PLC IP address NAT options

Hello,

I was wondering if the configuration of let's say S7 1200 PLC driver would allow direct NAT:
image
In fact I have given few trials, but it did not work.
Supposed, my PLC has IP address 172.155.0.11 (Hostname), and the network adapter has IP address 192.168.173.20 (Local address).
Is this the idea? For me it does not work.
Thank you for your help.

Gateway! Gateway! Gateway!

If you're using NAT then you need to make sure that your PLC has its gateway configured to point back to the NAT router. If it doesn't the PLC will see that the source's IP address is on a different subnet (determined by the subnet mask) so it will shrug its shoulders and drop the request since it has no idea how to route the response back to the outside network.

Test steps:

  • Check that you can ping the PLC on the LAN.
  • If you have access to the router then repeat the ping test from there using the LAN address.
  • Check your NAT rules look OK and then ping from the WAN.

If you fail the last step then check the PLC network gateway configuration.

1 Like

And whatever else you do, don't expose the WAN side to the internet.

1 Like

I have done this exercise many times. If I add router with NAT, everything is OK.I just was wondering if there is some workaround using Ignition driver configuration.
Thank you Transistor and pturmel for your replies.

I'm not sure I understand what you mean. Are you suggesting Ignition would somehow contact and configure the router for you? Because that is fundamentally where NAT actually happens, and therefore needs to be configured there. Whether Ignition is the client or something else.

Let me clear some points related to the driver configuration page.
Again as above I will use random IP addresses.
Ignition is installed on PC, or on WM with IP 170.170.0.170. Gateway 170.170.0.1.
The PLC has IP address 182.169.0.225. Gateway 182.169.0.1.Networks 170.170.0.0 and 182.169.0.0 are bridged. Subnet masks 255.255.255.0 on both. I can ping the PLC from 170.170.0.170. In this case what shall I insert in "Local address"? Leave it empty by default, right?

Leave it empty.

The Local Address setting is supposed to be used to force the driver to connect from a certain NIC when you have multiple NICs and the routing tables aren't set up right or you just need to connect from a certain NIC for some other reason.

1 Like

Do you mean you can ping 182.169.0.225? If so, that means you are NOT using NAT. Just normal routing.

1 Like

@pturmel, you are correct, terminology wise, once again thank you for your reply.
@Kevin.Herron , thank you for your explanation, crystal clear.