TLS Proxy Server tab

TLS Proxy Server

Enable/disable the TLS Proxy Server. When doing TLS proxy communications, the device TLS server maintains a secure TLS connection with a remote TLS client and forwards information onto a data logger using a standard TCP connection. TCP ports and physical connections are configured below.

NOTE:

If the TLS Proxy Server is enabled and a data logger is connected to the CS I/O port, the data logger will load its TCP stack in case it is required to do TCP communications. Running the TCP stack causes the data logger to use more memory, leaving less for final storage, etc. So, if TCP/TLS server capability is not required, the TLS Proxy Server should be left disabled.

TLS Proxy Service Port

When doing TLS Proxy communications, the NL241 TLS server maintains a secure connection with a remote client. If the TLS Proxy Forward Physical Port is set to CS I/O Port, the NL241 will open a TCP connection with the data logger over the CS I/O port and do unencrypted data transfer with the data logger. If the TLS Proxy Forward Physical Port is set to Wi-Fi, the NL241 will open the TCP connection over Wi-Fi on the TLS Proxy Forward IP Address.

In order to communicate with the NL241 TLS server, the client application must open a socket to that server. The socket of the NL241 TLS server is uniquely identified by the IP address and a port number. This entry is where the port number of the NL241 TLS server is set.

The TLS client needs to be set to communicate on this port number. If secure communications come in on the TLS Proxy Service Port, the NL241 will attempt to open a TCP connection to the data logger on the TLS Proxy Forward Port. Also, regardless of this setting, the NL241 Secure Proxy Server will always listen on the secure HTTP (HTTPS) port number 443. If a secure connection is established on this port, the NL241 will attempt to communicate to the data logger on the HTTP port 80 (range 1 to 65535).

TLS Proxy Forward Physical Port

When doing TLS Proxy communications, the NL241 TLS server maintains a secure connection with a remote client. If the TLS Proxy Forward Physical Port is specified to be the CS I/O Port, the NL241 will open a TCP connection with the data logger over the CS I/O port and do unencrypted data transfer with the data logger. If the TLS Proxy Forward Physical Port is specified to be Wi-Fi, the NL241 will open the TCP connection over Wi-Fi on the TLS Proxy Forward IP Address.

TLS Proxy Forward IP Address

Secure communications received on the NL241 TLS server will be forwarded on a non-secure TCP connection to this IP address. If the TLS Proxy Forward Physical Port is specified to be the CS I/O Port, this setting does not need to be set by the user since the NL241 will obtain the IP address of the data logger automatically. The data logger must be configured with a static IP address that is unique and that exists on the same subnet as the NL241 IP address. If the TLS Proxy Forward Physical Port is specified to be Wi-Fi, the forward IP address must be specified. Enter the IP address of the destination data logger here.

TLS Proxy Forward Port

When doing TLS Proxy communications, the NL241 TLS server maintains a secure connection with a remote client. If the TLS Proxy Forward Physical Port is specified to be the CS I/O Port, the NL241 will open a TCP connection with the data logger over the CS I/O port and do unencrypted data transfer with the data logger. If the TLS Proxy Forward Physical Port is specified to be Wi-Fi, the NL241 will open the TCP connection over Wi-Fi on the TLS Proxy Forward IP Address.

In order to communicate with the connected data logger TCP server, the NL241 TCP client application must open a socket to that server. The socket of the data logger TCP server is uniquely identified by an IP address and a port number. This entry is where the port number of the NL241 TCP client is set. The data logger TCP service port must be set to communicate on this port number.

If secure communications come in on the TLS Proxy Service Port, the NL241 will attempt to open a TCP connection to the data logger on the TLS Proxy Forward Port. Also, regardless of this setting, the NL241 TLS Proxy Server will always listen on the secure HTTP (HTTPS) port number 443. If a secure connection is established on this port, the NL241 will attempt to communicate to the data logger on the HTTP port 80.

Leave this setting at its default unless the data logger is expecting communications on a different port (range 1 to 65535).

TLS Proxy Timeout

This setting, in units of seconds, will determine how fast the proxy server/client sessions will time out if no activity is detected. Set to 0 for no time-out (not recommended) (range 0 to 999).