Remote clients on different network
Hi,
We have 800xA system environment with 2 AS, 2 CS and 1 history on 2 ESXis. The servers have 3 networks connected - Primary CS (172.16.4.0), EPMS (10.10.16.0) and History (192.168.200.0). There are 2 HMI panels in a remote location whom act as clients. Problem is, that only connection to HMI's is through EPMS network. Customer does not want to allow us to connect Primary CS to their site infrastructure.
Is there any possible way to have servers on both Primary CS and EPMS networks and clients only on EPMS network and make the clients communicate with 800xA? Or any other possible solution to this?
Thank you
Ondrej
We have 800xA system environment with 2 AS, 2 CS and 1 history on 2 ESXis. The servers have 3 networks connected - Primary CS (172.16.4.0), EPMS (10.10.16.0) and History (192.168.200.0). There are 2 HMI panels in a remote location whom act as clients. Problem is, that only connection to HMI's is through EPMS network. Customer does not want to allow us to connect Primary CS to their site infrastructure.
Is there any possible way to have servers on both Primary CS and EPMS networks and clients only on EPMS network and make the clients communicate with 800xA? Or any other possible solution to this?
Thank you
Ondrej
Asked 5 months ago
Answers
1
System 800xA requires that all servers and clients to be on network(s) governed by RNRP.
RNRP will run on any layer-2 (=non-routed) network as long as it support free multicasting (=IGMP must be disabled in switches). Explicit Addressing can be used if 172.16.x.x addresses cannot be allocated; only limit is that node number stays below 500, e.g. 10.10.10.10/255.255.0.0 will not work...
If these conditions cannot be met (e.g. layer-3 or multicasting is restricted) you can use a RNRP Tunnel Area to act as bridge between servers and clients. The minimal configuration is if server and client act as Tunnel Area Border Nodes themselves. For larger configurations, we recommend having separate TABN to cater for the tunnel.
Read more about RNRP and tunneling options in the Network Configuration User's Guide, 3BSE034463-610.
The ABB NE870 and NE871 Industrial RNRP Routers may also act as TABN and (optionally) as firewall/VPN border nodes (in case the tunnel area need to be casted over a WAN where the level of privacy/security might not be suitable for an industrial graded application).
More information on the NE800 hardware can be found in the NE800 Getting Started Guide, 3BSE085444-420.
RNRP will run on any layer-2 (=non-routed) network as long as it support free multicasting (=IGMP must be disabled in switches). Explicit Addressing can be used if 172.16.x.x addresses cannot be allocated; only limit is that node number stays below 500, e.g. 10.10.10.10/255.255.0.0 will not work...
If these conditions cannot be met (e.g. layer-3 or multicasting is restricted) you can use a RNRP Tunnel Area to act as bridge between servers and clients. The minimal configuration is if server and client act as Tunnel Area Border Nodes themselves. For larger configurations, we recommend having separate TABN to cater for the tunnel.
Read more about RNRP and tunneling options in the Network Configuration User's Guide, 3BSE034463-610.
The ABB NE870 and NE871 Industrial RNRP Routers may also act as TABN and (optionally) as firewall/VPN border nodes (in case the tunnel area need to be casted over a WAN where the level of privacy/security might not be suitable for an industrial graded application).
More information on the NE800 hardware can be found in the NE800 Getting Started Guide, 3BSE085444-420.
Add new comment