TLS Proxy Server tab

TLS Proxy Server

Enable/disable the TLS Proxy Server. When doing TLS proxy communications, the device TLS server maintains a secure TLS connection with a remote TLS client and forwards information onto a data logger using a standard TCP connection. TCP ports and physical connections are configured below.

NOTE:

If the TLS Proxy Server is enabled and a data logger is connected to the CS I/O port, the data logger will load its TCP stack in case it is required to do TCP communications. Running the TCP stack causes the data logger to use more memory, leaving less for final storage, etc. So, if TCP/TLS server capability is not required, the TLS Proxy Server should be left disabled.

TLS Proxy Service Port

When doing TLS Proxy communications, the NL200/201 TLS server maintains a secure connection with a remote client. If the TLS Proxy Forward Physical Port is set to CS I/O Port, the NL200/201 will open a TCP connection with the data logger over the CS I/O port and do unencrypted data transfer with the data logger. If the TLS Proxy Forward Physical Port is set to Ethernet, the NL200/201 will open the TCP connection over Ethernet on the TLS Proxy Forward IP Address.

In order to communicate with the NL200/201 TLS server, the client application must open a socket to that server. The socket of the NL200/201 TLS server is uniquely identified by the IP address and a port number. This entry is where the port number of the NL200/201 TLS server is set.

The TLS client needs to be set to communicate on this port number. If secure communications come in on the TLS Proxy Service Port, the NL200/201 will attempt to open a TCP connection to the data logger on the TLS Proxy Forward Port. Also, regardless of this setting, the NL200/201 Secure Proxy Server will always listen on the secure HTTP (HTTPS) port number 443. If a secure connection is established on this port, the NL200/201 will attempt to communicate to the data logger on the HTTP port 80 (range 1 to 65535).

TLS Proxy Forward Physical Port

When doing TLS Proxy communications, the NL200/201 TLS server maintains a secure connection with a remote client. If the TLS Proxy Forward Physical Port is specified to be the CS I/O Port, the NL200/201 will open a TCP connection with the data logger over the CS I/O port and do unencrypted data transfer with the data logger. If the TLS Proxy Forward Physical Port is specified to be Ethernet, the NL200/201 will open the TCP connection over Ethernet on the TLS Proxy Forward IP Address.

TLS Proxy Forward IP Address

Secure communications received on the NL200/201 TLS server will be forwarded on a non-secure TCP connection to this IP address. If the TLS Proxy Forward Physical Port is specified to be the CS I/O Port, this setting does not need to be set by the user since the NL200/201 will obtain the IP address of the data logger automatically. The data logger must be configured with a static IP address that is unique and that exists on the same subnet as the NL200/201 IP address. If the TLS Proxy Forward Physical Port is specified to be Ethernet, the forward IP address must be specified. Enter the IP address of the destination data logger here.

TLS Proxy Forward Port

When doing TLS Proxy communications, the NL200/201 TLS server maintains a secure connection with a remote client. If the TLS Proxy Forward Physical Port is specified to be the CS I/O Port, the NL200/201 will open a TCP connection with the data logger over the CS I/O port and do unencrypted data transfer with the data logger. If the TLS Proxy Forward Physical Port is specified to be Ethernet, the NL200/201 will open the TCP connection over Ethernet on the TLS Proxy Forward IP Address.

In order to communicate with the connected data logger TCP server, the NL200/201 TCP client application must open a socket to that server. The socket of the data logger TCP server is uniquely identified by an IP address and a port number. This entry is where the port number of the NL200/201 TCP client is set. The data logger TCP service port must be set to communicate on this port number.

If secure communications come in on the TLS Proxy Service Port, the NL200/201 will attempt to open a TCP connection to the data logger on the TLS Proxy Forward Port. Also, regardless of this setting, the NL200/201 TLS Proxy Server will always listen on the secure HTTP (HTTPS) port number 443. If a secure connection is established on this port, the NL200/201 will attempt to communicate to the data logger on the HTTP port 80.

Leave this setting at its default unless the data logger is expecting communications on a different port (range 1 to 65535).

TLS Proxy Timeout

This setting, in units of seconds, will determine how fast the proxy server/client sessions will time out if no activity is detected. Set to 0 for no time-out (not recommended) (range 0 to 999).