Campbell NL240, Инструкция по эксплуатации

Страница: 35 / 74

NL240 Wireless Network Link Interface
8.2.5 Modbus TCP/IP to RTU Gateway
The NL240 can serve as a Modbus TCP/IP to RTU Gateway. It will listen for
incoming Modbus TCP/IP connections from a Modbus TCP/IP master client.
The port number of the listening connection is specified in the RS-232 Service
Port Number
setting and is typically set to a value of 502. The NL240 will
convert incoming Modbus TCP/IP frames to Modbus RTU and forward them
to the RS-232 port. The NL240 will wait for a response from the Modbus RTU
device and forward that response back to the remote Modbus TCP/IP master
client over the established TCP connection. The Modbus RTU device is
generally a datalogger, such as a CR200(X), connected to the RS-232 port or a
datalogger located remotely over a transparent radio (for example, RF450)
connection, but can be any Modbus RTU device. When the NL240 is
connected directly to a CR800 series, CR1000, or CR3000 being polled by a
Modbus TCP/IP master client, the NL240 is most commonly configured with
Bridge Mode enabled instead of as a Modbus TCP/IP to RTU Gateway.
8.2.6 TLS
The NL240 supports transport layer security (TLS) for proxy functions
including HTTPS. TLS versions 1.0 and 1.1. are supported. The TLS
implementation supports symmetric algorithms AES-256, AES-128, and RC4
and RSA keys up to 4096 bits. For any TLS connection, the unit will
preferentially use AES-256, then AES-128, and finally RC4. X.509 certificates
are supported, with the exception of v3 extensions. Certificates should be PEM
format. Up to 10 certificates can be chained. 10 kB of space is provided for
certificate storage. The Private Key should also be in PEM format and, if
encrypted, use AES-256 or AES-128 (SHA).
The implementation of TLS in the NL240 is provided so that secure, encrypted
communications can be established between a TLS client and the NL240.
With the TLS Proxy Server enabled, the NL240 can act as a TLS proxy server
for a datalogger. The NL240’s TLS Proxy Server maintains a secure TLS
connection with a remote TLS client and forwards data onto a datalogger using
a standard TCP connection thus enabling communication with TLS clients.
The TLS client can be a web browser using HTTPS or other user-supplied TLS
client. This offloads from the datalogger the intensive computations that are
necessary for a TLS server to perform.
Also, with the NL240 configured for TLS, it can establish a secure TLS
configuration session with DevConfig .
In order to use TLS, the user must configure the NL240 with a user-supplied
TLS Private Key and TLS Certificate. The key and certificate are loaded using
DevConfig .
Using DevConfig , navigate to the Settings Editor tab and then to the TLS tab.
•
Load the user-supplied, PEM-formatted TLS Private key using the Set
TLS Key … button. A file dialog will open. Navigate to the key file
and click
Open
.
•
Load the user-supplied, PEM-formatted TLS Certificate using the Set
TLS Certificate … button. A file dialog will open. Navigate to the
certificate file and click Open .
25