WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

PLC Remote access with same subnets openVPN NAT

+2 votes
2,259 views 2 comments
by

Hey Everyone, I hope someone can help me. I have softether running on windows server on a VPS. I have successfully setup up server and clients and can connect via PC and the 4G LTE Route (Teltonika RUT240 ) and can access siemens s7-1200 PLC. I have a NAT setup on VPN server with 192.168.5.1 and have given PLC static IP of 192.168.5.10 and Have set static IP on TAP Interface on PC with 192.168.5.15 and have Installed virtual ethernet adapter (microsoft loopback) and assigned a satic IP of 192.168.5.20 and bridged the connections in softether server to the virtual hub. This now gives me access from server to PLC ( I can ping PLC from Server and Engineering PC ) I can connect to the PLC from PC fine.

The Problem I now have Is I have a lot of PLCs at remote sites already set up and they all have the same subnets and they can not be changed (connected to other devices in the network I have no control over) I have thought about setting up individual NATs on the routers I will be installing but it seems the OpenVPN TAP client in the router is bridged to the local lan and can't be altered.

The other issue I see is the SCADA software running on the server needs to access these PLC ( I set the PLC IP address in the software for which one they connect to) I now have an issue as they all have same IP so I was possibly thinking about setting PLC IP in the software as the NAT ip set on the Router and then create static route to the PLC on the router.

If I need to access PLC network from Engineering PC I will just connect to server and set the TAP IP to the NAT the PLC is on and may need to cascade the connection to that particular virtual VPN Hub.

I will link a diagram for a better understanding

If anyone has any better ideas or ways of achieving this would be great 

1 Answer

0 votes
by anonymous
Hi,

I'm not sure and I've not tested, but perhaps IP Aliases and port forwarding OVPN in router could solve your issue. But in this case TUN should be used..
by anonymous
I can't get Tun to work, I have asked about this issue on another question. I have tried IP Aliases but that did not work. Looks like I'm pretty stuck trying to achieve this
by

https://www.youtube.com/watch?v=RKDhelt8mow

PLCLINK

This will let you use a different .ovpn config to access each plc even when they use the same IP's