connecting a robot controller to the internet?

Started by victorlin, February 19, 2021, 09:50:57 AM

Previous topic - Next topic

victorlin

I'm wondering if it's possible to put the controller on the internet and control it from the internet.
Obviously there are tons of risks involved with this, and I understand those risks.
Risks aside, I have KukaProxyVar (KVR) installed on my controller, and I have the controller connected to a local offline router.
I can communicate with KVR if I connect to that router.

Now I'm thinking, if I connect that router to the internet, and port forward port 7000, I can then communicate with KVR over the internet, I tried it, but it didn't work.

So i'm wondering if anyone has tried something similar?

Johannes @ Robots in Architecture

Hello Victor,

Some routers offer VPN functionality, so that you can connect from the outside into your local network.
I would recommend that as it's saver than exposing your robot to the net.
The port forwarding should also work, but you may have a router cascade here, i.e. you connected your robot router to another router that connects to the internet? In that case you would need another port forward, I believe, on the router that's directly connected to the net. Also, the accessibility of ports may depend on your ISP as well.
I really like using PacketSender as a tool to troubleshoot such network problems.

Best,
Johannes

victorlin

Hi Johannes,

Thanks for the recommendation about the VPN, I might go that route in the future if I require online connections often.

After a day of googling and testing, I was unable to port forward any connections on KLI.
I've switched over to X47 port, which seems to have much less restrictions, and everything works fine now, just have to be extremely cautious of when I connect the robot online.

victorlin

Update:

previously I changed over to X47 (controller ip 192.168.0.1), and configured the LAN of the router to be 192.168.0.100
this worked great as port forwarding worked with this config, but then would prevent the controller from booting on cold boot (i'm not sure why, maybe the controller would see the router as a internal component and sends it messages that the router ignores?)
to solve this, I changed the router to be 192.168.1.1, and have DHCP pool to be 192.168.0.2-254, which allows access from all local clients, but not VPN clients (port forwarding does not work, because router is not on the same subnet as controller? i think)

I've looked into the VPN suggestion, and found that my router does have this option, after setting up openVPN on it, I am able to connect to the router with openVPN.
But I cannot access the controller 192.168.0.1, I can access everything else on that local network tho, my guess is that 192.168.0.1 is somehow special and not being routed through openVPN
my remote local network uses 14x.x.x.x so it's not an issue of my remote local network intercepting anything
side note: by default VPN clients are given 10.8.0.x ip range, I did test changing local client to 192.168.0~126 and VPN to 192.168.0.128~254 but that didn't work either, so it's not a issue of subnet

Quotemy guess is that 192.168.0.1 is somehow special and not being routed through openVPN
would it possible to change the controller ip from 192.168.0.1 to  192.168.1.100 so I can test this theory?
I've heard changing the internal ip of the controller often results in them bricking/not booting

Another thing I could try is switch back to KLI, and see if that works with openVPN, but then I lose the ability to remote desktop....
Kuka makes things so complicated...

Thanks

Johannes @ Robots in Architecture

But do you need the Windows RDP? You could just switch to something else like VNC that uses its own server software and not the RDP protocol. That approach has got its own safety implications, but you can give it a try. E.g. https://www.tightvnc.com/
You will need to forward the relevant ports in the KUKA's NAT settings.

And yes, definitely do not change any internal IP addresses or at least do a full HDD image before playing with the settings.

Best,
Johannes

victorlin

#5
just installed tightVNC, but it's not displaying the vertical HMI correctly, how do i configure this?
ran tightVNC as application instead of service and that fixed it

Johannes @ Robots in Architecture

Sorry, no idea unfortunately... But that looks solvable. You could also just try one of the many other VNC alternatives and see if it works there.

Best,
Johannes

victorlin

Hi Johannes,

Thanks for the replies, this is a final update.
After tons of testing all possible configurations, even after switching to KLI port+VPN, it still doesn't work.
I've given up on directly accessing the controller from the internet.

Moving forward, I'm going to setup an always on PC that'll route traffic to the controller.
Seem redundant, but it's the only method I've tested so far that has produced any results.

Victor

Johannes @ Robots in Architecture

Hello Victor,

Thanks for letting me know. Just FYI there are of course KUKA solutions that work well like the Virtual Remote Pendant (an approved remote desktop with some additional functionality) and the KUKA cloud service itself. But they will charge you for it.

Best,
Johannes