Does anybody know of a device, router or otherwise that can do a particular type of NAT. We need to map one set of IP address's to another set like this for example:
192.168.0.1 to 10.2.30.1.
192.168.0.2 to 10.2.30.2.
And so on.
It needs to be one to one mapping. Not port forwarding.
We had a device made by AB but it is no longer available. Can't seem to find anything else that can do this.
So you just want to Nat an entire subnet or is there more to it I’m not seeing?
If your router is Cisco or compatible.
Not the entire subnet, just a couple address's. Here is what we have.
The plant network is of the form 10.1.60.*. We have a machine with it's own ethernet network for several devices on the machine. Not practical to change all those devices to plant network address's. We can hook directly up to the machine with it's address's to program, etc. But have a need to do it from another location in the plant from the plant's network. Hope that makes sense.
And why do you want to NAT it instead of just routing between the two subnets?
I not being that knowegeable on terms, here is what I need to do. I have programming software for a controller on a machine. To connect to the controller I have to tell the software the IP address of the controller. When I am on the plant network I can't enter the actual machine IP address as it isn't on the same network. One network is like 10.1.60.* and the other is 192.168.0.*. So I need a 1 to 1 translation.
Presumably the software won't allow an address that is not on the 10.1.60.* network. Also presumably the machine manufacturer prohibits you from re-addressing the machines?
If those presumptions are correct then NAT is the answer. Any router worth it's salt will provide NAT translation but routers can be difficult to setup, especially if you are not familiar with networking topics.
Did you have something like this previously?
Looks like Phoenix has a solution for "1 to 1 NAT"
That looks like a winner. Thanks.
I used to do something like this with ipfw using FreeBSD some 20 years ago.
I have been working in manufacturing for over 30 years. We often architect our real-time control systems to have their own private controls network, to keep these devices as safe and performant as possible from the rest of the company's LAN. We typically use a dual NIC solution. One NIC allows the data from the control system to be collected on the plant's servers. The second NIC is used for the private control network.
If the machine's 'Controller' is not dual NIC capable, I can understand the desire to use a 1:1 NAT device. However, it seems like this is becoming less and less necessary over time.
HA! Got you beat, 
been doing industrial controls for over 50 years. Started out with relay panels before anyone even knew what a plc is. I just do part time consulting now.
Unfortunately this particular plant still has older controllers that don't have dual NIC, thus the need for 1 to 1 NAT for a lot of the units. As it turns out the new machine coming in may have a dual NIC controller which I wasn't aware of before. I'm always the last to know what they are getting. If that is the case then I won't need the NAT unit, but I can still see a need elsewhere.
Again, thanks for everyone's help.
Nice!
I hope to be retired long before getting anywhere close to 50 years of service! 
I started working for myself in 1984. The only reason I’m still doing anything is my very first customer is still at it and he won’t go anywhere else. He’s older than I am and I keep bugging him to pack it in. I think he enjoys it too much to stop. But I only put in about 3 days a month and 90% of that is remote from my house. So I can live with that. Besides the money is very good…
@j715 You can do it with a Watchguard. You can either do 1:1 via vlan or VPN... Here you can see on the left the destination network is .1.x but maps to .20.x and the one on the right just goes to .20 (you can set this up both way either for the full subnet or just individual ip's
I use pfsense for pretty much all of our routers (business, non profit etc) as you can do a fanless box that will route 1Gbps for about $500 (with SNORT for IDS etc). Routing between multiple physical interfaces is a snap. You can address pretty much any scenario with a pfsense build. The Qotom boxes have been 100% reliable for me. This box is the best "buzz for your buck" right now: https://www.amazon.ca/dp/B074XNYHL4
I have a branch office running with about 60 users, client VPN, VOIP and static VPN tunnels out to six satellite sites on an older i5 Qotom box. Rock solid.
That one I linked has 4 intel gigabit ports that can be use for WAN or LAN as you see fit. I use them in multiple WAN setups for load balancing etc. The learning curve is a bit steeper, but I've found it well worth the effort given the cost to performance ratio.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
Download the Hubitat app
