Connecting profinet - company network

userxyz

Member
U
Join Date
May 2002
Location
any
Posts
2,768
Hi,

I have a question about the use of router or other system to connect a profinet network with the company's network.

Simply explained:
I have a 1511 CPU with 8 drives on profinet and a TP900 on profinet. The company now asks to do some logging and to make them reachable over their network. the idea is to use VB scripting in the TP900 and write daily csv logs. This is allready prepared and tested. Writing everything on a USB stick. Made the html pages available and I can get the files via ethernet. Locally I have an own IP range different than the company's IP range. And I have profinet (real time ethernet). So I think it is a bad idea to change my IP's and just connect to their network... wouldn't that give extra load on their network, or do switches avoid such things ?
A better way is to use an indsutrial router I think. I was thinking about an S602, but that's not a cheap solution. A standard router cannot be used I think because we are using profinet, I think it's better to be in the indsutrial range of devices for that reason.

So, the main question...
What do you guys do in such situation, Router, change IP's to the range of the company ? Use a manageble switch ? Any other solution ?

Thanks,

Kind regards,
C
 
Profinet is local. Should remain local. Always.

We add network cards for plant networks. Or use multi-network cards if possible.

In your case, we'd leave the CPU and drive on local island, then add a network card for plant network and connect TP900 through that card.

Not sure about the TP900, but I know the TP1500 for example has issues reconnecting to remote drives after a download. Requires a runtime restart after every download.
 
I'd go with the router option.

I inherited a site network where everything (literally everything) with an Ethernet port was assigned an IP within the same range (and a weird one at that). My plan going forward is precisely a router/firewall to separate them and control what goes around.
 
Yep. That is what routers are for.
The Router does not have to be Profinet certified. Just place it in the network so that the Profinet data does not have to go over the router.

When we have several identical lines, and a central database with OPC connections to the various lines, we use 1-to-1 NAT routers.
 
investigation

Hey,

Another option I am thinking of...
Adding a Lean card and taking the TP900 in the new network of the company. The company and the HMI are connected on the Lean card then and the rest remains in the profinet network. This way VPN would be even possible.

What do you guys think about this option ?
I think that is what Jeebs is telling here... ?

Kind regards,
C
 
Last edited:
Something like this

Something like this:

lean.png

An HMI in the company network is a little weird maybe, donno...
 
Jesper

JesperMP,

Would a router like this work:

https://www.coolblue.be/nl/product/725136/ubiquiti-unifi-security-gateway.html

Profinet signals do not have to pass, that's right.

Kind regards,
C

JesperMP said:
Yep. That is what routers are for.
The Router does not have to be Profinet certified. Just place it in the network so that the Profinet data does not have to go over the router.

When we have several identical lines, and a central database with OPC connections to the various lines, we use 1-to-1 NAT routers.
Click to expand...
 
It looks like it is specialised to safeguard an office from outside (internet). How it works for a machine-to-office situation I dont know.
Apart from that, it looks like an office-grade device. So it must be installed in an office environment, not near to the machine.
 
Hi

Hi JesperMP,

Maybe not the right devive, but a standard router should work if I understand what you say.

Kind regards,
C


JesperMP said:
It looks like it is specialised to safeguard an office from outside (internet). How it works for a machine-to-office situation I dont know.
Apart from that, it looks like an office-grade device. So it must be installed in an office environment, not near to the machine.
Click to expand...
 
Combo said:
Something like this:

View attachment 50531

An HMI in the company network is a little weird maybe, donno...
Click to expand...


In my company we always use CP cards to connect PLCs to Ethernet network (SCADA system and other computers), and use built in ports on PLC for Profinet network. Like on picture above.
Probably best solution here is CP-1543 module, in my humble opinion.


Also we usually also connect HMIs (operator panels) over CP cards (Ethernet), since we use different manufacturers for HMIs.
 
From my perspective, your two plans are both potentially good, and have potential trade-offs.



  1. The option in your first post was to use a security device. Note that an S615 is much cheaper & newer than an S602, so it's worth a look. Also allows for a VPN scenario. More expensive than an office grade device, though, obviously. The advantage to the NAT router is that it allows for other devices in the network to communicate out. The HMI is the obvious choice in your scenario, but I've also seen situations where there are data loggers, robots, etc, that probably belong on the local network but need external access. Ultimately, this solution is more flexible from the network angle.
  2. The second option, with the comm card, gives you good PLC connectivity, but means that any other devices, like your HMI, need to be on the outside. It does give your PLC connection options it didn't have before, like FTP.
In the end, I think the S615 router will probably be cheaper than the comm card for the PLC. As others have said, PN doesn't support routing, so make sure all your PN devices are on the inside network.
 
Hmm

Is this allowed to do ?

Normally all devices on a profinet are known in your project with gsdml files... this way we connect profinet realtime signales with a cable on some kind of device that is not industrial ?

To me the Lean card looks the most professional and easiest solution, but the most expensive one...



JesperMP said:
Yep. That is what routers are for.
The Router does not have to be Profinet certified. Just place it in the network so that the Profinet data does not have to go over the router.

When we have several identical lines, and a central database with OPC connections to the various lines, we use 1-to-1 NAT routers.
Click to expand...
 
Combo said:
Is this allowed to do ?

Normally all devices on a profinet are known in your project with gsdml files... this way we connect profinet realtime signales with a cable on some kind of device that is not industrial ?
Click to expand...
Yes, of course it is allowed to do. That is why Profinet supports all Ethernet features.
All the devices that are functionally part of the PN RT system should be PN RT rated. That would include switches and routers.

Notice that by that I do not mean any device that is connected to the Profinet RT system.
I mean devices that are inside the Profinet RT system.
So if for example on the CPU or switch, one cable goes to PN RT devices, and another cable goes to HMI devices, office LAN, ect. then the latter part is NOT part of the PN RT system.

As to "professional", then a Router does what the name implies. It is the "standard" way to do it IMO.
One disadvantage of having a CP being part of the office LAN is that it means that company IT will want to manage the CP. If you have a Router, you can let IT manage the router without it affecting your machine LAN.
 
Thanks

Thanks JesperMP

JesperMP said:
Yes, of course it is allowed to do. That is why Profinet supports all Ethernet features.
All the devices that are functionally part of the PN RT system should be PN RT rated. That would include switches and routers.

Notice that by that I do not mean any device that is connected to the Profinet RT system.
I mean devices that are inside the Profinet RT system.
So if for example on the CPU or switch, one cable goes to PN RT devices, and another cable goes to HMI devices, office LAN, ect. then the latter part is NOT part of the PN RT system.

As to "professional", then a Router does what the name implies. It is the "standard" way to do it IMO.
One disadvantage of having a CP being part of the office LAN is that it means that company IT will want to manage the CP. If you have a Router, you can let IT manage the router without it affecting your machine LAN.
Click to expand...
 

Similar Topics

M
S7-1200 Stepper motor profinet not connecting
Hello all, I'm working with an s7-1200 and a stepper motor in Tia portal v17. This stepper motor is an SMD23E2 and I am attempting to connect...
2
Replies
19
Views
2,837
Lare
L
D
Connecting profinet device over EL6632 profinet controller (beckhoff)
Hello everybody, Could you help me to connect profinet device over EL6632 profinet controller in the TwinCAT 3? I try to do that and I receive an...
Replies
1
Views
1,861
Vijolica555
V
M
Connecting Different controllers (brands) with same I/O devices - Demo Station Design
Hi, I want to build a demo station to test devices and programs and I need some help with it. I want to connect GuardLogix, Piltzmulti and...
Replies
1
Views
130
JeffKiper
JeffKiper
N
Connecting to the PLC or 1756-ENBT over USB
please using the usb can i assign any ip address that i want ?
Replies
4
Views
130
geniusintraining
geniusintraining
A
Output is nc when connecting with wire.
Hi everyone, I need some help I new with omron plc. I using plc CP1L. When I do the program it's good and the plc is function as program. But when...
Replies
1
Views
80
Liam Moran
Liam Moran
Back
Top Bottom