Copyright © 2013 Weidmüller Interface GmbH & Co. KG
70 / 103
All rights reserved. Reproduction without permission is prohibited.
A4 - Connecting 2 Ethernet networks with the same IP address range to
another network using 1:1 NAT address translation
This Technical Note applies to the Weidmüller Industrial Router IE-SR-2GT-LAN and IE-SR-2GT-UMTS/3G
Application scenario:
There are 2 machine networks and one upper-level production network. Each machine network is connected to the pro-
duction network by a security Router. The production network itself is connected to the corporate network via its own
Router. Both machine networks have the same IP address range 192.168.1.0 of type class C: The production network
uses the IP address range 172.16.1.0 of type class B.
Task and solution:
Each Ethernet device of all 3 networks shall have the possibility to communicate with each other. For this reason it is
necessary that each of the machine networks
– both configured with the same IP address range - must be translated to
unique IP addresses. This can be done by using the network IP address translation feature
“1:1 NAT” of the Router.
1:1 NAT means that IP addresses (
private
) of devices connected to the LAN port, internally will be translated to a new IP
address (
public
) if they communicate with IP addresses connected to the WAN network. From the perspective of the
WAN network each device of the LAN network is only known and addressable by its
public
IP address. In the case of
incoming data from WAN network (outgoing to LAN) the destination IP addresses (public) of LAN network automatically
will be translated from their
public
into their
private
IP address.
Machine network 1 / 192.168.
1.0
/ 24 (Class C)
Switched Production network 172.16.1.0 / 16 (Class B)
WAN-Port
172.16.
1.252
255.255
.0.0
GW:172.16.
1.254
Router 1
Switched Corporate network 10.1.1.0 / 16 (Class B)
Machine network 2 / 192.168.
1.0
/ 24 (Class C)
LAN-Port
172.16.
1.254
255.255.0.0
These static routes has to be
configured at Router 3 that devices of
network 1 can communicate with
devices of network 2 and vice versa.
192.168.
20.0
/ 24 via 172.16.
1.252
192.168.
21.0
/ 24 via 172.16.
1.253
PC 1
172.16.
1.20
255.255.0.0
GW: 172.16.
1.254
HMI 1
172.16.
1.22
255.255.0.0
GW: 172.16.
1.254
Server 1
172.16.
1.21
255.255.0.0
GW: 172.16.
1.254
Networks 1 and 2 can communicate
with each other by Routers 1 and 2 via
Default-Gateway 172.16
.1.254
pointing to Router 3
Machine 1
192.168.
1.100
255.255.255.0
GW 192.168.1.254
Machine 2
192.168.
1.101
255.255.255.0
GW 192.168.1.254
Machine 3
192.168.
1.102
255.255.255.0
GW 192.168.1.254
Machine 1
192.168.
1.100
255.255.255.0
GW 192.168.1.254
Machine 2
192.168.
1.101
255.255.255.0
GW 192.168.1.254
Machine 3
192.168.
1.102
255.255.255.0
GW 192.168.1.254
Machine networks 1 and 2 uses the same IP address range
Machine network 1: 192.168.1.0 (Class C)
Router 3
Production network 172.16.1.0 (Class B)
Configuration of Default-Gateway
according to corporate network
parameters (not necessary in this
example)
Machine network 2: 192.168.1.0 (Class C)
WAN-Port
10.1.
1.254
255.255
.0.0
Public
IP address / subnet
of LAN-Port
192.168.
20
.254 / 255.255.255.0
1:1 NAT activated for LAN port.
Private
network 192.168.
1.0
/24 will be mapped to
public
network
192.168.
21.0
/24 (e.g. 192.168.
1
.100
ß
192.168.
21
.100)
Private
IP address / subnet
of LAN-Port
192.168.
1
.254 / 255.255.255.0
Public
IP address / subnet
of LAN-Port
192.168.
21
.254 / 255.255.255.0
Private
IP address / subnet
of LAN-Port
192.168.
1
.254 / 255.255.255.0
Router 2
WAN-Port
172.16.
1.253
255.255
.0.0
GW:172.16.
1.254
1:1 NAT activated for LAN port.
Private
network 192.168.
1.0
/24 will be mapped to
public
network
192.168.
20.0
/24 (e.g. 192.168.
1
.100
ß
192.168.
20
.100)
