Hey Everyone, I hope someone can help me. I have softether running on windows server on a VPS. I have successfully setup up server and clients and can connect via PC and the 4G LTE Route (Teltonika RUT240 ) and can access siemens s7-1200 PLC. I have a NAT setup on VPN server with 192.168.5.1 and have given PLC static IP of 192.168.5.10 and Have set static IP on TAP Interface on PC with 192.168.5.15 and have Installed virtual ethernet adapter (microsoft loopback) and assigned a satic IP of 192.168.5.20 and bridged the connections in softether server to the virtual hub. This now gives me access from server to PLC ( I can ping PLC from Server and Engineering PC ) I can connect to the PLC from PC fine.

The Problem I now have Is I have a lot of PLCs at remote sites already set up and they all have the same subnets and they can not be changed (connected to other devices in the network I have no control over) I have thought about setting up individual NATs on the routers I will be installing but it seems the OpenVPN TAP client in the router is bridged to the local lan and can't be altered.

The other issue I see is the SCADA software running on the server needs to access these PLC ( I set the PLC IP address in the software for which one they connect to) I now have an issue as they all have same IP so I was possibly thinking about setting PLC IP in the software as the NAT ip set on the Router and then create static route to the PLC on the router.

If I need to access PLC network from Engineering PC I will just connect to server and set the TAP IP to the NAT the PLC is on and may need to cascade the connection to that particular virtual VPN Hub.

I will link a diagram for a better understanding

If anyone has any better ideas or ways of achieving this would be great

 

Network Layout