Vanguard 3000 Multicarrier Cellular Data Modem & IP Router PN 134732-VG3000 Rev. D| Page 87
Ethernet Subnet Mask
255.255.255.0
Network ID
192.168.1.0 (reserved – first IP address in subnet)
Broadcast Address
192.168.1.255 (reserved – last IP address in subnet)
Vanguard 3000 192.168.1.50/24
PLC/RTU #1
192.168.1.10/24
Computer #1
192.168.1.125/24
By changing the subnet mask, the network can be made to include as many or as few IP addresses as desired. Ethernet
devices can only talk directly to other devices that have IP addresses within the same IP subnet. For example,
Computer #1 from the example above can only talk with locally connected devices that have IP addresses between
192.168.1.1 and 192.168.1.254. When Computer #1 wants to talk to another server on the Internet, it will send its data
packet to the local gateway. In this case the local gateway is the Vanguard router. Since the Vanguard has two IP
addresses (each IP address is on a separate subnet), it can forward the packet from the LAN network (192.168.1.0/24)
to the cellular network. The packet will continue to be forwarded in a similar fashion, from subnet to subnet, until it
reaches its final destination.
4.3
PRIVATE VERSUS PUBLIC IP ADDRESSES
Certain address ranges in the in IPv4 address space have been reserved as private IP address. Private IP addresses can
be used by anyone, without the need to register for an IP address assignment from the IANA (Internet Assigned
Numbers Authority). However, private IP addresses are not routable on the Internet. Routers on the Internet will
typically drop any packets that are destined for a private IP address. These addresses are reserved for local use only.
Common Private IP Address Ranges
10.0.0.0 to
10.255.255.255
172.16.0.0
to
172.31.255.255
192.168.0.0
to
192.168.255.255
Devices using Private IP addresses must have a router with NAT (network address translation) capability to access the
Internet. By default, the Vanguard will perform the NAT function on all outgoing traffic. The Vanguard router will
change the source IP address from the private IP of the local host to the Vanguard’s public IP address which was
assigned by the cellular carrier. Since the outgoing packet has been modified, a remote server or website on the
Internet will think the packet came directly from the Vanguard radio. It will reply back to the cellular IP address of the
Vanguard. The Vanguard radio remembers which traffic flows have been established and routes the incoming return
traffic back to the desired host device on the local area network.
4.4
PORT FORWARDING
NAT functionality is only useful for traffic flows that are initiated by the Vanguard or by a device that is physically
connected to the Vanguard. Port forwarding can be enabled to allow remote devices connecting through the Internet
to initiate traffic flows with a local device connected to a Vanguard router.
In the example configuration shown below, a host from the Internet can create either a TCP or UDP connection with
the local host at 192.168.1.250 on port 7000 by sending a packet to the cellular IP address of the Vanguard at port
8010. When the Vanguard receives a packet destined for port 8010 it will look through the Port Forwarding table to see
if a matching rule exists. It finds the rule that instructs it to forward this packet to port 7000 of IP address