05-09-2021 12:25 PM - edited 05-09-2021 12:34 PM
I have a setup where multiple identical industrial machines have a PLC with two network cards and routing between the internal 192.168.1.0 network and the plant network 172.16.0.0.
Every machine has a unique IP in the plant network but internally the components have every time the same IPs in the 192.168.1.0 network. For example a touchpanel with x.x.x.90.
I configured the default gateway of each machine to the router of the plant network 172.16.0.1. Other than that, there are no configuration changes possible.
I would like to access each panel of the machines using individual IPs on the plant network from other subnets of the plant network. I looked at static source NAT, but I am missing a possibility to have routes to the different machines from the router of the plant network, as the subnets and IPs are identical.
I can only reach 1 machine when I add a static route in the router to its PLC, and using source NAT.
Can I do something thats using different routes depending on which inside global IP I'm using?
I believe it is not possible, as I cannot match any thing else than the IP 192.168.0.90, but not the unique PLC IP which sends the packets to the router. Any ideas?
05-09-2021 12:36 PM
Do you have a small network diagram of how these connected?
which is the device doing routing and NAT?
you can map 1 to 1 static NAT each device if you like
example 192.168.0.90 to 172.16.0.90
192.168.0.91 to 172.16.0.91 so on again it all depends on what kind of setup and router you have here .
05-09-2021 01:32 PM - edited 05-09-2021 01:33 PM
The router I need to configure is a cisco 800 series with IOS, which is the plant network router. I'm using one interface to reach all machines using a switch, and another interface to the PC clients (inside/outside)
The tricky point is that in every machine network there is the 192.168.0.90 IP for the panel, which I cannot change. The static NAT is what I tried but I'd need different routes to reach each machine via its plant network IP, but the machines have all the same private IP network 192.168.0.0/24.
05-09-2021 04:25 PM
every machine network there is the 192.168.0.90 IP for the panel,
Ah, this is not going to work. - until you want to put more effort VRF here.
05-09-2021 01:59 PM
Hello
No it won’t be possible so you will need to keep obtaining access to those hosts via their routable subnet 172.16.0.0 or re- address the secondary nics.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide