Announcement

Collapse
No announcement yet.

NAT Device like AB 9300-ENA

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • NAT Device like AB 9300-ENA

    Was wondering if anyone knew of a cheaper simple NAT device like the Rockwell Allen Bradley 9300-ENA. IIRC the 9300-ENA is ~$900-1000, and there is a slightly less capable version, the 1783-NATR which runs ~$700-800.

    Google searches have led me to some "router" type devices which can do 1:1 NAT, but they're generally 8 port devices with more functionality than I need, and price tags in the ~$800-1000 range. I'd prefer to use an unmanaged switch behind a two port NAT device that would only pass through the 1:1 NAT relationships that I've set up.

    Thanks,
    Bill


  • #2
    I have used Various Mikrotik routers for the functionality you are describing. The are many in the sub $100 range that would work fine for your application. The only down side is they dont have any dinrail mount versions so you need to be creative with the mounting of the device.

    Comment


    • #3
      Thanks for the reply. Do you have a model you've worked with in the past that you like?

      Comment


      • #4
        I have used EdgeRouter X (model ER-X) by Ubiquiti. They are under $100 on Amazon and can do NAT. They aren't the easiest to program. I have had help from a true network engineer. But they do the job. Plus you can either power then via their 120v mini plug-in power supply or you can power them as a POE device using 24vdc and a special RJ45 POE power connector. Only draw back is they are not Din rail mountable.

        Comment


        • #5
          In for the watch seeing what you guys come up with. I have been looking for stuff like this.

          Comment


          • #6
            I did figure out a solution to DIN rail mounting a Mikrotik RB750r2 (~$40). Bought a pack of these DIN rail mounting brackets on Amazon.

            Drill tapped the back for 8-32 screws. Put a couple nuts on there where they would fit. This thing shouldn't see too much mechanical load, so the nuts are probably not super necessary.



            Top it off with a 2.1x5.5mm DC barrel plug, and hey presto, ready to go into a panel.



            When I get one set up and working, hopefully I'll remember to update this with setup/config info for future reference.

            Comment


            • #7
              Originally posted by BillBai View Post
              I did figure out a solution to DIN rail mounting a Mikrotik RB750r2 (~$40). Bought a pack of these DIN rail mounting brackets on Amazon.

              Drill tapped the back for 8-32 screws. Put a couple nuts on there where they would fit. This thing shouldn't see too much mechanical load, so the nuts are probably not super necessary.



              Top it off with a 2.1x5.5mm DC barrel plug, and hey presto, ready to go into a panel.



              When I get one set up and working, hopefully I'll remember to update this with setup/config info for future reference.
              Looks nice. I hope that those DC barrel adapters are better than the ones that I got from adafruit.

              Comment


              • #8
                So looks like I got things working for the most part.

                Started with the Mikrotik wiki page for NAT setup: https://wiki.mikrotik.com/wiki/Manua...AT#1:1_mapping

                Used the command line to set up the mapping, since the web & WinBox interfaces have way too many boxes and options that don't make the process very user friendly.

                Code:
                 /ip firewall nat add chain=dstnat dst-address=[[PUBLIC IP]] action=netmap to-addresses=[[PRIVATE IP]]
                 /ip firewall nat add chain=srcnat src-address=[[PRIVATE IP]] action=netmap to-addresses=[[PUBLIC IP]]  
                
                Example:
                 /ip firewall nat add chain=dstnat dst-address=10.2.11.151 action=netmap to-addresses=192.168.1.10  
                 /ip firewall nat add chain=srcnat src-address=192.168.1.10 action=netmap to-addresses=10.2.11.151
                Note: Do not include the subnet /24 unless you want to map the whole subnet. The example commands shown will map individual IP addresses.

                The gotcha that took me a while to figure out was that you also have to add the public IP addresses to the router's IP address list.

                It's under the "IP" menu, "Addresses" section. You just need to add each desired public IP address to the list for interface ether1.
                Click image for larger version  Name:	VIuLq6x.png Views:	0 Size:	7.5 KB ID:	123466

                As far as I could tell, you don't necessarily need to populate the "Network" box, if you just put in the address you want with the correct subnet mask, it'll figure it out.
                Click image for larger version  Name:	OwtM2kI.png Views:	0 Size:	8.1 KB ID:	123467

                The devices now scan out with an IP scanner, but show up with the router's MAC address. As a result the PLC CPU will not show up in Productivity Suite CPU Connection Scanner. You will need to manually add that IP address to the list. As far as I've seen, it seems to connect fine and I'm able to edit programs online via this manual connection. I am also able to get to the C-More HMI web page with no issues, but the project transfer will still need to have the address manually defined as the scanner will not detect the HMI.

                I may keep poking around to see if the router will pass through the MAC address and other info from the PLC and HMI so that they can be auto-detected by the softwares, but it's working well enough to use for now.

                Comment

                Working...
                X