What NAT scenarios can be implemented with the SCALANCE S615?
The SCALANCE S615 is a module from the security module product line and protects industrial networks and automation systems against unauthorized access. Thanks to its diverse features, the security module enables protection of different network topologies and flexible implementation of security concepts.
Use of the SCALANCE S615 as a router and simultaneous support of common NAT mechanisms provide numerous options for accessing the internal network or automation system to be protected:
Contents of this Document
This document uses selected UseCases to describe the different options. Each UseCase describes the starting situation, discusses the requirement and addresses the advantages / disadvantages.
The aim is to give an overview of the available options and provide an adequate solution for the most common use cases.
The following configurations are looked at in detail:
- Two-way communication with gateway (standard routing)
Web server access without gateway (active PC, passive CPU) (NAPT)
PG functions on multiple CPUs without gateway (destination NAT)
NATing entire subnets (destination NAT)
PG functions on multiple CPUs without gateway in series machine manufacturing (destination NAT)
Cross communication for series machinesCross communication for series machines (destination NAT)
Connection to control systems without gateway (CPU as the active part) (source NAT)
Reaction-free communication using VPN tunnel in existing plants (source NAT)
Reaction-free S7 communication in existing plants (source and destination NAT)
Documentation (1,4 MB)
Add further chapters.