Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

I want to filter the protocols with PLC and Aplications Rockwell

I have the next vlan configuration:

interface Vlan1

ip address 172.23.8.1 255.255.252.0

no ip unreachables

no ip directed-broadcast

interface Vlan5

ip address 172.23.60.1 255.255.255.0

no ip unreachables

no ip directed-broadcast

In the Vlan 1 I Have the Server 172.23.11.24 and I need that the Ip address of the PLC 172.23.60.1-15 (VLan 5) communicate with the Server 172.23.11.24 (Vlan 1) only and with the ports TCP and UPD specific.

The SERVER 172.23.11.24 should be connected with the remainder of the network and with the Ports TCP and UDP that be required to have communication 172.23.60.1-5

In Attachment are the listing of ports and protoclos TCP / UDP of the Applications that run in the SERVER and the ones that handles the PLC. This information was supplied by Rockwell

In the Board 1788-ENBT is the PLC that are utilizing and the Remainder are applications that run in the Servant, except 17xx that are models of PLc.

I am going to configure the following list of access, ?This correct one?

interface Vlan5

ip address 172.23.60.1 255.255.255.0

ip access-group Control_Plc_Sub_electricas in

no ip unreachables

no ip directed-broadcast

ip access-list extended Control_Plc_Sub_electricas

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 44818

permit udp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 44818

permit tcp host 172.23.11.24 172.23.60.0 0.0.0.15 eq 44818

permit udp host 172.23.11.24 172.23.60.0 0.0.0.15 eq 44818

permit udp host 172.23.11.24 172.23.60.0 0.0.0.15 eq 2222

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 27000

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 1234

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 1330

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 1331

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 1332

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 3060

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 6543

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7600

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7700

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7710

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7720

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7721

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7722

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 7723

permit tcp 172.23.60.0 0.0.0.15 host 172.23.11.24 eq 135

2 REPLIES
Community Member

Re: I want to filter the protocols with PLC and Aplications Rock

Anybody have any information?

Community Member

Re: I want to filter the protocols with PLC and Aplications Rock

I am interesting this topic and solution as well. I have the similar issue that needs to be resolved. The control engineer needs to access PLC network from our main network. Also I need to have the server to read/write fromPLC to server bidirection.

340
Views
0
Helpful
2
Replies
CreatePlease to create content