Network bridge

Pierre

Lifetime Supporting Member
Join Date
Apr 2002
Location
Montreal
Posts
1,669
We have a device inside a plant which we want to be made available throughout the admin. network.

This device is on a sub-net and the admin is on another one.

What it is its an industrial machine that has an imbedded web page... running a Java applet which gives some visual data... Speed, Temp., and more.

We cannot bridge it through the plant switches because they are linked through a WAN around North America and when this plant was bought, they discover a lot of the same addresses in other parts of the land...

So the industrial xxx.xxx.25.xxx sub-net has to stay local until we reconfigure all local networks... this will take a few months before everybody is ready for it.

We still want to make this webpage available to the personnel sitting on there 192.168.1.xxx administration network.

How can we bridge this xxx.xxx.25.25 device to all others on the xxx.xxx.1.xxx ??????

We don't want them to have access to any other IP addresses on the x.x.25.x network, just a direct access to the x.x.25.25 device webpage.

Any tricks here... hardware... we don<t want a PC doing it.

Thanks in advance,

Pierre
 
If it were me, I'd go to your local electronics recycler and get a Linksys BEFSR41. These were a very popular home broadband router that are cheap and durable. The WRT54GL with the WiFi parts disabled is also a good one.

Set up the LAN side as xxx.xxx.25.xxx, and the WAN side as 192.168.1.xxx.

Enable Port Forwarding to just the one xxx.xxx.25.25 address on the LAN side.

The downside is putting a cheap consumer device on your system, and I know the BEFSR41 can't handle high levels of UDP traffic (like Ethernet I/O with no filtering). The upside is that you'll spend $10.

There are plenty of embedded router devices that will do the same job. I personally like the m0n0wall FreeBSD implementation: powerful but easy for a novice to configure.
 
Puzzled

Thanks guys.

Thats sort'a what we've done without succes in our shop.

As I do with some other networks, from the Net, we access some devices with port forwarding.

We tryed it in our shop... with two different routers, a LinkSys and a NetGear.

We fixed its WAN address to the admin subnet and the Lan side to the device subnet. Forwarded port 8085 to it and... no cigar!

We can Ping the Wan on our networdk but cannot seem to go passed it. We activated all what is required but it just does not work. We are puzzeled by this.

Darn it, why can't we pass accros the router with the port forwarding scheme?

So we disconnected all our other stuff and isolated the 5 devices.

1 Primairy router xxx.xxx.1.1 Lan side (nothing on WAN)
1 laptop on xxx.xx.1.10 to Primairy router Lan
1 Secondairy router Wan side fixed at xxx.xx.1.11 / 255.255.255.0 connected to Primairy router Lan
Port forwarding to its Lan xxx.xx.25.5
Lan side is xxx.xx.25.2-100
1 Device (Quantum PLC inbedded webpage) xxx.xx.25.5 on LAN side of Secondairy router
1 Laptop on 192.168.5.20 connect to LAN side of Secondairy router

We even have enabled Remote acces on Secondairy router to the port 8080 and cannot get in !!!

What are we doing wrong... it should be simple :(

Pierre

Browser command is

192.168.1.11:8085

We get nothing
 
My IT guy at work told me I had to put in the "Default Gateway" setting of the network adapter the IP address of the router acting as the bridge. So when it tries to access an IP address not on it's subnet, it goes to that IP address to find it. I only tried it once, and only with that Default Gateway he told me, and I was able to access a separate subnet from my desktop computer.
 
My IT guy at work told me I had to put in the "Default Gateway" setting of the network adapter the IP address of the router acting as the bridge. So when it tries to access an IP address not on it's subnet, it goes to that IP address to find it. I only tried it once, and only with that Default Gateway he told me, and I was able to access a separate subnet from my desktop computer.

Hi,

The thing is that we do not want anybody to really access the x.x.5.x network... thats where all PLCs are...

We only want everybody to have access to a web page in a compressor control system. So with port forwarding they will only have access to this. By entering x.x.1.11:8085 then they should be connected to the device x.x.5.25 without even seing where there are really connected.

But up to know, it does not work.
 
Hmm, did you just forward the one port? Try putting the .25.x addy in the DMZ and giving it a whirl. Some connections require more than just the one port.
 
If that works, Then you can run nmap and wireshark against the Web Serving device to determine exactly what ports you need to forward.
 
Tryed the DMZ an nothing better.

Wireshark gave us no clues. But this has to be re-looked in.

Tomorrow we will re-setup an independant network and do some real tests. This should have worked easaly...

I'll post what we have done.

We have some Cajun Gigabyte and rugged.com managed routers in stock but we beleived we could do this with a simple of the shelf router...

We got to be doing something wrong... something so simple we don't see it.
 
Last edited:

Similar Topics

We have DH+ network on 6 PLC5. We have RSView32 as a HMI. Previously we link HMI with DH+ network by 1784-KT card but we have a problem on some...
Replies
5
Views
2,984
I want to establish a Profinet network in my production plant to connect multiple devices, including a PLC, HMI, and multiple Profinet-based...
Replies
19
Views
560
Greetings Folks, This is my first post after a long gap (almost 13 years) on this forum and i hope that i will get things fixed with your...
Replies
10
Views
236
I have been looking to this and thought I'd ask for input from others before I take it in a wrong direction. The guy who used to set these up...
Replies
9
Views
345
I have inherited a system that uses a Parker ACR9000 motion controller with the Ethernet PowerLink option that it uses to control five Parker...
Replies
5
Views
161
Back
Top Bottom