new username and password when prompted
- When “SoftEther VPN Server/Bridge Easy Setup” window opens, click “Close”
- When prompted “Do you want to setup the IPSec?”, select “Yes”
- When “IPSec/L2TP/EtherIP/L2TPv3 Server Settings” window opens, click “Cancel”
- "Manage VPN Server ‘localhost” window
- Select “DEFAULT” under “Virtual Hub name” and click Delete
- Click “Create Virtual Hub”
- Enter Hub Name, Admin password and confirm password, Click OK
- Select your new Virtual hub and click Manage Virtual Hub, then click Manage Users
- Click Create New User, enter a username and password and click ok
- Click Exit and Exit again
- Click OpenVPN/MS-SSTP Setting
- Click “Generate a Sample Configuration File for Open VPN Clients”
- Save the File and Open it
- Move the OVPN File with the extension “site_to_site” to DesktopYou will need to have a static IP or setup a DNS with your external IP (we use https://www.noip.com/
- Click “Generate a Sample Configuration File for Open VPN Clients”
- You will need to have a static IP or setup a DNS with your external IP (we use https://www.noip.com/)
- You will need to add 4 port forwarding rules to either your internet router or SCADADroid that you are using as a router (see image below)
- The target IP is the static IP of the server
- Open OPVN file on desktop with Notepad
- Find the section for “The destination hostname / IP address, and locate the destination hostname line (ex. “remote vpn938105771.v4.softether.net 1194”) and enter the DNS hostname you obtained in the previous step (ex. remote DNSHOST 1194”)
- Find the line “auth-user-pass” and change to “auth-user-pass “etc/openvpn/auth”
- Below this line include the following lines for bridge configuration:
up “/etc/openvpn/up.sh
down “/etc/openvpn/down.sh”
script-security 2
route-nopull
- Save and close the file
- Open your web browser and enter the IP address of your SCADADroid (default is 192.168.1.15)
- Under System > Settings tab, scroll to the VPN configuration file box and upload the OPVPN file from your desktop
- Enter your username and password in the VPN configuration box and click Save
- Click Enable next to VPN status and below the VPN configuration file box
- Under System > Settings tab, scroll to the VPN configuration file box and upload the OPVPN file from your desktop
