LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-01-2014, 07:55 AM   #1
SCUBA NooB
LQ Newbie
 
Registered: Apr 2014
Posts: 1

Rep: Reputation: Disabled
one to one NAT Problem


I'm trying to achieve a 1:1 NAT using Raspbian (on Raspberry Pi) so a SCADA system can see a PLC on a different network.
Since I'm a 100% beginner I've just done the basics.

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -d 172.16.254.100 -i eth1 -j DNAT --to-destination 86.26.48.20
iptables -t nat -A POSTROUTING -s 86.26.48.20 -o eth1 -j SNAT --to-source 172.16.254.100
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

The PLC is 86.26.48.20, gateway 86.26.48.1
The Raspberry Pi has eth0 86.26.48.1, gateway 86.26.48.1,
eth1 172.16.254.100, gateway 172.16.254.1
Laptop 172.16.254.88, gateway 172.16.254.99

The strange thing is the laptop can ping the PLC with only the PREROUTING line (before the POSTROUTING line is typed in) and 'software' can go online to the PLC. The trouble is the SCADA will not connect.
Wireshark on the laptop shows a pattern of red lines whose subject is "Ethernet/IP-2" with the RST as 1 (I believe this is highlighting a problem?) as the response from the Pi.

If I set the gateways to treat the Pi as a normal router (not NAT) then the SCADA connects.

I want to be able to connect to the PLC as though it sat on the 172.16.254.xxx network and not have the laptop see the Pi as a gateway. Don't care about firewalls or any of that stuff merely want a NAT device (like Rockwell 9300-NAT)

Any ideas how to move forward with this or just pointers as to how to test anything (tried logging but it baffled me more)
 
Old 04-01-2014, 04:18 PM   #2
halvy
Member
 
Registered: Aug 2005
Location: Anchorage, Alaska (soon EU, hopefully)
Distribution: Anything NOT SystemD (ie. M$) related.
Posts: 918

Rep: Reputation: 41
I'm sorry I prol do not have much advice.

What I would do, presented with your problem (with the limited knowledge I also have with nets.. ) is.. make sure the system you are interested in, is on the proper SUB NET(S).

This is where I would *start*. If that did not help.. Then.. (while waiting for answers .. I would start over in setting up my whole net.. making sure that your original problem (of "..able to connect to the PLC as though it sat on the 172.16.254.xxx..") was sorted FIRST, before I accomplished the balance of the set up.

Lettuce know..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NAT and NAT Server behind its own NAT(private network) zeusys Linux - Networking 1 06-08-2011 07:22 PM
Can I use NAT and some local hosts without NAT on linux box? tkmbe Linux - Networking 1 08-12-2010 03:38 PM
Please help in NAT problem vidhyaprakash85 Linux - Networking 8 11-15-2008 01:10 PM
NAT problem kurrupt Linux - Security 7 11-29-2004 11:19 PM
Susefirewall2 Nat Problem / nat 1:1 trubi Linux - Distributions 0 07-20-2004 06:50 AM


All times are GMT -5. The time now is 08:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration