Reaching Remote Mobile Device Without Having a Static IP Address .

I have a Raspberry Pi  which is located in a remote place. The only communication methods can be established  is to use 4G LTE cellular networks with no static IP address provided. Can I reach my Raspberry Pi from my computer or from my smartphone, also assuming both devices don’t have static IP addresses ?  Absolutely. As long as there is a SSH server which has a static IP address that  can be accessed from both sides, I can retrieve or send data from my computer to Raspberry Pi.

Raspberry Pi needs to establish a route using reverse tunnel or known as a remote forwarding. It routes a traffic to local machine which in this case is “my computer” or other destinations. Since my computer doesn’t have a static IP address, the traffic can be routed to SSH server which has a static IP address.

For all connections here, we use private and public keys so we will not be required to enter password everytime we connect to the server.

SSH Reverse Tunnel or Remote Forwarding.

On Raspberry pi we will enter the following:

ssh -v -i /home/pi/serverkey -R 5112:localhost:22 -p 22 myaccount@107.175.72.199

My user id on ssh server is myaccount. For connecting to the server , it has a port 22 for ssh and an IP address 107.175.72.199. Serverkey which is stored in directory /home/pi  is a private key which has to match a ssh server public key.

Here is the important part:

-R 5112:localhost:22

-R means remote forwarding. It will route port 22 on Raspberry pi to destination port 5112 which is located on ssh server.

-i identify file.

-v verbose.

SSH Tunnel or Local Forwarding.

On my computer which has own a ssh server , I can access destination port 5112 that will route the traffic to Raspberry Pi port 22 using following command:

ssh -v -i /home/mycomputer/serverkey -L 5112:localhost:22 -p 22 myaccount@107.175.72.199

I can also connect the Raspberry Pi using my phone with a SSH client installed.

After connection established and able to login to 107.175.72.199 server, the last step is to login to Raspberry SSH terminal:

ssh -i pikey -p 5112 pi@localhost

pikey is  an identity file for a private key that must match Raspberry pi public key.

 

Using 4G LTE hat on Raspberry Pi to bypass hotspot throttling.

 

 

 

 

 

When we signed unlimited data plans from wireless carriers such as T-Mobile, AT&T etc , it is by no means that we will  get unlimited bandwidth from those plans. We know we can use our cellphones for hotspot tethering but those carriers will slowdown the data speeds and will throttle the bandwidth significantly.

Some of  methods to avoid tethering detection is by changing  TTL (Time To Live) values ,or rooting the phone.

Here I will show another trick to avoid tethering data slowdown by using 4G LTE hat on Raspberry Pi 3B.


TOOLS:

1. Rapsberry Pi 3B.

2. 4G LTE hat from Sixfab.  Quectel EC25 module using ECM mode is used here.

3. SSH Client (Termium or other SSH program/apps).

4. Web browser client which has proxy settings , for this setup we will use  Firefox web browser.

STEPS:

1.Settings up Raspberry Pi 3B as an Access Point using bridge mode.

https://docs.sixfab.com/page/setting-up-a-raspberry-pi-as-an-lte-hotspot

After following the step above you will have several files which works together to  create a bridge  between wlan0 and usb0. I have modified mine that let users to access eth0 using ethernet cable. Most likely you will have different files compared to mine.

These files are installed on my Raspberry Pi running on Debian Buster.

/etc/network/interfaces
 
  1. cat /etc/network/interfaces
  2. # Bridge
  3. auto br0
  4. iface br0 inet dhcp
  5. bridge_ports usb0 eth0 wlan0
/etc/dhcpcd.conf
 
  1. cat /etc/dhcpcd.conf
  2. denyinterfaces wlan0 eth0 usb0
  3. interface eth0
  4. interface usb0
  5. interface wlan0
  6. interface br0

 

/etc/dnsmasq.conf
 
  1. cat /etc/dnsmasq.conf
  2. interface=wlan0
  3. bind-dynamic
  4. domain-needed
  5. bogus-priv
  6. dhcp-range=192.168.42.150,192.168.42.200,255.255.255.0, 24h
/etc/hostapd/hostapd.conf
 
  1. cat /etc/hostapd/hostapd.conf
  2. interface=wlan0
  3. bridge=br0
  4. driver=nl80211
  5. ssid=tapbridge
  6. hw_mode=g
  7. channel=6
  8. macaddr_acl=0
  9. auth_algs=1
  10. ignore_broadcast_ssid=0
  11. wpa=2
  12. wpa_passphrase=yourpass
  13. wpa_key_mgmt=WPA-PSK
  14. wpa_pairwise=TKIP
  15. rsn_pairwise=CCMP
  16. ieee80211n=1
  17. wmm_enabled=1
  18. ht_capab=[HT40][SHORT-GI-20][DSSS_CCK_40]

 

2.Internet connection settings.

https://docs.sixfab.com/page/internet-connection-with-quectel-ec25-by-using-ecm-mode

3.After doing all steps above, verify that the bridge networks appear on terminal screen  by typing “ifconfig”. It will looks like something like this:

ifconfig
 
  1. pi@pibridge:~ $ ifconfig
  2. br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
  3. inet 192.168.225.55 netmask 255.255.255.0 broadcast 192.168.225.255
  4. inet6 fe80::36c0:f9ff:fe34:dac5 prefixlen 64 scopeid 0x20<link>
  5. ether 34:c0:f9:34:da:c5 txqueuelen 1000 (Ethernet)

Your bridge IP address probably look different.

4.Check your internet connection.

ping google.com
 
  1. pi@pibridge:~ $ ping google.com
  2. PING google.com (173.194.77.100) 56(84) bytes of data.
  3. 64 bytes from gc-in-f100.1e100.net (173.194.77.100): icmp_seq=1 ttl=98 time=62.9 ms

If yours is showing timeout or unable to reach  ,you need to check back step 2.

5.Install SSH client on your laptop/desktop or smartphones.  I use Termius as an SSH client on my laptop.

On my laptop I connect my wifi to “tapbridge”. That is ssid name on /etc/hostapd/hostapd.conf. You can create or change with different ssid name  and different password. If you are unable to connect to Rapsberry Pi , verify your first step (step 1), make sure you got the right configurations.

6.Create  a new host on Termius. My host address “192.168.225.55”, in case of yours, type “ipconfig” to see your bridge IP address.

Address: 192.168.225.55

General : “LTE wlan0 “, it is the name I created  to use together with Port Forwarding settings.

SSH on port 22.

credentials:

login: pi ( use yours , or it will be the same for default Raspberry Pi)

password: (your own raspberry Pi password) . Instead of password I use SSH-key so it will connect the Raspberry without entering password every time I need to login.

7.Create a new Forwarding on Termius.

Select the port forwarding type: Dynamic.

Dynamic port forwarding turn Termius into a SOCKS proxy server.

Label: cellular_sock ( create your own)

Local port number: 7777 ( you can choose any unused port number or uncommon port number), we will use this number for web proxy settings.

Bind address: 127.0.0.1

Intermediate host: LTE wlano ( it must match host name settings above).

8.Firefox web browser proxy settings.

Go to “settings” and “Network settings”. choose “Manual proxy configuration”.

SOCKS Host: localhost , Port:7777

choose :SOCKS v5. and press “OK” to save it.

9.Connect to 4G LTE with SOCK -5 configuration.

On Termius , go to “host’ and  click on “LTE wlan0”. this SSH will connect to Raspberry Pi. To get port forwarding running , go to “Port Forwarding” and click on “cellular_sock”. These chain connection will fire the SOCK proxy and you will able to browse Internet without tethering limitation.

Before without proxy  and After proxy data speed testings:

 

 

 

How to read and troubleshoot analog 4-20mA loop devices .

trubleshooting

Here is a part of simplifying of PLC wiring diagram at a water treatment plant (see picture above). There are three transmitters that connect to a PLC  analog current input module and with some reasons, they mysteriously failed to work at the same time at the same PLC module. Of course this event is rarely happened in real instrumentation field !. This example just to give idea what we are going to encounter in the field and how to solve these problems.

Most 4-20  signal generators or process meters sold in the market provide basic modes such as: source, simulate  and to generate at least 24 Vdc for powering the loop. We will use our tool: 4inONE-4to20mA signal generator and a trainer in these examples.

Case 1.

A Cl2 Analyzer device powered by 110 VAC (AIT). The range was between 0 -10 mg/L(ppm). It showed 4.9 mg/L on device display itself but it showed 0 reading on SCADA monitor.

-> Check the analog output of Cl2 Analyzer. If the current reading  shows approximately 12 mA, the problem should be somewhere else than the transmitter itself. Check the fuse and wire, make sure no blown fuse or broken loop. Open the loop, remove Isolator block (iso) and connect the probes  in “SOURCE” mode like showing on the picture A. ON android app, set the source to “12” mA.

420source Picture A.

If SCADA reading shows around 5 mg/L, the most likely failure come from Isolator block, otherwise we might have a faulty PLC analog current module.

Case 2.

A two-wires Flow Meter(FIT) which has range: 0-10 MGD indicated  8.75 MGD on its display but only showed 2.5 MGD on SCADA monitor.

->Let find both values in mA.

mA= (U/Ufs*16) +4 

mA=reading in mA, U=reading in MGD , Ufs=Full scale of MGD

mA1=(2.5/10*16)+4 = 8 mA , mA2 =(8.75/10*16)+4 = 18 mA

To verify PLC input module that connect to two-wire transmitter, we need to connect the probes on “SIMULATE” mode like showed on picture B. Set android app to “18” mA. Make sure there is no blown fuse or broken loop.  If  SCADA monitor shows much less than 8.75 MGD, The problem might come from a bad PLC input module or  PLC/SCADA scaling errors.

420simulatePicture B.

 

Case 3.

.A two-wires Level Transmitter (LIT) will shut down intermittently and will show erratic current readings.

-> Check Transmitter operation by connecting probes on “LOOP POWER” mode . (picture C). Monitor current reading on Android app.

420loop Picture C.

Replace Level Transmitter if the problem persists. If not continue to next step. Remove isolator and check existing 24 Vdc voltage. Using autographic and data logging on Android app, connect the probes like showed on picture D. Monitor current loop  trending  without isolator block installed.

420readingPicture D.

note:

AIT = Analytical Indicating Transmitter

FIT =Flow Indicating Transmitter

LIT =Level Indicating Transmitter

 

 

 

Read Allen Bradley tags using Python 2.7 and pass the values to node-red.

 

dew

Read and write  Allen Bradley tag values using  python which utilize Common Industrial Protocol (CIP) on Ethernet/IP. This method will work on Controllogix and Compactlogix PLCs. The script  will be executed in Node-red and the return value will be displayed on dashboard and can be read on wireless devices such as tablets or smartphones.

Requirements:

1.Raspberry pi 3 (Jessie).

2.Node-Red (It was already installed in latest Jessie but  we might still need to get update to work with dashboard node).

3.Dashboard node. Here is the link to get this node:

https://flows.nodered.org/node/node-red-dashboard

4.python 2.6 or newer.

5.Python CIP library.

Get the library and code example from the following link:

https://github.com/dmroeder/pylogix

Step 1 :

If you follow on my previous article, you can switch Raspberry 3 pi to AP mode. Assign eth0 to static IP address. For  example : wan address: 192.168.42.1

static eth0  IP address : 192.168.60.50

Connect PLC networks to Raspberry ethernet port. Make sure there is no conflict between Raspberry eth0 static address with gateway or PLC IP addresses. To access raspberry pi via tablets or smartphones you can use android app such as VNC viewer or ConnectBot. Alternatively you can also use VNC viewer or PuTTY on Windows version.

Step 2.

Use pylogix library to get a taglist and to read a tag value from PLC. Here is the example of  python script to read “VLV_O3_HEADER_ISO_ZSC” tag from Controllogix PLC with IP address: 192.168.60.104.

plcread.py
 
  1. from eip import PLC
  2. comm = PLC()
  3. comm.IPAddress ="192.168.60.104"
  4. def ex_read():
  5.   ret = comm.Read("VLV_O3_HEADER_ISO_ZSC")
  6.   print ret
  7. ex_read()

 

Step 3.

Start node-red. To get return value from python script, we need to put plcread.py on “EXEC” node.

Edit exec node:

node2

Step 4.

Build a flow.

node1

 

 

 

Another “Swiss Army Knife” for PLC Networks : Raspberry Pi 3

network

We can turn Raspberry pi 3 as  AP(Access point) and can be utilized with wireless devices to scan PLCs or field devices network.

Requirements:

1.Raspberry pi 3

2.Power Supply (for Raspberry)

3.Wireless device ( tablet, laptop, or cellphone)

4.Ethernet cable

Keep in the mind that the following procedure is for Raspberry Pi 3 (Jessie raspbian)  which I am quite sure it might work for some  older versions with slightly modifications. I got the script from several sources online and I did modification to work on  PLC network that use static IP addresses.

1.Install hostapd, udhcpd and iptables

Install the necessary tools
 
  1. sudo apt-get update
  2. sudo apt-get install hostapd udhcpd -y
  3. sudo apt-get install iptables -y

 

2. Create back up for these files, in case of installation failed.

backup
 
  1. sudo touch /etc/network/interfaces.bak
  2. sudo cp /etc/network/interfaces /etc/network/interfaces.bak
  3. sudo touch /etc/dhcpcd.bak
  4. sudo cp /etc/dhcpcd.conf /etc/dhcpcd.bak

 

3.Build the following  script (mywifi.sh).

Basically this script is to create several configuration (conf) files and will load them into default ones. DHCP (Dynamic Host Configuration Protocol)  configuration will give away the dynamic  IP addresses between 192.168.42.2 and 192.168.42.20 to your wireless devices and to access wlan0  meanwhile it will give a static IP address for raspberry pi: 192.168.42.1  . For older version , it is necessary to setup configuration on /etc/network/interfaces for interfacing with network (wlan0,eth0, etc )  but on newest Jessie installation, the network configuration is located on /etc/dhcpcd.conf . HostAPD configuration will create hotspot and APN ( Access Point Name). The next is NAT (Network Address Translation ) which works as a translator between external router that connect to eth0 and WIFI guests who access  wlan0.    :

WIFIhot
 
  1. #! /bin/bash
  2. #1. Configure DHCP----------------------------------------------
  3. x=tem.tem
  4. touch $x
  5. sudo rm -rf /etc/default/udhcpd
  6. #sudo mkdir /etc/default
  7. sudo touch /etc/default/udhcpd
  8. echo "start 192.168.42.2 " >>   $x
  9. echo "end 192.168.42.20" >> $x
  10. echo "interface wlan0" >> $x
  11. echo "remaining yes" >> $x
  12. echo "opt dns 8.8.8.8 4.2.2.2" >> $x
  13. echo "opt subnet 255.255.255.0" >> $x
  14. echo "opt router 192.168.42.1" >> $x
  15. echo "opt lease 864000" >> $x
  16. sudo mv  $x /etc/udhcpd.conf
  17. touch $x
  18. echo  "# Comment the following line to enable" >> $x
  19. echo "#DHCPD_ENABLED=\"no\"" >> $x
  20. echo "# Options to pass to busybo>> $x
  21. echo "DHCPD_OPTS=\"-S\"" >> $x
  22. sudo mv $x  /etc/default/udhcpd
  23.         #give the Pi a static IP address
  24. sudo ifconfig wlan0 192.168.42.1
  25. #2.------------------------------SETUP AP (Access Point) Interface -------------------------------
  26. touch  $x
  27. echo "source-directory /etc/network/interfaces.d" >> $x
  28. echo "auto lo" >> $x
  29. echo "iface lo inet loopback" >> $x
  30. echo "" >> $x
  31. echo "auto eth0" >> $x
  32. echo "iface eth0 inet dhcp" >> $x
  33. echo "" >> $x
  34. echo "iface wlan0 inet static" >> $x
  35. echo "    address 192.168.42.1" >> $x
  36. echo "    netmask 255.255.255.0" >> $x
  37. echo "    wireless-power off" >> $x
  38. echo "" >> $x
  39. echo "iface default inet dhcp" >> $x
  40. echo "up iptables-restore < /etc/iptables.ipv4.nat" >> $x
  41. sudo chmod --reference=/etc/network/interfaces $x
  42. sudo chown --reference=/etc/network/interfaces $x
  43. sudo mv $x  /etc/network/interfaces.ap
  44. sudo chmod --reference /etc/network/interfaces.bk /etc/network/interfaces.ap
  45. #3. Configure HostAPD------------------------------------------------
  46. touch $x
  47. echo "interface=wlan0" >> $x
  48. echo "driver=nl80211" >> $x
  49. echo "ssid=WifiPLC" >> $x
  50. echo "hw_mode=g" >> $x
  51. echo "channel=6" >> $x
  52. echo "macaddr_acl=0" >> $x
  53. echo "auth_algs=1" >> $x
  54. echo "ignore_broadcast_ssid=0" >> $x
  55. echo  "wpa=0" >> $x
  56. echo "wpa_passphrase=My_Passphrase" >> $x
  57. echo "wpa_key_mgmt=WPA-PSK" >> $x
  58. echo "wpa_pairwise=TKIP" >> $x
  59. echo "rsn_pairwise=CCMP" >> $x
  60. echo "ieee80211n=1"   >> $x
  61. echo "wmm_enabled=1" >> $x
  62. echo "ht_capab=[HT40][SHORT-GI-20][DSSS_CCK_40]" >> $x
  63. sudo mv  $x  /etc/hostapd/hostapd.conf
  64. #4. Configure NAT--------------------------------------------
  65. touch $x
  66. echo "DAEMON_CONF=\"/etc/hostapd/hostapd.conf\"" >> $x
  67. sudo mv $x /etc/default/hostapd
  68. touch $x
  69. sudo sh -c "echo 1 >> /proc/sys/net/ipv4/ip_forward"
  70. sudo echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
  71. sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  72. sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
  73. sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
  74. sudo sh -c "iptables-save >> /etc/iptables.ipv4.nat"
  75. #------------------------------5. Fire it up! R----------------------------------------
  76. sudo service hostapd start
  77. sudo service udhcpd start
  78. #-----------------------------6.get the hotspot to start on boot----------------------
  79. sudo update-rc.d hostapd enable
  80. sudo update-rc.d udhcpd enable
  81. #------------------------Create wifiConnect.py------------------------------------
  82. sudo apt-get install dnsmasq -y
  83. sudo service dnsmasq start
  84. sudo update-rc.d dnsmasq enable
  85. sudo apt-get install udhcpc -y

 

4.Create AP.sh script

AP.sh
 
  1. sudo nano AP.sh
ap.sh script
 
  1. #! /bin/bash
  2. #sudo cp  /etc/init.d/hostapd.bak /etc/init.d/hostapd
  3. #sudo cp /etc/init.d/udhcpd.bak /etc/init.d/udhcpd
  4. sudo /etc/init.d/hostapd stop
  5. sudo /etc/init.d/udhcpd stop
  6. sudo ifdown wlan0
  7. sudo ifconfig wlan0 down
  8. sudo rm -rf /etc/network/interfaces
  9. sudo cp /etc/network/interfaces.ap /etc/network/interfaces
  10. sudo ifconfig wlan0 up
  11. sudo ifup wlan0
  12. sudo service hostapd start
  13. sudo service udhcpd start
  14. sudo service hostapd status

 

Run mywifi.sh and AP.sh

run wifi and AP
 
  1. sudo ./mywifi.sh
  2. sudo ./AP.sh

 

If there is no errors , you should able to see SSID name “WifiPLC” on your wireless devices under WIFI setting menu. Login and when ask the password, type “My_Passphrase”  that will save and connect it to your wireless devices. To test it, connect eth0 (ethernet port) on Raspberry Pi  to DHCP router that connect to Internet. The router will assign a dynamic IP address . Now you are able to connect to Internet. Type “www.google.com” on your phone browser to verify it.

This is last step if you need a static IP  and skip it if  you just need dynamic IP address . Eth0  still has a dynamic IP address and will not communicate with PLC static IP address network. Identify gateway address and check all existing PLC IP address and find a static IP address for Raspberry PI that will not cause conflicts with other numbers. In this example the gateway is 192.168.1.1 and the number has not been used by other PLCs is 192.168.1.50. To activate a static IP address, add the following to the very bottom of /etc/dhcpcd.conf file.

dhcpcd.conf
 
  1. # static IP setup
  2. interface eth0
  3. static ip_address=192.168.1.50/24
  4. static routers=192.168.1.1
  5. static domain_name_servers=192.168.1.1

 

Save it as  /etc/dhcpcd.conf.

Reboot your Raspberry Pi , connect Ethernet port to  a PLC  router. Now if you have PLC CPUs  or Ethernet  modules  which have  “192.168.1.xx ” , type those number on your browser. Let says “192.168.1.33”. Most new Field devices or PLCs  have HTTP protocol capability on port 80/8080, so you will  see something like this  :

diag

Using Raspbian shell terminal, we can find MAC number using “arp’ command,  install “nmap” utility to explore and troubleshoot  the network such as scanning particular IP address blocks, checking open/closed ports etc.

“Poorman” PLC I/O board

Process or manufacturing plants have PLCs which get signal inputs from mechanical buttons, switches, limit switches and send signal outputs to activate relays, solenoid valves etc.  In many cases, they use 24V DC power supply for PLC CPUs  and their I/O modules.  This voltage level is used for input modules and deliver 24VDC  from output module  to turn  solenoid valves, coils etc.

For non-critical use  and ignoring  the latency  , we can build  simple 5V to 24V DC I/O adapter that can be used with our Microcontrollers to drive 24V DC rating relays and  supplying  switches/buttons.

 

arduplc

Don’t get confused with the schematic above . Yes, it works !. The reason there are two “opto couplers”  above ( Actually only one opto coupler with two sockets which I will explain later)  is that we can use GPIO from our Microcontrollers,  AVRs, Arduino boards etc  like we intended. For example we can use Pin 1 as input OR as  output  from the same block diagram above. Let says we have 8 I/O pins, each pin will go to both red and green block  so we just need to focus on our code/program without worrying which one is for input or output.

HOW IT WORKS:

(See the picture) The main part here is 4N29 opto coupler that can “convert”  either 5V DC to 24V DC or from 24V DC to 5V DC. The red square on the picture is a 4N29 socket  for output ,and the green one is a socket for input.  We have two sockets but we only need one opto coupler IC . When output signal needed , move this  IC to the red socket, otherwise we just leave it on green socket. Never put  two ICs on both sockets at same time to avoid input/output conflicts. The inputs/output devices will be connected to  blue square terminal block. Put the relays, bulbs, solenoids, switches,  and buttons there .

Convert legacy control panel into LCD alarm and warning system with Arduino.

In the old days, We used to have electronic controllers or PLCs to send the warnings or alarms on the panel by turning combination of  light indicators  on or off. To understand these signals we have to refer their operation manuals to interpret these messages. For example if they have three indicators on the panel which has Light A(LA), Light B(LB) and Light C(LC),  it will be 2^3 =8 combinations of warning/alarms. To make it easy to understand , they provide us a troubleshooting table to tell operators or technicians to trace the problem. Continue reading Convert legacy control panel into LCD alarm and warning system with Arduino.