Results 1 to 7 of 7
  1. #1

    Question Help (please!)? Hosting issue that has me stumped.

    I've been webmastering a small business's website for years now, and they've approached me with a need that has me scratching my head.

    Here's the deal. The company manufactures mechanical equipment with remote controlling and datalogging capabilities. They would like to equip their systems with a "web" modem which acts as both a window to the unit and a mini-server. The server holds an .html page which transmits info about the system. This is all fantastic -- the hitch is that the only way to connect to this modem/mini-server is via a commercial VPN connection. Essentially, the company pays the VPN host a fee for all data transferred over the VPN, and the VPN host provides a range of IP addresses that the company can use in their systems.

    MY problem is that the company would like me to configure their web page so that their customers can log in, click on the link to their site, and pull up the web page being hosted on their modem/mini-server through their internet browser. I have a sinking feeling that the only way I'm going to accomplish such a feat is to get them a dedicated server or vps -- otherwise, how could I possibly install the software which allows entry to the VPN? And, I'm pretty sure that if I did go that route, I'd have to leave the VPN connection enabled on the web host all the time -- that way, when someone clicks on the link, they access the IP address on the VPN. (since they pay by the byte, not by the hour, this would be okay, I suppose.)

    My head hurts. Any advise/second opinions would be HUGELY appreciated.

  2. #2
    Join Date
    Apr 2007
    Quote Originally Posted by diehlka View Post
    The company manufactures mechanical equipment with remote controlling and datalogging capabilities. They would like to equip their systems with a "web" modem which acts as both a window to the unit and a mini-server. The server holds an .html page which transmits info about the system.

    Are you saying that each of their "boxes" have a ethernet port they would like to open up to the VPN?

    I lost you at " with a "web" modem..." and "...a mini-server...".

    Maybe you could clarify this "setup" the company wants you to code for them?
    Hosted by: Hudson Valley Host (6 months+)
    Past Hosts
    : LevelHosting (2 years), Speedy Sparrow (2 years), 5ribu (3 months), Cirtex Hosting (5 years), Powweb (2 years), GoDaddy (2 years), SynergyBox (2 months, defunct), Freezoka (6 months), Peachy Dandy (1 year, defunct)

  3. #3
    I'd be happy to clarify.

    The systems manufactured by this company each contain a PLC (programmable logic controller) and a "WebPort" modem. The modem is really more like a tiny web-server that hosts a single web page. (The web page grabs "tags" from the PLC which transmits and receives data about the system.) Essentially, these are large, industrial machines that need to be monitored remotely. The PLC tells the modem if a sensor is too hot, or a tank is almost full, and it allows customers to flip switches or open solenoids remotely. The modem opens communication to and from the PLC via a cellular connection to a VPN. (The connection is usually cellular because these machines are often in very remote locations.)

    Each "box" (webport modem) essentially acts as a PC located on the domain of one large VPN, identified by an IP which is unique and static on the VPN. The VPN is hosted by a company that charges by the byte to transmit data securely. Just like any VPN, you need an internet connection to log in -- but, once logged in, you have the ability to connect to IP addresses in the VPN domain.

    If the web host is connected to the VPN, I can use the web page to link to sites/IP addresses on the VPN. (We have security measures in place to ensure that not just anyone can wander on and access the VPN -- a login is required.) If I can't connect the web server to the VPN, every end user would need to install the VPN client in order to view the data from the "boxes." (Apparently, this is unacceptable -- the company feels their customers don't want to do anything except hop onto the web, and thinks that if this works, it will be a huge selling point.)

    I think the only way I can accomplish this is to rent a VPS with root access so I can install the VPN client on the server. (The VPN company supplies an executable file which opens the connection to the VPN, and there is apparently no other way to open a connection.) If the web server is connected to the VPN 24-7, anyone clicking on links to IP addresses on the VPN will have access to VPN IPs at any time.

    By the way, the idea of a designated server for this company is a tad ridiculous. They have a virtual trickle of traffic -- the "boxes" require almost no bandwidth, and the company's customer base is very, very, VERY small. I can't imagine a situation where more than five of these machines would be accessed at the same time. Leasing a VPS for this seems a bit like swatting a fly with a Buick, if you asked me, but I can't think of any other way to hook the server into the VPN, except by installing the client -- which requires root access.

    I hope this clears things up a bit. Thanks again!

  4. #4
    Join Date
    Feb 2005
    If the VPN client requires root then you need a VPS. I don't see how that's a problem - the smallest (unmanaged) VPSs cost around $10 these days, and if the traffic is as low as you say then one of those (128MB guaranteed memory) should be enough to run your VPN client and a simple application.

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  5. #5
    Thanks. I guess I was just hoping to avoid the hassle of setting up an unmanaged VPS and moving to a new server. (Right now, the company hosts through dreamhost, which used to be more than adequate for their needs. But, since dreamhost doesn't have a vps with root access, I'm going to have to transfer, which is a pain in the hiney.) I just don't see any other way of doing this. I was mostly looking for confirmation that there are no other alternatives -- which it sounds like there aren't.

    Thanks again.

  6. #6
    Your first point of contact ought to be the vpn vendor. Or, at least their website where you might find their documentation.

    The question to be asked is: "how do i access your vpn from an external ip?"

    They just might be able to let you access via ssl against from a fixed ip because they can build a rule that way.
    managed dns global failover and load balance (gslb)
    uptime report for

  7. #7
    Join Date
    Jun 2006
    You'll still require VPN between the hosted web server and your backend "web modem" systems. It would be nice if someone compiled openvpn within php to establish vpn tunnels on the fly - but I think it would require a complex connection pooling mechanism.

    Once you have the secure connection established, there are a couple different ways you could communicate with the devices(if it does indeed have a mini http server and provides html pages it'll be easy).

    On your externally hosted server, you could use a https proxy server(apache 2.2, or squid will work). So proxy method looks like this:

    web browser----HTTPS--->apache2.2--(vpn tunnel----HTTP---)--HTTP-->"web modem"
    You could use .htaccess http authentication for security.

    If you are looking at creating a new interface, for example polling temp information from a whole bunch of "web modem" devices and displaying all within one page to the end user, you'll have to use something like curl or DOM in php to gather the information so you can reformat data however you want. This will also give you the additional advantage to do some level of automatic threshold alerting(if temp exceeds 60C send email).

    Once your server and VPN are successfully established, then google things like, "html php scraper" or "url scraper" if you decide to go the custom interface route.

    html scraping & redisplay method:

    web browser----HTTPS--->apache/php--(vpn tunnel----HTTPvia php/curl calls---)--HTTP-->"web modem"

    You could also use .htaccess/http authentication, or build an auth mechanism within php for different roles and permissions.

    Let me know if you require further assistance, I've written many web apps interfacing with data acquisition devices. This should be a fun project and great learning experience for you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts