Connecting to BCS Remotely.

Describe your system and processes, and post your config file.
Post Reply
micky5752
Posts: 18
Joined: Sun Nov 01, 2015 11:24 am
Bot?: No

Connecting to BCS Remotely.

Post by micky5752 » Wed Apr 19, 2017 6:06 am

I'm sure this has been posted about before, but I'm having trouble hunting the specific answers I need to make this happen.

Just want to be able to reach out remotely and access my BCS/Controller to either check the temps from work, or start a brew prior to
leaving work.

I will post what my Router has given me in terms of the IP Address and what I think I'm doing right to get it close. Any help bridging the gap would be greatly appreciated!

From what I understand is that I need to lock down a Static IP address for the device and then forward the port i.e. 8080 for the BCS?

Here is what the router gives me in terms of IP, Subnet and so forth.
Screen Shot 2017-04-19 at 7.18.06 AM.png
Screen Shot 2017-04-19 at 7.18.06 AM.png (66.67 KiB) Viewed 1008 times

This is a shot of the BCS settings as they were when I turned off DHCP to access the ability to change the values.
Screen Shot 2017-04-19 at 9.04.19 AM.png
Screen Shot 2017-04-19 at 9.04.19 AM.png (100.4 KiB) Viewed 1008 times

What should I do from here? Should it look like this?
Screen Shot 2017-04-19 at 9.00.16 AM.png
Screen Shot 2017-04-19 at 9.00.16 AM.png (101.19 KiB) Viewed 1008 times

User avatar
JonW
Site Admin
Posts: 1615
Joined: Sun Jul 18, 2010 7:51 am
Bot?: No
Location: Huntington Beach, CA
Contact:

Re: Connecting to BCS Remotely.

Post by JonW » Wed Apr 19, 2017 11:49 am

DO NOT set your router IP in your BCS! Leave your BCS at 192.168.0.120 or whatever IP your router assigns you (using DHCP). Then set a reservation in your router so that it will always reassign that same address to the BCS.

Once that is done, you can setup a port forwarding rule in your router that forwards from the external IP to your internal IP. You can leave your BCS on port 80 so that local LAN use does not require using 8080, then you can add the 8080 port as part of your forward so it is only used when you are away from your home. Keeps things easier that way.

Your rule would look something like: 50.149.24.193:8080 forward to 192.168.0.120:80.

Leave the BCS on default DHCP and do all the necessary changes in your router.

micky5752
Posts: 18
Joined: Sun Nov 01, 2015 11:24 am
Bot?: No

Re: Connecting to BCS Remotely.

Post by micky5752 » Thu Apr 20, 2017 4:15 am

DUDEMAN! YOU RULE!!! Had this up and running in about 30 seconds... You're a true godsend to all us BCSers!!!

User avatar
JonW
Site Admin
Posts: 1615
Joined: Sun Jul 18, 2010 7:51 am
Bot?: No
Location: Huntington Beach, CA
Contact:

Re: Connecting to BCS Remotely.

Post by JonW » Thu Apr 20, 2017 9:16 am

LOL, glad you got it working. Just a note, it's not good to post your router IP address in public. I would restart your router and see if you can grab a new external IP address.

brahn
Posts: 539
Joined: Thu Dec 13, 2012 11:01 am
Bot?: No

Re: Connecting to BCS Remotely.

Post by brahn » Thu Apr 20, 2017 11:07 am

I just want to point out that opening port forwarding to any system on your network opens you up to security risks, that includes forwarding to the BCS as well as any other system. There are LOTS of people/systems out there that are constantly running port scans and trying to exploit any systems that they find. They will see your BCS and connect to it, whether your IP has been published or not.

We're not aware of any security issues with the BCS, however it does have limited memory and cpu and could be vulnerable to denial of service attack. Essentially that just means that the BCS might stop working properly while it is being attacked.

I would recommend not port forwarding to your BCS directly. My recommendation if you need to access it remotely would be to set up a VPN server on your network that will let you access your network and then access the BCS using it's local IP address. This is more complicated to get running, and not something we can really help you configure due to the wide variety of possible solutions, but it is a safer option and still provides remote access to the BCS.

If you do decide to port forward to your BCS, at the very least please make sure you turn on password authentication.

User avatar
JonW
Site Admin
Posts: 1615
Joined: Sun Jul 18, 2010 7:51 am
Bot?: No
Location: Huntington Beach, CA
Contact:

Re: Connecting to BCS Remotely.

Post by JonW » Thu Apr 20, 2017 11:39 am

Good recommendations from brahn. If you are going to do the forwarding, I would use a random high numbered port (e.g. 52222) or something oddball. Most port scans are only checking "well known ports", of which 8080 is one. Yes, this is a measure of "security by obscurity", but it will foil the majority of the port scanners out there as they don't generally do full scans. They're usually just looking for quick & easy targets.

angelo.pagano91
Posts: 2
Joined: Wed Aug 22, 2018 12:17 pm
Bot?: No

Re: Connecting to BCS Remotely.

Post by angelo.pagano91 » Wed Aug 22, 2018 12:20 pm

Hello,

Has anyone been able to have two systems work remotely? I got one of them two work outside using just Port 80, and the other one I chose a random port that isnt reserved. I made the changes on the router but it wasnt working. Just wanted to see if anyone had luck and if the BCS-462 can use two different Port Forwards as it has two different internal IP's. Thanks!

User avatar
JonW
Site Admin
Posts: 1615
Joined: Sun Jul 18, 2010 7:51 am
Bot?: No
Location: Huntington Beach, CA
Contact:

Re: Connecting to BCS Remotely.

Post by JonW » Wed Aug 22, 2018 10:20 pm

What changes did you make on the router? That is the key...

If you visit http://demo.embeddedcc.com/ you'll see a standard web page that is served up on port 80. There are then 3 different links for various BCS systems that are on ports 8081, 8082 and 8083. All three BCS units are served up from the same site (single IP address). Additionally, all 3 BCS units are still in the default configuration of using port 80 - NOT the specified port that you access them (externally) on. I highly suggest leaving the BCS units on port 80 and DHCP addressing and doing everything you need to do in the router.

What you need to do is start by assigning DHCP reservations to your two BCS units. This will keep them always coming back to the same IP even after firmware updates or a full reset. Setting a static IP in the BCS is very doable, but remember that if you do a factory reset or firmware update that the BCS will revert back to DHCP mode until you re-establish the static address. Using DHCP reservations in your router accomplishes the same thing as static addresses, but it works while in DHCP mode (across reboots, firmware updates and factory resets), so you never have to reset the address.

Secondly, you need to create forwarding rules that not only forward from the incoming external IP to the internal IP, but also from the external port to the internal port.

As an example, your two BCS units could be on internal addresses of 192.168.1.21 & 192.168.1.22.
Using the external IP of the demo BCS site as an example, you can port forward two external ports to the two different internal devices even if each device is using the same port (because the external port is different). I suggest doing it this way as when you access the devices on the internal network, you don't need to worry about the port number (just pull up their address in the browser).
71.243.214.101 port 8081 forwards to 192.168.1.21 port 80
71.243.214.101 port 8082 forwards to 192.168.1.22 port 80

angelo.pagano91
Posts: 2
Joined: Wed Aug 22, 2018 12:17 pm
Bot?: No

Re: Connecting to BCS Remotely.

Post by angelo.pagano91 » Fri Aug 24, 2018 11:48 am

Thanks John I will give this a shot.

Also if you look at the screenshot, that is an example of my client's router from the manual, not a real screenshot. Unlike Optimum where you can add Rules, this router's Port Forwarding only accepts 1 or a range of ports.

I know Port Triggering wont help as in that type of service needs to be triggered from the internal device on the inside network. Is it possible this router doesnt include Port Forwarding Rules?

If so should I change the internal port from 80 to something else? Thank you!

Router Model: TC8715D
Attachments
Port Forwarding.JPG
Port Forwarding.JPG (20.89 KiB) Viewed 246 times

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest