Using Ignition over a 3G network

BigUglyManiac · March 8, 2011, 5:07pm

I have searched, and cannot find the thread about using Ignition over a 3G network and getting the certificates just so. I have had success with the mobile app thing on my iPad over the wireless network, but want to take a walk on the wild side and make a version for the iPhone user using only the 3G network. I cannot believe that I am the lone ranger wanting it. Any help?

Colby.Clegg · March 8, 2011, 5:39pm

Well, you’ll have to give more information about your set up and why you think it isn’t working, because besides the fundamental network difference that the 3G phone is on the public internet and your wi-fi connection in on your intranet, the software does know the difference.

I just opened safari on my iPhone and went to our public demo at [tt]http://69.19.194.30[/tt] and it worked just fine over 3G. Try going there and see if you can connect. If so, it’s just an issue of getting your server to be exposed to the public.

Regards,

BigUglyManiac · March 8, 2011, 6:17pm

I am perhaps more interested in the security side. Is there anything in the software that needs to be made aware of the fact that the communications is using https rather than http? Assume that I have a valid verisign SSL certificate.

nathan · March 8, 2011, 6:45pm

A lot depends on your architecture and requirements, but I would first consider connecting to your network via VPN rather than hosting your application on the public Internet. The iPhone should support this.

BigUglyManiac · March 8, 2011, 6:49pm

Excellent idea. I will investigate this further. Thanks for the help!

Kyle_Chase · March 9, 2011, 7:12am

In my opinion, using ssl bypasses the need to use a vpn. Sure, its an extra layer of security, but it kills the user experience. As long as you have properly structured ACLs in place for the user, and use a valid SSL cert, you should be fine. I mean, we use Ignition across all of our refineries, and if everyone had to VPN into each facility all the time, I dont think it would be as nice to use. Open the SSL port to the public and boom, away you go. You can also extend securities based off of IP addressing as well.

nathan · March 9, 2011, 8:00am

That’s an option, too. If you want to host your application on the public Internet, I would recommend the following from a security perspective (what OP asked about):

Use your own SSL certificate issued by a reputable certificate authority
Put the Igntion gateway behind a firewall or just have your router forward the single SSL port to the Ignition server.

tailfire · August 3, 2012, 3:04am

[quote=“Colby.Clegg”]Well, you’ll have to give more information about your set up and why you think it isn’t working, because besides the fundamental network difference that the 3G phone is on the public internet and your wi-fi connection in on your intranet, the software does know the difference.

I just opened safari on my iPhone and went to our public demo at [tt]http://69.19.194.30[/tt] and it worked just fine over 3G. Try going there and see if you can connect. If so, it’s just an issue of getting your server to be exposed to the public.

Regards,[/quote]

Does the above mentioned url still work?

greg.simpson · August 3, 2012, 3:17pm

Here is the link to our demo page. The username and password should still be the defaults.

iademo.inductiveautomation.com/