Standalone Field Servers

Operational Mode: Autonomous WiFi Server 1 to 4 Users/Server.

This use-case is engineered for high-stakes field environments—ranging from remote construction sites to isolated agricultural zones—where traditional networking infrastructure is nonexistent. By utilizing the CAN-LAN SERVER as a localized, autonomous Access Point, the system bypasses the need for external routers, cellular backhaul, or complex provisioning. Once the DB9 interface is physically secured to the machine's CAN-bus network, the server initializes a dedicated, low-latency WiFi network. Users simply connect their local terminals via WiFi to the broadcasted SSID. The server then serves the web-based CAN-LAN SERVER INTERFACE directly from its onboard flash, ensuring that all diagnostic metrics, PGN decoders, and hardware control registers are accessible without external connectivity. This provides a complete, isolated, and secure diagnostic "bubble" wherever the machine is physically located.

Weather-Resilient Operation: The system is specifically designed to maintain robust connectivity in harsh field conditions. By providing a stable, high-range WiFi broadcast, the CAN-LAN SERVER allows an operator to remain in a protected environment—such as the cab of a truck or a nearby vehicle—during poor weather. This capability eliminates the requirement for the operator to be physically exposed to the elements while interfacing with the machine. As long as the operator is within normal WiFi range, they can access the full diagnostic suite from their own terminal, ensuring both operational safety and data integrity regardless of environmental variables.

AP Mode Image

Corporate Campus Servers

Operational Mode: Enterprise Integrated Servers 1 to 4 Users/Server.

For large-scale industrial campus environments, the CAN-LAN SERVER transitions into an integrated network component. Configured seamlessly via local .ini file parameters, the server performs a persistent handshake with the existing corporate WiFi infrastructure. By implementing mDNS (Multicast DNS) broadcasting, the server announces its presence dynamically across the local subnet, allowing administrators to discover and manage a distributed fleet of servers without manual IP tracking. This architecture supports multiple concurrent client connections, enabling a collaborative diagnostic workflow where team members can monitor separate test stands or manufacturing cells simultaneously. This creates a unified "networked factory" experience, transforming isolated hardware units into a cohesive, manageable fleet that can be surveyed from any authorized terminal on the campus.

Campus Image

Global Secure Remote Servers

Operational Mode: CAN-LAN SECURE VPN Tunneling 1 to 4 Users/Server.

The third use-case expands the operational range to a global scale, effectively eliminating the barrier of physical distance. By utilizing the embedded CAN-LAN SECURE VPN service, the system establishes an encrypted, persistent data tunnel between the remote server and the authorized administrator's workstation. This architecture creates a transparent bridge; once the VPN link is established, the user’s software interacts with the remote machine exactly as if the CAN-LAN SERVER were physically connected in the same room. This involves rigorous handling of high-speed CAN-FD frame traffic, ensuring that real-time latency is maintained despite geographical distance. This capability is critical for global support teams, allowing for instantaneous troubleshooting, firmware pushes, and high-frequency data logging on assets located anywhere on the planet without the overhead of physical travel.

VPN Image

VPN Security Key Management

The CAN-LAN SECURE VPN relies on cryptographic keys to ensure encrypted, tamper-proof tunnels. To maintain security, administrators have two primary methods for loading these credentials onto the CAN-LAN SERVER:

  • Method 1: SD Card Provisioning. At power-up, the CAN-LAN-SERVER controller scans for an authorized SD card containing the required security keys. This method is ideal for bulk deployment or initial cold-boot provisioning where a network connection is not yet established.
  • Method 2: SD Card Provisioning - Interface Upload. Once the server is operational and reachable, keys can be securely uploaded directly through the CAN-LAN-SERVER INTERFACE menu. .
VPN Keys Image

CAN-LAN Interface Controls Summary

The CAN-LAN-SERVER dashboard is organized into modular control blocks designed for precise system administration and forensic diagnostics:

  • Network & Server Selection: Controls server discovery via get active servers, toggles between Local/Corp WiFi or Remote WireGuard VPN, and manages admin/VPN tunnel states.
  • Admin: Bus Type & Speed: Configures physical layer parameters, including Base CAN 2.0b or CAN-FD bitrates and protocol selection (J1939-21, J1939-22, or Native).
  • Detail Record Manager: Provides forensic oversight through Toggle Detail Manager, record slice navigation (start/get prev/next), and complex error filtering capabilities.
  • Admin: Server Control: Operates physical transceiver states, allowing for Normal, Listen Only, Loopback, or Disable modes.
  • Bus Error & TX Manager: Monitors Bus Errors via live logs, handles TX manager task queues, and utilizes the Frame Generator to construct and inject custom PDU-1 or PDU-2 frames.
  • System Utilities: Manages visualization scaling (scale Up/Down), firmware updates (OTA), VPN key installation, and interactive Conversion Tools for hex/dec/ASCII data parsing.
Interface Control Diagram

Specifications

Physical & Electrical Foundation

  • Form Factor: Precision-milled 3" x 5" industrial-grade chassis.
  • Power Source: Directly powered by the host vehicle's electrical system.
  • Internal Power Supply: Automotive-grade 10V–40V DC input range, hardened against load-dump conditions.
  • Physical Connectivity: DB9 connectivity for OBD-II or direct CAN-bus integration.
  • Galvanic Isolation: Full isolation of the CAN-bus interface from primary logic.

Core Processing & Communication

  • Processors: (2) 320MHz GP cores, (1) 100MHz DSP Core.
  • Architectural Integrity: Bare-metal register control.
  • CAN: 2.0b CAN-FD J1939-21 J1939-22.
  • CAN Frame Rate: Max 1000 FPS.
  • Networking: Custom 802.11 b/g/n, mDNS discovery, and VPN-hardened security.

Data Storage & Forensic Analysis

  • Local Storage: High Endurance 32GB SD Card. Detail Capture, User defined Frame profiles.
  • Record Analysis: Forensic detail record search.
  • Error Analysis: Each record analyzed for selectable error states.
Specs Image

System Configuration SD Card

Configuration Sample (can-39-consumer.ini):

[SERVER:CAN-LAN-SERVER-8] (fixed ID)
TYPE = STATION_MODE
LOCATION = ROOM 123
ADDRESS = CAN-LAN-SERVER-8.local (fixed ID)
SSID = YOUR_ROUTER_ID
PASSWORD = YOUR_ROUTER_PASSWORD

Configuration Breakdown:

  • Server Tag: Unique identifier for the server node.
  • TYPE: Switches between STATION_MODE and ACCESS_POINT.
  • ADDRESS: mDNS/IP pathing for discovery.
  • Credentials: SSID and Password for network handshake.
Config Image