Hilscher Community Forum
Internet on the fieldbus-side - Printable Version

+- Hilscher Community Forum (https://forum.hilscher.com)
+-- Forum: netPI - Industrial Ethernet featuring rugged Raspberry Pi (https://forum.hilscher.com/forum-1.html)
+--- Forum: Software (https://forum.hilscher.com/forum-5.html)
+--- Thread: Internet on the fieldbus-side (/thread-652.html)

Internet on the fieldbus-side - COswald - October-19th-2020

Good Morning Hattersheim,

my problem is, that I have a Industriel PC behind the NIOT-E-TPI51-EN-RE and this is not able to access the Internet.
This would be great for normal situation, but we have to be able to do so.

What is special here? We don't use the fieldbus side in ProfiNet-Mode, but in LAN-Mode via the LAN-Enabler Docker-Container.
I have also installed the TOSIBOX-Soft-Lock, which is working fine. Without any special routes in the Gateway.
Is where something special with this?

Here are some screenshots of the LAN and route settings in the gateway:



I'm looking forward reply.

Kind regards,

Carsten Oswald

RE: Internet on the fieldbus-side - Armin@netPI - October-19th-2020


my explanation why the TOSIBOX container application works without any routing setup because it is always the initiator of the local TCP/IP traffic sent to the cifx0 interface and its connected devices behind. This is just a standard communication between two local IP addresses where no routing information is needed but just the two IP addresses and no gateway firewall is blocking the access.

In your new use case now the initiator whereas is the PC sitting behind the cifX0. On this PC you need to configure a gateway first of all next to its IP address 192.168.1.x. This gateway needs to be set to the IP address of the cifx0 interface which So all traffic of the PC outside the local network 192.168.1.x will be sent to this gateway address respectively cifx0 instead. As next you should also configure a DNS server on the PC. Usually a DNS server address works fine. Else a simple "ping google.de" will not work on your PC since there is no name resolution configured.

Finally instead of configuring a cifx0 routing path as you did you have to configure the eth0 firewall on your Connect gateway accordingly:


That is all you need to do. This is not a routing problem since the default route is internally configured to eth0 anyway but a firewall problem. You have to trust the eth0 interface as NAT-trusted.

RE: Internet on the fieldbus-side - COswald - October-19th-2020

Hello Armin,

many thanks for your quick reply.
Yes, it was the NAT.
After enabling NAT support everything is good.
The TOSIBOX is also running.

Greetz from Haan,