Siemens HMI + TAP Adapter + VMware Virtual Machine

Hello, I’m having some troubles scanning Accessible Devices in TIA Portal via the TAP adapter.
I’ve followed the guide linked in this topic, but I’ve also to highlight that we’re using TIA Portal on a virtual machine (VMware Workstation).

I’ve already bridged the TAP adapter from VMware, but I can’t understand which IP I should set to the guest network adapter (the one bridged to the aforementioned TAP). If I enable the NAT network adapter (VMnet 8) I can ping the PLC and the HMI as we should expect.
I’ve already enabled the BroadcastForwarder parameter from the eWon webserver and we’re using a firmware version >= v12.0s1.

Hello @Davide,

We do not have a process for bridging the connection from the tap adapter into VMware. I recommend either running eCatcher in the VM and following standard instructions or running TIA portal in on the Host with eCatcher.

Deryck

Hello @deryck_hms.

I’m sorry, but the approach you’re suggesting is not working at all. I’ve installed eCatcher on my VM (Windows 10) and I’m able to open a VPN tunnel to the eWon Cosy device but then I’m unable to ping both the VPN IP address or the PLC address (on the same subnet of the eWon LAN IP address).

On the contrary, if I open the VPN tunnel from the host machine and then try to ping the aforementioned addresses from the guest machine, I don’t have any kind of issue but, as I said, I’m unable to make the most of the TAP adapter.

May you suggest any kind of solution? We’re in need to achieve this task to be able to get online with the HMI panel.

Thanks!

You should be able to run eCatcher in a VM without issues, it should work just like the host. When ecatcher connects we add a route to your PC routing table for the ewons subnet.

Do you receive any error messages when you connect? Are you able to reach the ewon webpage?

https://ewon.biz/technical-support/pages/remote-access/siemens-vipa?ordercode=EC61330_00MA
Deryck

PS: I see you are connecting from Europe, while this form is ran by our USA team. If we are not able to respond quick enough your distributor should be able to help you too.

Thank you for your prompt reply, Deryck.
Yes, I’m able to run eCatcher without any issue from the guest and I don’t receive any error message. Moreover I can open the web server page of the eWon device and I can log into it.
Unfortunately I cannot ping the PLC or the HMI.

P.s.: I’m ok keeping on discussing about the issue on this forum. I suppose it’s the best place to solve this problem, even if the reply times are a bit longer. Thanks!

If you can get to the ewon then the VPN is getting established. Are you reaching the VPN ip of the ewon or the LAN IP. This might tell us if the route is being created correctly. You could also run route print in a cmd to see the routes. You should see something like this:

In this example I have ecatcher connecting to a 192.168.50.x subnet with the ewons LAN being 192.168.50.123 and 10.28.194.182 is the ewons VPN IP.

After some tests, I’m now able to ping both the VPN IP and the LAN IPs. To achieve that, I had to open eCatcher on the host system (without opening a VPN tunnel) and then logging into eCatcher from the guest system with another user. As soon as I close eCatcher into the host, I lose the capacity to ping the aforementioned IPs.
Still, even if I’m able to ping, I cannot access the HMI in TIA Portal using the TAP Adapter, but I’m able to “Go Online” with the PLC, as I used to do even when I was opening the VPN tunnel from the host system.

I am not sure how this would have corrected the issue. I think this could be an issue with how the VM is creating routes in the VM system to the host. In your first screen shot it looks like there was an IP conflicting with another route. You can see the 192.168.0.199 route below the highlighted routes going though the VPN. The second capture does not show this.

Since you can ping the PLC you should now have access. Make sure you are setting it up as seen here: https://www.ewon.biz/technical-support/pages/remote-access/siemens-vipa

Deryck

Yes, I can access the PLC (but I was already able to do that even by opening the VPN tunnel from the host system instead of opening it from the guest), but I’m still not able to access the HMI.

May I ask you to connect via TeamViewer so that it can become easier to understand the situation? Thanks!

I can take a look in the next half hour or next Monday.

It is currently 4:30 EDT

Deryck

We can arrange it for Monday, if you’re available.
At the moment I’m able to scan for the accessible devices, but when I try to go online with the HMI, TIA Portal prompts me to assign a new IP address to the PC/PG interface (I suppose the TAP adapter) and then it fails to do so.

Hi Davide,

My apologies I got tied up yesterday and didn’t have an opportunity to reach out. Let me know if you would like me to take a look today.

Deryck

Don’t worry. I think this evening (GMT+2), so afternoon for you, I may be available, but I will update you with a PM if that’s ok for you.

I’m facing the same issue. Could you share the solution details ?

This is not an eCatcher issue, this is a VMWare routing issue. You will need to contact VMWare for assistance.

Hi there, is this still a VMware problem?

I am in the same trouble now with following Setup:

  • VMware Workstation 16.2.1 - Windows 10 64bit, TIA Portal V17 Update 1
  • E-Catcher 6.7.3 (and today 6.7.4)
  • VM Network is bridged

Routing table is correct and showes up my remote local network.

But i cannot ping the remote ones.

But now i have following strange thing

If i reinstall e-catcher, i can ping my rmeote site without a problem after the first reboot. But i need reboot the VM after installation again, because TIA Portal does not show the TAP ethernet.

After the second reboot, the TAP ethernet shows up in TIA, but i cannot ping anymore my remote local…
Route is the same under route print, but when i tracert the remote local network, it always uses my internet router as gateway and ignores the vpn connection…