With small control teams managing already large and increasingly growing control systems, an opportunity that I have encountered is the need to remotely access programmable logic controllers for various reasons, including troubleshooting as well as performing administration tasks.
Often, the remote controllers are embedded within integrated packages that include additional components such as an HMI, a drive or other devices on a “private” network. In this case, it would not make sense to expose the entire “private” network to the facility PLC network or PCN.
Even if you wished to gain connection to all the devices, you would have to change the IP address of every device to match the scheme of your PLC/PCN network.
A tool that I have found to be of good use is Rockwell’s 1783-NATR.
This device can be set up in minutes and installed without disturbance to the existing networks. The private port can be connected to the private network and the public port is connected to the PCN or PLC Network.
Simple NAT Setup
Step 1) The first step is to connect to your 1783-NATR via web browser to configure it.
If your device is brand new, first check that all the DIP switches are in the off position.
Next, connect the front Ethernet port to your PC, and then power on the 1783-NATR.
Step 2) Now launch the BootP/DHCP Tool on your PC and assign the NATR device an address for the Private Network you will be using it with (typically 192.168.1.1.)
Note: For a tutorial on using the BootP/DHCP Tool, see this article.
Step 3) Next, open a Web Browser and type in the address you gave your NATR above (http://192.168.1.1) to open the configuration web-page.
Step 4) When the web-page loads, locate the “Configure” link and select it.
This will prompt you to login, and you can do so using the default user name of “admin” and the device's serial number (located on the device's label) for the password.
Step 5) Although not required, I recommend giving your device a name and description that describes its installation location under the “Device Identity” tab:
Step 6) Next, if you'd like to change the private network address you can do so on the “Private Network” tab. In this example I've changed it to 192.168.1.50:
Step 7) Next, setup the device with an unused public (plant) network address. In this example I set my unit to 10.101.10.50:
Step 8) Finally, configure the Network Address Translation (NAT) Table for each device’s private and public addresses that you wish to allow through the router. Each “private network” device you add to this table will become avail to directly connect to from your “public” plant network:
While this is only an introduction, some other notable features of the 1783-NATR include the following:
- Security features, including the option to disable the public administration capabilities and password protection
- Ability to save and restore the configuration via SD card
- Ability to save and restore the configuration via configuration file that can be saved as a .txt file
- Diagnostics that can be used in troubleshooting and evaluation of network traffic passing through the device
For additional information on initial setup, see the Rockwell manual “1783-UM008A-EN-P”
Each newly installed control system will not have the same needs as far as integration to existing systems is concerned, however, I have found this tool to be of great asset in several different applications.
With ease of setup and installation, a system that was once a remote island can now be accessed remotely, providing timely support and administration tasks that were previously time consuming.
Written by Brandon Cooper
Senior Controls Engineer and Freelance Writer
- Control System Power Supplies: Run to Failure or Preventive Maintenance? - March 5, 2021
- Dealing with Extreme Temperatures in Automation - March 2, 2021
- Converting a VMware VMX file for use in VirtualBox - February 26, 2021