Siemens Scalance -XC208 NAT

belph

Member
Join Date
Jan 2014
Location
Prague
Posts
27
Hi folks,

I am struggling quite lot with NAT in Scalance switch XC208.

Main task is to isolate lan and production network. I would like to have Main PLC in two VLAN's - VLAN 1, VLAN 2. However in VLAN2 I would like to use NAT function and mask IP adress from 192.168.0.21 to 10.10.10.60. I have been through documentation and followed steps (VLAN assigment, port definition, NAT function of VLAN interface, Pool). But it does not work. In VLAN2 I can ping switch itself (192.168.0.1 - 10.10.10.1 ) but not PLC.
Has someone faced same problem as me in the past and solved NAT functionality on Scalance switches ? Compared to other products, it is really user unfriendly and disaster in parametrisation o_O .

Any response appreciated.

Thanks in advance.
 
Hi folks,

I am struggling quite lot with NAT in Scalance switch XC208.

Main task is to isolate lan and production network. I would like to have Main PLC in two VLAN's - VLAN 1, VLAN 2. However in VLAN2 I would like to use NAT function and mask IP adress from 192.168.0.21 to 10.10.10.60. I have been through documentation and followed steps (VLAN assigment, port definition, NAT function of VLAN interface, Pool). But it does not work. In VLAN2 I can ping switch itself (192.168.0.1 - 10.10.10.1 ) but not PLC.
Has someone faced same problem as me in the past and solved NAT functionality on Scalance switches ? Compared to other products, it is really user unfriendly and disaster in parametrisation o_O .

Any response appreciated.

Thanks in advance.


NAT is pretty much an afterthought in the XC200 switches. Also, the manual warns that NAT uses a ton of processing power, and you run into bandwidth limits pretty fast.

If you're looking for much NAT traffic, you probably want something like the S615, a dedicated router/security appliance.

That said, we can't help you fix your config if you don't show us your config.
 
Thanks for reply. Still do not get it, why offering NAT and it is not suitable to use it.


Pff, no idea there. The real answer is probably some huge customer demanded it, and it made sense for some specific thing they were doing.


Attaching configuration, many thanks in advance for any hint :
(y)

2 things I saw:


Your VLAN configuration doesn't line up between the two screenshots. you have Port 1 and Port 8 set as VLAN 2 for the Port VID, but they both have a "u" not a "U" on VLAN 2. The capital U should show which VLAN the port VID is set to.



I've never set NAT up on those units, but you might need to switch the VLAN 2 on the NAT config to be VLAN 1 instead. They don't really say which direction the NAT means.



FYI, you shouldn't need anything set up in the Pool, if you want STATIC NAT. It is only used for dynamic NAT. Shouldn't hurt you either, tho.


Also, I think your default gateway may be wrong. If I'm looking at this correctly, the 192.x subnet is the local one with the PLC, and the 10.x subnet is the plant, with the connection to higher systems. You want the default gateway to point to a router in 10.x, so it can get to other systems. Unless there is a router in the PLC network to get you elsewhere? This shouldn't affect the static NAT, but might hurt you later
 
belph,

Did you ever get this to work - I have been struggling with this also - I am thinking of using a number of smaller 1:1 devices

Thanks
 

Similar Topics

Hi All, Quick sanity check - got a PLC addressed as 10.34.62.172 - we don't want to change this address but the factory want to access some data...
Replies
3
Views
1,499
Hi all, I'm having an issue with the setup of the NAT function of a Siemens S602 Scalance. I already have a working NAT functionality (see pic in...
Replies
7
Views
2,896
Hi all, First a heads up, this is my first time working with Siemens product so please bare with me. We are testing the Siemens Scalance W700...
Replies
5
Views
3,083
Hello Experts!!! I am working on Siemens Scalance M874-2 GSM Modem. I have successfully configured the Modem using WBM for SMS Application and...
Replies
1
Views
3,023
Hello, I would like to be able to read useful information in S7 v5.5 about the status of the different ports on my Scalance switch; such as...
Replies
3
Views
5,393
Back
Top Bottom