Remote Services: Engineering and Custom Connections¶

The engineering connections of Remote Services (RS) enable apps residing inside a Service Network or its secondary network to connect to apps and data residing on devices in a remote Device Network, whilst using customizable IP-based protocols. This enables remote use of engineering or maintenance tools such as Siemens TIA Portal or for routing Audio/Video streams such as access to remote cameras.

The following Service-to-Device protocol setups are being supported:

• Dynamic Transparent Tunnel (DTT) for routing of TCP/UDP using custom port settings
• Proxy Unaware (PU) routes connetions not designed for routing and is only available on certain Windows® versions
• Web Application enables for connecting to HTTP or HTTPS servers

Example - Administrator Creates Protocol Application for a Video Stream¶

If we want to use a video stream such as RTP in order to access a camera, then a tenant administrator has to create the associated Protocol Application upfront, so that it becomes available within the Protocol Application catalog of RS. In Remote Services UI V.2 this is done by first selecting the "blue box icon" on the top left, which will open the Protocol Application menu. Click "Create New Protocol Application".

Now you see the Protocol Hub listing all available protocol templates. The ones associated with the Engineering Connection are tagged accordingly. Select "Dynamic Transparent Tunnel".

In this step we assign the DTT application with the name DTT for Video Stream and set the port settings for video streaming. Press "Save" when done.

The newly created Protocol Application DTT for Video Stream now shows in the catalog. It may be assigned to Devices in subsequent steps.

Example - Site Owner Assigns Video Stream Protocol to Device¶

The owner of a site wants to access a camera device and thus leverages the previously predefined Protocol Application for doing video streaming from a Device located in primary Device Network. The intended setup is as follows:

Press the blue device icon in the top left corner of RS V.2, which opens the Device menu. We select Device PC p01 from the device tree on the left and then press the blue button "Assign Protocol Application".

The catalog lists all available Protocol Applications. Select the needed DTT for Video Stream and press the blue arrow icon next to it.

Now the needed DTT for Video Stream is listed as an assigned Protocol Application on the right-hand side. Press "Save".

The assigned DTT for Video Stream is now ready for use - a click on the blue chain icon next to it would initiate a connection.

Example - Site Owner Assigns Web Application Protocol to PLC Device¶

The owner of a site wants to access a web server located on a PLC Device. Some PLCs offer such web servers for configuration or status supervision purposes. So a predefined Protocol Application enabling encrypted routing of HTTPS will be assigned to an already onboarded PLC device named PLC p01. We use RS V2 and the Device menu available via the blue icon in the top left corner. Select PLC p01 from the organizational tree and click "Assign Protocol Application".

We assume, that an administrator already used the RS Protocol Hub to create a Protocol Application named WebApp for PLC by using the Web Appliation template. Click the blue arrow icon next to WebApp for PLC to assign it to PLC p01.

The WebApp for PLC is now listed as a Protocol Application assigned to PLC p01. Click "Save".

The WebApp for PLC can now be used for PLC p01 by creating a tunnel via the blue chain icon. Once the connection will have been established, you may start a browser on your PC residing in a Service Network, which will then be able to connect to the web server of the PLC residing in a remote Device Network.

Example - Administrator Creates Proxy Unaware Protocol Application for Remote Engineering with TIA Portal¶

Some users want to do remote engineering with Siemens TIA portal, so that the TIA portal is not located within the local Device Network, but within a Service Network such as the network of an OEM acting as a contracted Service Provider. That enables an OEM's technicians to perform maintenance or commissioning tasks from remote. In such setup the RS tunnel terminates on a Device in a primary Device Network and then connects to a PLC located in a secondary Device Network.

The tenant administrator role selects the blue box icon from the top left of the screen and then selects "Create New Protocol Application".

This leads to the protocol hub, which offers protocol templates. We now select Proxy Unaware.

In the next screen we assign the name Proxy for TIA to our new Protocol Application. To complete the setup, we press "Add Configuration" in the port mapping section at the bottom of the screen.

We now assign port 102, since this is the standard for running the required RFC-1006 protocol (also known as ISO protocol) on top of TCP. Then we press "Save".

Now the newly created Proxy for TIA shows up in the catalog of Protocol Applications and is ready for being assigned to a Device.

Finally, the administrator assigns the new protocol to a device by selecting PC m01 from the device tree and then pressing "Assign Protocol Application".

The Protocol Application Proxy for TIA must be assigned and then be confirmed by pressing "Save", so that users may later initiate this type of connection to PC m01.

Example - User Establishes Remote Connection for TIA Portal¶

A user wants to perform remote engineering with Siemens TIA Portal. The user's PC must host the TIA portal and the TIA cloud connector. Furthermore, the user must have downloaded and launched a Service Endpoint as outlined in section Basic Connections.

As an initial step, the user opens the RS organizational device tree via the hexagonal icon in the top left and then navigating to Device PC m01. From here the connection can be established via the blue chain icon next to the assigned Protocol Application named Proxy for TIA.

When the status of Proxy for TIA will have turned to green, the connection is ready for use, and the TIA portal may be launched.