Community discussions

MikroTik App
 
inkolas
just joined
Topic Author
Posts: 1
Joined: Wed Apr 13, 2022 9:18 pm

NAT for access to PLC

Wed Apr 13, 2022 9:54 pm

Hi. I have two identical LAN. Each one contains PLC (controller) and HMI (windows PC). Both LAN has same address for the PLC 172.1.1.1 and for HMI 172.1.1.2.
Until now it was just two local network without any connection to external world.
Now I need to read some data to the SCADA (collecting data PC). This PC is on the factory network. So I need to connect booth identical LAN to the factory network.
I did try to configure example on my desk with MikroTik HEXs router and it was fine. But when I move it to the factory it does not work. Maybe because it is no gateway in the PLC and HMI. And I have no access to the PLC parameters, so i can't change IP or set gateway.

My HEXs setup:
Start from quick setup for standard router with WAN static IP 192.168.50.100.
Add two more IP for WAN interface (ether1) 192.168.50.101 and ...102.
Add NAT rules
add action=dst-nat chain=dstnat dst-address=192.168.50.101 to-addresses=172.1.1.1
add action=dst-nat chain=dstnat dst-address=192.168.50.102 to-addresses=172.1.1.2

It was working on my desk when LAN devices had a gateway, but does not work on the factory when devices have no gateway. How to translate booth addresses in the packet, source and destination? I believe PLC can answers only to someone in the same subnet so I need to exchange src IP 192.168.50.50 (SCADA) within some local IP like 172.1.1.10 an then back somehow. Any ideas what am I doing wrong or how to do it properly? Thanks.

Who is online

Users browsing this forum: Google [Bot], mtkvvv and 38 guests