Academic Company Events NI Developer Zone Support Solutions Products & Services Contact NI MyNI
4 ratings:
 4.25 out of 5     Rate this Document

Setup Guidelines for the Logos Protocol Across Firewalls.

Primary Software: LabVIEW Modules>>DSC Module
Primary Software Version: 6.0
Primary Software Fixed Version: N/A
Secondary Software: N/A

Problem:
The LabVIEW Datalogging and Supervisory Control (DSC) Module, Lookout, and Ethernet based FieldPoint controllers use a proprietary network protocol called Logos that is based on UDP. Most applications run within a dedicated network. However, in some cases a client application outside of the dedicated network and separated through a router with a firewall wants to monitor the system where the LabVIEW DSC Module's Tag Engine or the Lookout Server is running. Is such a network connection to a Logos server (published tag or datamember) through a router possible?

Solution:
It is possible to configure a NAT (Network Address Translation) router to allow outside clients to talk to an inside Logos server. Note: In the following the terms router and firewall are interchangeable, and are meant to refer to the NAT gateway/router. The following configurations provide such access:
  1. Set the server up as the DMZ host (De-Militarized Zone host). Most routers allow one IP address to be configured as a DMZ host so that all incoming traffic (that isn't already spoken for in the usual NAT way) goes to the DMZ host. Configuring a DMZ host simply requires telling the router the IP address of the server. The DMZ host will then be completely open to all incoming traffic from the internet. The outside clients would then use the external IP address of the router to talk to the server.


  2. Set up port forwarding on the router to forward all UDP port between 1024 and 65535 to the server. This is similar to pinholing (i.e. telling the router to forward one port to the server). Configuring port forwarding requires telling the router the IP address of the server, the port range (1024-65535) and the protocol (UDP). The outside clients would then use the external IP address of the router to talk to the server.


  3. Setup VPN or PPTP to allow the outside clients to tunnel behind the firewall. This will allow the outside clients to act as though they are inside the firewall and they can talk directly to the server. Some routers have built-in VPN/PPTP servers, but most don't. If your router doesn't have a VPN/PPTP server then you will have to setup another computer as your VPN/PPTP server and configure your router to allow external connections to the VPN/PPTP server. A client using VPN/PPTP would use the IP address of the server, not the IP address of the router.

National Instruments does not directly support how to set up your specific gateway/router with the options mentioned above (DMZ host, UDP ports, VPN/PPTP server). Please ask your network administrator or/and consult the manuals of the router and specific software packages.


Related Links:
Developer Zone Tutorial: Networking Lookout or the LabVIEW DSC Module Across Firewalls

Attachments:





Report Date: 07/28/2003
Last Updated: 08/01/2007
Document ID: 2ZR7E1HK

Your Feedback! poor Poor  |  Excellent excellent   Yes No
 Document Quality? 
 Answered Your Question? 
  1 2 3 4 5
Please Contact NI for all product and support inquiries.submit