eWON COSSY 131 NAT not passing through

we have just had our first eWON installed at our facility and i am trying to setup 1-1 NAT so we can go on line with the Allen Bradley compact logix from our facility and set up data loging at our facility.

So far I have fallowed everything in the attached help document and i am now able to ping the eWONS WAN port but am not having success with the ping on the device i have set up in the 1-1 NAT. Everything works from within the LAN I just cant get to it from the plant network.
kb-0241-00-en-nat-1-1-with-ewon-cosy.pdf (427.3 KB)

MOVED TO STAFF NOTE (176.5 KB)

Hi,
Is the address you set for the device on the WAN side available and will not clash with anything else? Your settings for the NAT 1:1 are correct.

The wan port and the 1:1 NAT both have unique addresses given to me by our IT department.

You mentioned the LAN is fine. is this when you are connected through the vpn only or do you have a physical route to the plc on the cosy’s LAN? You have the NAT settings correct on the cosy. Are you trying to use a layer 3 communication?

When I place my laptop on the LAN side of the eWON I can see everything. When I am on the WAN side and trying to use 1:1 NAT to see the PLC it will not even return a ping.

Are you able to access the device though the VPN. so if you log into ecatcher and connect can you access the PLC without having your laptop connected on the LAN side.

This guide might be helpful for what you’re trying to do

NAT 1to1 without vpn.docx (685.6 KB)

You need to follow the doc from @Tim_hms and it’s very important that you set the default gateway on the PLC to be the LAN address of the eWON (192.168.0.1).

I do not have the user name and password for the VPN this equipment was installed in our facility by a Japanese company and we are in the US. They installed the eWON so they can troubleshoot on there end. If I ask may be able to get the user name and password but I would prefer to be able to access from our network without it as not all our troubleshooting computers have internet access enabled.

the Japanese company is able to go online with the PLC through the VPN.

my eWON does not have to Setup > System > Communication > Networking > Security like it is on step 3. is there a setting i need to change else ware to view this

No%20security%20tab1920×1080 178 KB

Hi Brad,

The equivalent of step 3 can be found in step 4. It makes these setting changes through the COM Configuration instead of through the user interface.

I was able to get it to work. All three of those items where at the correct settings. I opened up the subnet mask some in the E-won and PLC.

I am not sure what happened but the VPN Part still works but I can not ping the Ewon from our plant network let alone the PLC with the NAT. Our It department says they have not changed anything on there end

Hi Brad,

Do you see any errors on in the Cosy’s eventlogs? Could you send us a backup.tar file of the device with support files included?

Also are you able to ping the Cosy’s LAN address when you’re connected through eCatcher?

I am able to get on line with the eWON with a computer on the LAN side.

What’s your cosy’s LAN and WAN IP address as well as the IP address of the PLC and the address you’re trying to NAT the address to for one of the devices?

eWON_2020_02_03_support.tar (175 KB)

this is odd if i put the computer in the same 15.128.202.XXX subnet the NAT works just fine. if i am in the 15.128.XXX.XXX subnet even though everything has a 255.255.0.0 subnet mask it no longer works

Hmm that’s strange, do you know if your PC was in the 15.128.xxx.xxx subnet range before or was it previously in 15.128.202.xxx range?

cmd then ipconfig\all the IP address for the computer trying to go on line was 15.128.69.75 set by dhcp. a different PC had a static of 15.128.8.22 and it didn’t work either. on both PCs if i set a static in the 15.128.202.xxx range it worked just fine