Opto 22 Logo

New video: Remote Access to groov Devices using Open VPN

OptoBlog

New video: Remote Access to groov Devices using Open VPN

Posted by Terry Orchard on Mar 19, 2025 9:39:56 AM

Learn how setting up VPN (virtual private network) configurations can help you securely connect to your remote devices.

In our latest video VPN configuration on groov devices using OpenVPN, you'll get a breakdown of the high-level configuration of VPNs and also a detailed walkthrough of the process.

But first, in this blog post, let's discuss the pain of secure remote connectivity and the gains that setting up a VPN can bring.

The first “why” to address is why you would even want to set up a VPN connection for your devices. The first and most common reason is to allow secure remote access.

Driving to the site is time-consuming and expensive, no question. Of course, you could open your devices to the internet, but that is NOT safe or advised. So, there has to be another way—a better way.

OpenVPNImage1

That’s where VPN comes into the picture.

Instead of exposing your systems to the “Wild Wild West” of the WWW online world, you securely connect them to a VPN server, making your device a VPN host client.

It's important to note here that the connection from any VPN client to the VPN server is outbound. No changes to firewalls are required. The clients only need a valid gateway configured to connect with the VPN server. Of course, the server can be in the cloud or on the premises of the company HQ.

An interesting observation I have noticed over the past seven years from teaching monthly classes here at Opto 22: Before COVID, trusting or using a VPN for remote device connections was very rare. Now remote work and remote servicing over VPNs are very common. Your IT department may well have a VPN server that is all set up and ready to go.

OpenVPNImage2

Once the remote host device is connected to the VPN server, the only way to reach your device is to first use another VPN client on your PC to also connect to the VPN server securely. Once both the Host and User clients are connected, they are on a virtual private network (or VPN) with their own VPN-provided IP addresses. Now, enter the remote host device's VPN IP address from your PC's browser and log in with the groov device credentials.

The connection between the Host client and the User client through the VPN server is encrypted using the Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocol and AES-256 encryption algorithms. 

For the Host client, an OpenVPN configuration file is created and applied to the groov device for connecting, encrypting, and authenticating to the VPN server. For the User client on your PC, you'll authenticate to the VPN server with a configured username and password entered through your VPN client software. 

The OpenVPN host client configuration file (.opvn) and the User client account credentials are created and managed from the VPN server's administration interface.

After making this secure connection, you can bridge together devices that carry communication without exposing it. This secure connection allows you to get the data you want and put it exactly where you need it.

Online VPN services, referred to as "consumer VPNs," put their emphasis on the fact that they deliver private data transfer over the Internet, so I won’t reiterate that here. But for remote access VPNs, which is the topic here, I do think it’s worth focusing more on the fact that VPNs provide a virtual network. That is to say, the user has the same experience from the remote location as if they were on the same networkon-sitewith the groov device.

OpenVPNImage3

Having an entire virtual managed network means you're connecting physically separate devices and virtually managing them. Every function and feature that is in the groov Manage interface—you can do it virtually. Even beyond that, because the user is virtually on the same network as the groov device, tasks like a strategy download or Node-RED editor/dashboard change—even firmware updates—are easily done.

Most VPN servers have an administrator-type interface, making adding and deleting users very easy. It’s simply a case of leveraging the IT tools that have been in place for decades for the factory floor. Adding more cybersecurity to your operational technology (OT) workflow is never a bad idea.

If you want to set up this kind of connectivity for yourself, check out this video. And don't miss how you can get started with 3 free OpenVPN Cloud device connections!

 

For more info on cybersecurity, we have documentation that can help.
Download the tech note: groov Products Cybersecurity Design Best Practices

Additional resources: 

 

And as always, happy networking.

 

Topics: groov EPIC, cybersecurity, EPIC Security, OpenVPN

Written by Terry Orchard

Terry is a UC Irvine alumnus that works in technical marketing and focuses on development and content creation. When he's not at the computer he enjoys spending time with his family and pets, flying drones, and working on yo-yo tricks.

    Subscribe to Email Updates

    Recent Posts

    Posts by Topic

    see all

    © 2025 Opto22 Terms and Conditions | Privacy

    (800) 321 OPTO (6786) | 43044 Business Park Drive, Temecula CA 92590 USA