NAT switch 2000

NAT switches

Switches with NAT routing function combine switching and routing in a single DIN rail device. With ​Network Address ​​Translation​, they allow easy connection to the higher-level network for machines or systems with the same IP address range.

NAT switch with two WAN ports and six LAN ports

The ports of the NAT switch can be freely used as LAN or WAN ports

Very flexible

The FL NAT 2000 offers a high degree of flexibility, as each of its eight ports can be freely assigned as LAN or WAN ports. This means that you can use the NAT 2000 as a simple NAT switch with one WAN port and seven LAN ports. There is no need for an additional switch in the system.

Alternatively, you can use the NAT switch to connect a machine to multiple higher-level networks, such as production and diagnostics networks. You can choose from various NAT mechanisms: 1:1 NAT, virtual NAT, IP masquerading, and port forwarding.

Cost-effective integration in higher-level networks – With virtual addressing (NAT)

If identical machines are operated in parallel in a network, each machine must be configured individually. This is the only way to integrate them into the higher-level communication network. Various NAT mechanisms enable you to operate entire production cells with the same IP address space, without having to configure the machines individually.

Overview of NAT mechanisms NAT mechanisms supported by NAT switches

1:1 NAT integrated in a communication network
Virtual NAT integrated in a communication network
IP masquerading NAT mechanism embedded in a communication network
Port forwarding NAT mechanism integrated in a communication network
1:1 NAT integrated in a communication network

With 1:1 NAT, each device in the LAN is allocated an IP address from the higher-level network (WAN). The device can then be addressed from the WAN via this assigned address. The advantage: router or gateway configuration is not necessary in the WAN. Communication can be established from both the LAN and the WAN, and is not restricted to dedicated protocols. The disadvantage: an IP address must be reserved in the WAN for each accessible device in the LAN.

Virtual NAT integrated in a communication network

Virtual NAT combines 1:1 NAT with a virtual router level. In this router level, the address is mapped from the LAN and is then transferred to the WAN from the virtual intermediate level as with standard routing. The advantage: only one IP address is required from the WAN, for the NAT interface itself. The disadvantage: in the WAN, the route to the (virtual) network must be indicated and the NAT WAN interface entered as the NextHop or gateway address.

IP masquerading NAT mechanism embedded in a communication network

With IP masquerading, the NAT device essentially acts as a proxy, so all the LAN devices communicate externally using the NAT WAN interface address. Various TCP/UDP ports are used to differentiate between the different LAN devices. The advantages: no additional WAN addresses are required aside from the address for the NAT device itself. Router or gateway configuration is not necessary in the WAN. The disadvantage: WAN devices can only communicate with LAN devices via port forwarding.

Port forwarding NAT mechanism integrated in a communication network

You can access a specific service of a LAN device from the WAN network via port forwarding. To implement forwarding to the desired LAN device, the WAN interface of the NAT device is addressed using a defined TCP/UDP port number.

FL NAT in the RSTP and MRP ring

The FL NAT 2000 supports RSTP and MRP redundancy mechanisms

Redundancy in the LAN and WAN

In order to ensure a high degree of reliability both within the system and when connecting to higher-level networks, FL NAT 2000 switches support redundancy mechanisms on the LAN and WAN side.

For redundant connection to higher-level WAN interfaces, you can integrate the NAT 2000 into an RSTP ring with two WAN ports.

On the LAN side, you can use both RSTP and MRP as the master or client to redundantly connect parts of a machine to the NAT switch.

PROFINET logo

NAT switches support PROFINET functions

PROFINET support in the LAN

On the LAN side, the NAT 2200 and the NAT 2300 offer full PROFINET integration:

  • Integration into PROFINET control environments, such as TIA or PC Worx
  • MRP support for increased availability
  • LLDP for topology detection
  • Hardware-based PROFINET prioritization
  • Extended diagnostics for PROFINET

Overview of FL NAT 2000

FL NAT 2000

FL NAT 2200

FL NAT 2300

Transmission speed 10/100 Mbps 10/100 Mbps 10/100/1000 Mbps
Alarm contact No Yes Yes
Temperature range 0°C ... +55°C -40°C ... +70°C -40°C ... +70°C
Protection class IP20 IP20 IP20
Supply voltage 18 ... 32 V DC 12 ... 57 V DC (redundant) 12 ... 57 V DC (redundant)
NAT functions 1:1 NAT, virtual NAT, IP masquerading, port forwarding (source/destination) 1:1 NAT, virtual NAT, IP masquerading, port forwarding (source/destination) 1:1 NAT, virtual NAT, IP masquerading, port forwarding (source/destination)
Routing Static routing Static routing Static routing
Filter functions
Quality of Service Yes Yes Yes
VLAN Yes Yes Yes
Multicast/IGMP snooping Yes Yes Yes
Redundancy
Rapid Spanning Tree (RSTP) Yes Yes Yes
MRP manager/client No / yes Yes / yes Yes / yes
Fast Ring Detection (FRD) No Yes Yes
Large Tree Support No Yes Yes
Extended ring redundancy 15 ms No No No

Overview of FL NAT 2000

FL NAT 2000

FL NAT 2200

FL NAT 2300

Management functions
Port configuration, statistics, and utilization Yes Yes Yes
Link Layer Discovery Protocol (LLDP) Yes Yes Yes
Address Conflict Detection (ACD) Yes Yes Yes
DHCP server Port-based Pool-based/port-based, option 82 Pool-based/port-based, option 82
Command Line Interface (CLI) Yes Yes Yes
Automation protocols
PROFINET conformance class A B B
PROFINET device No Yes Yes
EtherNet/IP™, extended multicast filtering Yes Yes Yes
Approvals - Maritime approvals, ATEX, IECEx Maritime approvals, ATEX, IECEx
To the product list To the product list To the product list