cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4092
Views
30
Helpful
10
Replies

Help choosing static NAT switch

brian411114
Level 1
Level 1

Hi

Can anyone recommend a Cisco rack mount switch that has =>20 ports, and can do Static NAT? Our application involves at least 6 large identical machines with >60 devices (Robots, PLCs, Machine Vision, webcams, HMI, etc). We're using a web based platform called Ignition which allows a single gateway to monitor client HMIs (one per machine). We want every machine to be identical, including IP configurations and therefore want to use One to One NAT between the server and machine networks. I'll try to attach an example architecture if the site allows. 

Thanks for any help or questions. 

10 Replies 10

brian411114
Level 1
Level 1
 

Hello,

 

your choices for Cisco switches that do NAT are very limited. Only the high end switches like the Nexus have support for NAT. The Nexus 3548, which is a one rack unit device, will cost you about  US$15,000. 

Better get a small router like the 800 or 1100 series...

Thanks for your input Georg. I redrew the network diagram I had to try to help communicate our architecture. If I am understanding you correctly, you're saying that I don't actually need a L3 switch with NAT, but instead I could use a simpler switch and a gateway router. You mentioned the 1100 series routers.

 

Also, I believe that the Ignition Gateway (and redundant ignition gateway) receives an IP from the Plant network via DHCP. Additionally, the eWON remote access router would be receiving an IP from the plant GUEST network via DHCP as well. Hopefully this doesn't complicate matters too much.

Hello,

 

I cannot really tell from your drawing where your network edge is (the device facing the Internet). What is the Ignition Gateway in your setup ?

I added some dashed lines and labels to show the external network (plant network). So, as it is currently drawn the device facing the internet would be the "Cisco L2 Switch". Additionally, the "eWON Remote Access Router" faces the internet, but it only faces a guest network.

Ignition is a web based server software that "Acts as the hub for everything on your plant floor for total integration".  It contains an OPC-UA Server, is a tag provider for each machine's PLC tags, and allows clients to be opened on each machine's HMI. It also facilitates SQL database connections for each machine to use, as well as email and sms notifications during machine faults.

Hi Brian,

 

Thank you for sharing the network architecture.


Based on the network diagram, I believe you require a Catalyst or Nexus Core Switch which supports IP Routing and NAT (L3 Core Switch).
I agree to George that Cisco Nexus 3548 Switch (1RU) is a great option since it is smaller however it's quite expensive and has no active Cisco support.
The next cheaper option would be a Cisco Catalyst 6503-E Switch (4RU) which includes all your requirements for IP Routing, NAT, and has 20+ ports. In addition, it has active Cisco support.
However, please note it is bigger with 4 RU and price can quickly add up depending on the additional modules you purchase.


Please refer below link for more detailed pricing list:
https://www.cisco.com/c/dam/en_us/solutions/industries/government/mississippi3760/docs/Cisco-MS-EPL-3760-SWITCHES-Pricing-Guide-20170201.pdf

 

Kind Regards,

Jean-Pierre

Dennis Mink
VIP Alumni
VIP Alumni

logical choicde would be a 3850,  but that does not support NAT, so you would still need to bolt on a router, purely for NAT purposes.

Please remember to rate useful posts, by clicking on the stars below.

Dennis Mink
VIP Alumni
VIP Alumni
 
Please remember to rate useful posts, by clicking on the stars below.

Dennis Mink
VIP Alumni
VIP Alumni

logical choicde would be a 3850,  but that does not support NAT, so you would still need to bolt on a router, purely for NAT purposes.

Please remember to rate useful posts, by clicking on the stars below.

Deepak Kumar
VIP Alumni
VIP Alumni

Hi,

There is few nexus switches are available with NAT feature and it is costly. You have many choices as choose router for NAT or nexus switch or go with  Opensource router OS (same as router or firewall). 

But go with a router is good and best solution. 

 

Regards,

Deepak Kumar

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!