The present invention relates generally to apparatus, methods and software that allow users to communicate with remotely located isolated equipment or devices that are located behind a firewall or isolation device without the necessity to configure the firewall or isolation device to permit communication. More particularly, the present invention relates to apparatus, methods and software that employ a relay server to provide communication between an arbitrary number of isolated devices and an arbitrary number of remote protected users. The present invention implements cross-connected, server-based, IP-connected point-to-point connectivity between remotely located firewall-protected devices.
For years, electronic equipment has been designed with serial data ports so that users can connect to the equipment with a computer and configure or use the equipment. The most common serial data connection for years has been the RS232 port, in which there is a Transmit Data wire (Tx), a Receive Data wire (Rx), and a ground wire that provides a common reference voltage between the equipment and other attached devices. RS232 devices commonly allow transmission and reception of data simultaneously, and this process is called full duplex operation. A principal shortcoming of RS232 devices is the practical limitation on working cable length, of approximately 100 feet. This means that in basic application, RS232 devices cannot be separated by more than about 100 feet. In order to increase the working distance between devices, other serial data communication methods were adopted, including RS422 which is a 4-wire design allowing full duplex transmission over thousands of feet, and RS485 which is a 2-wire, half duplex design capable of similar distances, but with the necessity to alternate between transmission and reception. Recently, serial ports have been replaced by Universal Serial Bus (USB) ports. However, USB ports can only operate on the order of 10 feet or so, which is less performance than the RS232 ports it is designed to replace. Thus, USB ports exhibit the same problems as the RS232 ports discussed above.
As computer networks became practical, Ethernet connectivity became the dominant method, utilizing Transmission Control Protocol/Internet Protocol (TCP/IP) packetized data exchange to move data across large distances, and across the internet. At this time, a device, sometimes referred to as a serial server, or device server, came into existence. It then became possible to configure a pair of serial servers with IP addresses, and to cause them to make and maintain a TCP/IP connection between one another, and transport data presented at one unit's serial port to the other unit's serial port through TCP/IP transfer of the serial data bytes. Thus, within a factory environment with an Ethernet network (typically a firewall-protected local area network), it became possible to establish serial port connections between devices in different parts of the factory, using the local area network as a replacement for the serial cable, but without the length limitation. This process of transporting the serial data bytes through the network is sometimes referred to as creating a “serial tunnel” or “tunneling.”
In the computer network design described above, one serial server had to be configured to establish and maintain the TCP/IP connection to the other, and the second had to be configured to accept and receive a connection from the first. Thus they were paired to enable a point-to-point tunnel. These devices were most commonly used to connect within a single local area network, where network administrators could define and enable necessary static IP addressing, required so that the pair of devices could “find” each other.
It is possible to have one serial server behind a company's firewall, and the other device outside the firewall, but enabling this process calls for opening a route through the firewall in order for the external device to connect to the internal device. This process of opening a route, or pinhole, through the firewall is generally undesirable, as it creates a security risk for the network and an additional maintenance task for the network administrator. Thus, in general, establishing a connection from a device outside a company's firewall to another device inside the firewall is difficult and typically avoided. It is this problem that the present invention solves.
It would be desirable to have the ability to connect to and remotely communicate with and control devices that are located behind a firewall, including engine controllers, copiers, printers, wind speed indicators, and pumps having engines and engine controllers, and the like, without requiring a route to be opened in a firewall to enable communication. It would be desirable to have apparatus, methods and software that allow an arbitrary number of users to communicate with devices that are located behind a firewall without the necessity to configure the firewall to permit communication. It would be desirable to have apparatus, methods and software that implement cross-connected, server-based, IP-connected point-to-point connectivity between remotely located firewall-protected devices.