Adjust the subnet to hide individual IPs and present a single address on the main network using Siemens S615

F5F Stay Refreshed Power Users Networks Adjust the subnet to hide individual IPs and present a single address on the main network using Siemens S615

StyleTrick
Senior Member

744

04-30-2016, 12:44 PM

I'm working on a network design that groups many operational devices into a single IP address across the Siemens Scalance S615. The plan involves connecting to a VPN and accessing VLAN 1 (external) from the S615, while all devices are placed in VLAN 2. The plant network layout is as follows:

Network -------------------------------
192.168.1.0/24 VLAN 1 (external facing) - connected via VPN
192.168.2.0/24 VLAN 2 (internal) - contains several devices, including 192.168.3.0/24

Currently, I lack access to the plant network settings and only have control over the S615 and its connected PLCs/drives. The goal is to make all devices appear as one IP from the rest of the network without using VLAN separation or firewalling, as that’s the default configuration. If possible, static routing or NAT should bridge the two segments so everything functions together seamlessly.

StyleTrick

04-30-2016, 12:44 PM #1

RawrItsaTyler
Junior Member

04-30-2016, 06:41 PM

Can I reach out to IT or collaborate with them? Why do you not have the necessary access? Because there are several subnets, we either require fixed routers on every device or set up a static route on the primary router to guide VPN traffic. Full access to the main network is essential—it would be challenging without it. Do you have permission to distribute static routers across all systems?

RawrItsaTyler

04-30-2016, 06:41 PM #2

dalekking13
Junior Member

05-07-2016, 10:54 PM

dalekking13

05-07-2016, 10:54 PM #3

LuckySoda
Member

161

05-15-2016, 06:08 PM

I’m used to handling IT tasks here. Without proper support, it’ll be a big challenge. NAT is designed to unify multiple systems under a single IP address, but the issue is that other systems can’t reach behind it unless we use workarounds like port forwarding. Ideally, you’d want to collaborate with IT and plan the rest of the network accordingly.

LuckySoda

05-15-2016, 06:08 PM #4

D_dae
Member

05-16-2016, 05:50 PM

It would still require the plants router to handle NAPT tasks. This means you can't fully configure it beforehand; during installation, the router will automatically assign an IP via DHCP.

D_dae

05-16-2016, 05:50 PM #5

It would still require the plants router to handle NAPT tasks. This means you can't fully configure it beforehand; during installation, the router will automatically assign an IP via DHCP.

Pat_doesMC
Member

05-19-2016, 11:33 AM

I’d much prefer to connect with a professional network consultant rather than filling out forms. This is important because it’s work-related and I’m putting in effort.

Pat_doesMC

05-19-2016, 11:33 AM #6

I’d much prefer to connect with a professional network consultant rather than filling out forms. This is important because it’s work-related and I’m putting in effort.

99loic
Member

141

05-20-2016, 09:04 AM

All your gadgets will appear under a single IP address. However, it could become tricky when other networks need to reach them. It really depends on how devices are supposed to communicate with one another.

99loic

05-20-2016, 09:04 AM #7

ZelowS
Member

206

05-21-2016, 06:55 AM

The devices generally stay isolated within their subnet; they’re all PROFINET-based, and communication outside that is usually unnecessary except for troubleshooting or updates. You’re correct—the Siemens team can be challenging to reach.

ZelowS

05-21-2016, 06:55 AM #8

seishi_no_kami
Member

142

05-22-2016, 01:53 PM

You should be able to set it up, but confirm with the IT team to ensure nothing is blocking it.

seishi_no_kami

05-22-2016, 01:53 PM #9

You should be able to set it up, but confirm with the IT team to ensure nothing is blocking it.