1:1/One-To-One NAT setup assistance

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
jholm90
DD-WRT Novice


Joined: 22 Sep 2018
Posts: 2

PostPosted: Sat Sep 22, 2018 16:39    Post subject: 1:1/One-To-One NAT setup assistance Reply with quote
Hello I am running into some issues following the 1:1 setup guide for my application.

I am working for a machinery builder that has a small 192.168.1.xxx network running inside a few machines and would like to be able to access two devices inside them all at the same time (192.168.1.10 & .11). All machines right now are using the same IP addresses and cannot be changed - so I was hoping to put them via a 1:1 NAT onto the shop floor network using 10.10.10.xxx (i.e. machine #1 @10.10.10.10 & .11; machine #2 @ 10.10.10.20 & .21) I have used the Phoenix NAT hardware (https://www.phoenixcontact.com/online/portal/ca?uri=pxc-oc-itemdetail:pid=2702139&library=caen&tab=1) in the past and it worked really well for this application, however I was hoping to save a couple of bucks and use this dd-wrt on a spare router (WDNR3700v3) to get this setup. I plan on putting one temporarily inside each machine and connecting the WAN port to the shop floor network. There is no "internet connection" or anything fancy that I would like this to do - I do not need any security or firewalls as this is all going to be an isolated network inside the shop floor not talking to the internet.

Right now I am trying to get the first device setup and it does not seem to be cooperating even with following the One-To-One setup guide. I have the machine plugged into LAN port 1 and my laptop plugged into the WAN port for testing. The devices inside the machine have a gateway address matching the router address. I have setup the WAN as static with an address of 10.10.10.1 Router IP hasn't been changed at 192.168.1.1, DHCP has been turned off.

These are the scripts that I have put in:

Code:

# Save Startup
WANIF=`get_wanface`
ifconfig $WANIF:1 10.10.10.10 netmask 255.255.255.0 broadcast 10.10.10.255

# Save Firewall
iptables -t nat -I PREROUTING -d 10.10.10.10 -j DNAT --to 192.168.1.10
iptables -t nat -I POSTROUTING -s 192.168.1.10 -j SNAT --to 10.10.10.10
iptables -I FORWARD -d 10.192.168.1.10 -j ACCEPT



Is there something that I need to for the VLAN? How should this look? I have reset the router to factory defaults many times and am running Firmware: DD-WRT v3.0-r36808 mini (08/30/1Cool
Are there any other items that should be selected or modified in the GUI to get this going?

Thank you in advance!
Sponsor
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6063
Location: Romerike, Norway

PostPosted: Sun Oct 14, 2018 10:12    Post subject: Reply with quote
There is an error in the FORWARD line.

# Save Startup
WANIF=`get_wanface`
ifconfig $WANIF:0 10.10.10.10 netmask 255.255.255.0 broadcast 10.10.10.255
ifconfig $WANIF:1 10.10.10.11 netmask 255.255.255.0 broadcast 10.10.10.255

# Save Firewall
iptables -t nat -I PREROUTING -d 10.10.10.10 -j DNAT --to 192.168.1.10
iptables -t nat -I POSTROUTING -s 192.168.1.10 -j SNAT --to 10.10.10.10
iptables -I FORWARD -d 192.168.1.10 -j ACCEPT

iptables -t nat -I PREROUTING -d 10.10.10.11 -j DNAT --to 192.168.1.11
iptables -t nat -I POSTROUTING -s 192.168.1.11 -j SNAT --to 10.10.10.11
iptables -I FORWARD -d 192.168.1.11 -j ACCEPT
dcnc
DD-WRT Novice


Joined: 14 Oct 2020
Posts: 1

PostPosted: Wed Oct 14, 2020 20:37    Post subject: Similar question Reply with quote
Hello, I am in a very similar situation with a piece of equipment.

Using the above code I am able to 1:1 NAT the addresses and ping them with no issues. I am curious the best way to 'open' port communication while using a 1:1 NAT? I need to telnet down to the device, any help is appreciated.

external = 10.10.10.10 :8193
internal = 192.168.1.1 :8193

Thank you,
Dan
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum