I am trying to access a Siemens S7 1516F-3 PLC with a RUT241 via your VPN service. I have done the whole setup as in your YouTube. However, I cannot find the PLC via the TIA portal and an existing VPN connection. Or see the IP address of the PLC via ADD ROUTE in the VPN settings. The IP addresses are in the same subnet and the same IP range 172.31.30.XXX. The router RUT241 is connected to the customer’s WIFI network to the Internet, the PLC via the LAN port. However, I can establish a connection to the PLC via the WIFI of the RUT without any problems. So do I have a problem with the configuration of the router or the PLC?
1 Like
Hello,
To access the LAN of RUT241 via the RMS VPN Hubs, you will need to add a route to the subnet you’d like to reach. In your case, manual parameters of the route would look like so:
Once the route is added, make sure to enable LAN forwarding for your device:
If you still cannot reach the PLC when connected to the VPN Hub, try logging into the WebUI of RUT241, navigating to
Network → Firewall → General Settings and enable Masquerading on the LAN zone:
It should be noted, that as this is a layer 3 tunnel, TIA portal might not be able to discover the device automatically, and it may need to be added manually by specifying the IP address of your PLC.
Hope this helps!
Best regards,
Hi,
thanks for the quick response.
I have entered the IP address of the PLC under ADD ROUTE, LAN forwarding was activated and I enabled masquerading.
At USE ROUTER I have entered the IP address of the RUT241 in the PLC, which I have assigned manually in the WEB UI. Unfortunately, I still cannot establish a connection to the PLC by extended go online and entering the IP address manually.
Does my VPN hub have to have an IP address from the target range of my PLC system network?
Or do I still have an error in the router configuration?
Thanks
Hello,
Please try disabling masquerading on LAN and VPN zone.
No, since this is a layer 3 tunnel, the IP addresses for the tunnel and LANs should be different.
Could you try pinging the RUT241 from the machine that the Siemens application is running on? If the PLC does not respond, please run the following command:
traceroute PLC_IP
And post the output in the next comment. Keep in mind, that after adding a static route on RMS, the VPN hub has to be restarted for the changes to take affect.
A screenshot of the static route on RMS would also be appreciated.
Best regards,
Hello,
[quote=“Daumantas, post:5, topic:3892”]
Please try disabling masquerading on LAN and VPN zone.
[/quote] Done!
I can´t ping the RUT 241 from my Computer ->timeout. The VPN says it´s connected.
The tracert to the PLC looks like that:
That´s the configured route:
Thanks.
Hello again,
I can ping the PLC (172.31.30.2) and the laptop (192.168.0.6) with the address of the Open VPN network adapter via the router’s CLI. Does this help to troubleshoot my problem?
Thanks.
Hello,
In the RMS routes section, try specifying 172.31.30.0 instead of 172.31.30.2 in the IP section.
It seems like the issue here is that your laptop routes 172.31.30.2 via the it’s other interface and not OpenVPN, thus you’re not able to reach the PLC.
After the aforementioned change is made, could you run the following command on Windows:
route print -4
And paste the IPv4 Routing Table in the next comment?
Best regards,
This topic was automatically closed after 17 days. New replies are no longer allowed.