Question

Answer 1

Hello,

Thank you for your query.

I have a few questions, Could you please elaborate a little bit on the scheme(topology) , to be precise on the part where PC is being connected to RUT. It is indicated that LAN ip address: 192.168.10.2 and WAN ip address: 10.0.0.102 In general a PC doesn't have LAN and WAN ip addresses, it has only one WAN port. If I understood correctly the customer is looking for a DHCP relay configuration, and to be more exact, they want the PC/PLC/CNC device/devices to get the ip address from Enterprise router DHCP Server.

Normally, without DHCP relay enabled, this would work in the following manner: Enterprise router LAN 10.0.0.1 -> RUT WAN 10.0.0.20 LAN 192.168.10.254-> PLC/PC 192.168.10.1

As I understood the customer is looking to have Enterprise router LAN 10.0.0.1 -> RUT WAN 10.0.0.20 LAN 192.168.10.254-> PLC/PC 10.0.0.101

Is that correct? If so, then not NAT(network address Translation) would be required but DHCP relay and Server. Dhcp Relay would have to be configured on RUT device. I will go over more details on how exactly do it if this is the solution you are looking for.

In addition, Could you confirm that Enterprise router is connected in the following manner to RUT: Enterprise Router LAN port -> RUT router WAN port.

Here is the screenshot of the topology, I have marked exactly where it is unclear:

Best Regards,

Dziugas

Comments

I simplify the topology for you:

The enterprice router has a range of IPs in which the entire administrative network works, the RUT300 was placed in the operations area where there are several workstations and each workstation has a PLC and different devices connected to that PLC, in If the important thing is not to modify the IPs that the PLCs have, but since all the IPs of each workstation are the same, they cannot be connected to the network because they would be duplicated, then the idea of doing NAT is that in each workstation a RUT is placed, and that at least the IP of the PLC can be translated

In summary, the RUT300 creates a NAT table where it indicates that the IP of the PLC will be translated into an IP of the WAN segment and thus the users of the Enterprise network will be able to consult the data of the PLC

---

Hello,

Thank you for clarifying.

I have logged this in with our R&D(Research and Development) team to consult on implementing your requested solution. I will update this query as I get a reply on this.

Best Regards,

Dziugas

---

Hello,

We have come up with a solution.

Both of your mentioned topologies, the original one and the simplified one can be implemented.  IP aliasing would be the easiest solution.

The working principle: Creating ip alias interfaces for RUT WAN interfaces and then port forwarding the traffic to end devices.

Configuration Example:

1. Create IP alias for WAN interface via CLI

In order to do so you would have to login to the CLI of the device(connecting via SSH using PuTTy or other third party software is possible or via WEBUI). To edit the network file type in the command: vi /etc/config/network and press insert button. Configure wan interface aliases according to my provided example and click esc button. Then type :wq and hit enter to exit.


2. Add port forwarding rule

In order to configure a port forwarding rule you would need to open the WEBUI of the RUT device and navigate to Network -> Firewall -> Port Forwards -> Add A New Instance.

Note: it'll be needed to create IP alias for each device that needs to be reached via 10.0.0.x/24 IP from enterprise router. For example to implement first topology it'll be required to create 3 IP alias interfaces on each RUT device and then create port forwarding rules accordingly.


Best Regards,
Dziugas