eWON COSY 131 - NAT 1:1 keeps dropping out

sslovik · February 19, 2019, 6:26pm

My maintenance engineers report that our eWON NAT 1:1 routing keeps failing,
on two similar machines using CompactLogix PLC’s.

The eWON is online, the PLC is online.
The eWON is using wireless WAN connection.
The PLC has the eWON LAN set as its gateway correctly.

Below you can see the NAT 1:1 not working when the SIFMacAddrW

value is all zeros. (no MAC id defined)

This problem has persisted us for years, and no matter what COSY firmware version I use

this problem does not go away.

Rebooting the eWON does not fix this issue.

I have tried disabling the NAT function on the eWON, rebooting, re-anble NAT, rebooting. Did not fix anything.

Pinging the NAT address does not find or fix the issue.

The only way I know to resolve this is to connect using the Rockwell PLC software and

attempt to talk to the PLC, which then “wakes” up the NAT address.

I don’t know how to permanently resolve this issue.

kyle_HMS · February 19, 2019, 6:48pm

Did you forget an attachment? You said “Below you can see the NAT 1:1 not working when the SIFMacAddrW”

SIFMacAddrW is the MAC Address of WAN interface.
SIFMacAddrWifi is the MAC Address of the Wifi interface.

Can you provide a backup of the device? Use eBuddy and select “Include Support Files.”

Also, what is the model(s) of the PLCs. Do your engineers have any additional logs or packet captures?

Thank you,
Kyle

sslovik · February 19, 2019, 7:24pm

The PLC behind this specific eWON COSY is a AB CompactLogix.

sslovik · February 19, 2019, 7:13pm

Here is a backup of my eWON COSY configuration.

Regards,

Scott

MOVED TO STAFF NOTE (173 KB)

sslovik · February 19, 2019, 7:11pm

HI Kyle,

Yes, I forgot to add attached image and then realized I could not see my post.

Regards,

Scott

kyle_HMS · February 19, 2019, 9:17pm

Hi,

If you are trying to connect to the PLC from the WAN (10.168.0.0/20) network, you should be using the IP address 10.168.0.140, which I see you have configured. Keep in mind, you don’t need to use the 192.168.0.30 address, unless you are trying to connect from the LAN side or from the VPN. Looking at your logs:

02/19/19 13:18:10 10.168.0.140 Unable to establish TCP connection to the Ethernet Interface
02/19/19 13:18:10 10.168.0.140 [10061] Connection refused
02/19/19 13:18:10 10.168.0.140 Device refused a CSPv4 connection, retry using EtherNet/IP
02/19/19 13:18:10 10.168.0.140 Attempting first connection, protocol = EtherNet/IP
02/19/19 13:18:10 10.168.0.140 Device has accepted the EtherNet/IP connection

It looks like the software is connecting. And in your screenshot I see that you can ping the PLC from the WAN on the 10.168.0.140 address. Everything seems to be configured and working.

Can you tell me exactly what transactions are failing if ping is working and using the Rockwell software is working? It would appear that the problem is with those transactions specifically.

Thanks,
Kyle

sslovik · February 22, 2019, 5:42pm

Hi Kyle,

Yes, temporarily fixed the NAT connection to the PLC.

The issue is with the MAC id’s assigned to the static IP NAT address.

After the machine is powered over for extended period of time for maintenance

and comes back up, our Layer 2 network can see the NAT plc addresses OK,

but our Layer 3 switch cannot see the NAT plc address.

It essentially loses what mac id was assigned to NAT address.

The eWON shares the MAC id between two separate IP addresses, and Layer 3 doesn’t like this.

To prove this, all I do is take my laptop out on the production floor and connect to

our machine wi-fi layer 2 network and ping the NAT assigned PLC address.

And then instantly I “wake up” the device on our Layer 3 network.

I doubt this is something we can configure or fix on the COSY device,

so I need to come up with a plan on how to address the connecton loss

between our Layer 2 and Layer 3 network.

Regards,