Scribd Logo
Upload

Welcome to Scribd!

  • Network Connection Scheme For Station Lan For Farakka STG3

    Uploaded by

    siddharth507
    22 views4 pages

    Original Title

    NETWORK CONNECTION SCHEME FOR STATION LAN FOR FARAKKA STG3

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    22 views4 pages

    Network Connection Scheme For Station Lan For Farakka STG3

    Uploaded by

    siddharth507

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    FIRST ANGLE PROJECTION

    DRG. No.

    NOT BE USED DIRECTLY OR INDIRECTLY IN ANY WAY DETRIMENTAL TO THE INTEREST OF THE COMPANY.
    THE INFORMATION ON THIS DOCUMENT IS THE PROPERTY OF BHARAT HEAVY ELECTRICALS LTD. IT MUST
    NETWORK CONNECTION SCHEME FOR
    PI SERVER
    TFT

    NTPC IT LAN

    SERVICE BUILDING

    IP ADDRESS RANGE : 192.168.7.1 TO 192.168.7.30


    FUTURE EXPANSION GATEWAY : 192.168.7.100

    M/C
    NO

    INTERFACE SWITCH
    ARUBA 2930F

    M/C

    M/C

    M/C
    1 3 5 7 9 11 13 15 17 19 21 23 AX CX
    L3COMSW-A

    2 4 6 8 10 12 14 16 18 20 22 24 BX DX

    VLAN-1 (PORTS 2-4), IP ADDRESS : 192.168.2.100/24 ---- ABB SERVER CONNECTIVITY


    VLAN-2 (PORTS 5-9), IP ADDRESS : 192.168.3.100/24 ---- PI/PADO SERVER CONNECTIVITY
    VLAN-3 (PORTS 10-14), IP ADDRESS : 192.168.5.100/24 ---- SPARE
    VLAN-4 (PORTS 15-18), IP ADDRESS : 192.168.7.100/24 ---- SPARE
    VLAN-5 (PORTS 19-22), IP ADDRESS : 202.202.10.100/24 ---- NEW PI SERVER CONNECTIVITY
    VLAN-6 (PORTS 23-24), IP ADDRESS : 192.168.9.100/24 ---- FW1-A CONNECTIVITY (PORT 3)
    MANAGEMENT PORT(PORT1)/VLAN-7, IP ADDRESS : 10.10.10.1/24

    FIREWALL (IPS)
    (FW1-A)
    FORTIGATE FG61F
    DMZ : DMZ & LAN1, IP : 172.16.200.151 / 16
    POWER CONSOLE LAN
    WAN1 WAN : LAN3, IP : 192.168.9.99 / 24
    WAN2 DMZ 7 6 5 4 3 2 1
    LAN : LAN4, IP : 172.16.200.251 / 16 MGMT:
    USB
    WAN2, IP : 10.10.10.2/24
    DEFAULT : LAN5 : 192.168.1.99

    IDS ENGINE (FW2-A)


    2/WAN SOPHOS XGS107

    MGMT(PORT 2/WAN)10.10.10.3/24 L3CORESW-A


    DEFAULT PORT1 : 172.16.16.16 : 4444

    ARUBA 5400R ZL2

    INTERNAL NETWORK STNLANSVR1


    172.16.160.152
    GATEWAY:172.16.200.251 GAT

    MGMT

    TFT

    UPS
    L3CORESW-A
    IP ADDRESS : 172.16.200.250
    MANAGEMENT PORT IP : 10.10.10.4

    L3CORESW-A 1 3 5 7 9 11

    1 3 5 7 9 11 13 15 17 19 21 23 L2GIGSW-A
    2 4 6 8 10 12

    2 4 6 8 10 12 14 16 18 20 22 24

    MGMT TO L2GIGSW1-A
    PORT-16

    MC MC MIRROR

    UNIT#1 AHP SAC SPARE SPARE

    TO FW2-A
    PORT-4
    CHP WS SPARE SPARE IDS

    REV. DATE ALTERED REV. DATE ALTERED


    CHECKED CHECKED
    APPROVED APPROVED
    (ALL DIMENSIONS ARE IN mm)

    R STATION LAN - NET-A


    R
    IP ADDRESS : 192.168.3.2/24
    GATEWAY : 192.168.3.100

    OT UNDER BHEL SCOPE

    SOPHOS XG-85
    WAN IP : 10.10.10.100
    DMZ IP : 172.18.160.100
    LAN IP : 192.168.11.200

    LAN DMZ WAN


    VPN
    REMOTE SERVICE CENTER

    3rd NIC OF GATEWAY PC


    IP:172.18.160.154.
    GATEWAY:172.18.160.100

    DMZ NETWORK

    STNLANSVR2 GATEWAYPC
    172.16.160.153 172.18.160.154
    TEWAY:172.16.200.251 GATEWAY:172.16.200.251 STAND ALONE
    TEST SERVER

    TFT TFT TFT

    NOTE :
    UPS

    IP ADDRESS ASSIGNMENT CAN VARY DEPENDING ON SITE REQUIREMENT.

    LEGEND :
    M/C MEDIA CONVERTER
    CISCO C2960
    UTP CABLE NET-A
    13 15 17 19 21 23 AX CX
    L2GIGSW-A
    FO CABLE NET-A
    VLAN 1- PORT(13-24):10.10.10.5(MANAGEMENT)
    14 16 18 20 22 24 BX DX VLAN 2- PORT(1-12):172.16.200.150
    MANAGMENT CABLES
    FP : FIBER PORT
    DELL PE T440
    NMS SERVER J2R4BW3

    TFT IP ADDRESS : 10.10.10.10


    GATEWAY:10.10.10.5

    NOTE
    1. To have security and isolation across various network segments of Station LAN, (FW2-A with IPS) -is configured as two virtual firewalls.
    The first virtual firewall with DMZ and LAN port-1 is configured as transaparent mode for connectivity between DCS network and DMZ/Station LAN network
    and Second virtual firewall with Lan port-4 & LAN port 3 is configured in NAT mode for connectivity between Plant network and DMZ/StationLAN network.

    NTPC FARAKKA R&M STAGE-3 (3x200 MW) STN LAN PKG


    M/s NTPC

    SYSTEM CONFIGURATION FOR STN LAN-A

    CE/1XXX-SHC-56-02
    FIRST ANGLE PROJECTION

    DRG. No.

    NOT BE USED DIRECTLY OR INDIRECTLY IN ANY WAY DETRIMENTAL TO THE INTEREST OF THE COMPANY.
    THE INFORMATION ON THIS DOCUMENT IS THE PROPERTY OF BHARAT HEAVY ELECTRICALS LTD. IT MUST
    NETWORK CONNECTION SCHEME FOR

    IP ADDRESS RANGE : 192.168.8.1 TO 192.168.8.30


    SPARE GATEWAY : 192.168.7.100

    IP ADDRESS RANGE : 192.168.10.1 TO 192.168.10.5


    OTHER STAGE GATEWAY : 192.168.10.100

    INTERFACE SWITCH
    ARUBA 2930F

    M/C

    M/C

    M/C

    M/C
    1 3 5 7 9 11 13 15 17 19 21 23 AX CX
    L3COMSW-A

    MGMT PORT 2 4 6 8 10 12 14 16 18 20 22 24 BX DX

    VLAN-1 (PORTS 2-4), IP ADDRESS : 192.168.52.100/24 ---- ABB SERVER CONNECTIVITY


    VLAN-2 (PORTS 5-9), IP ADDRESS : 192.168.4.100/24 ---- PI/PADO SERVER CONNECTIVITY
    VLAN-3 (PORTS 10-14), IP ADDRESS : 192.168.6.100/24 ---- SPARE
    VLAN-4 (PORTS 15-18), IP ADDRESS : 192.168.8.100/24 ---- SPARE
    VLAN-5 (PORTS 19-22), IP ADDRESS : 202.202.10.100/24 ---- NEW PI SERVER CONNECTIVITY
    VLAN-6 (PORTS 23-24), IP ADDRESS : 192.168.10.100/24 ---- FW2-B CONNECTIVITY (PORT 3)
    MANAGEMENT PORT(PORT1)/VLAN-7, IP ADDRESS : 10.10.9.1/24 (PORT-1)

    FIREWALL (IPS)
    (FW1-A)
    FORTIGATE FG61F
    DMZ : DMZ & LAN PORT 1, IP : 172.17.200.151/16
    POWER CONSOLE LAN
    WAN1
    WAN : LAN3, IP : 192.168.10.99 / 24
    WAN2 DMZ 7 6 5 4 3 2 1 LAN : LAN PORT 4, IP : 172.17.200.251 / 16
    USB
    MGMT: WAN2, IP : 10.10.9.2/24
    DEFAULT : LAN5 : 192.168.1.99

    IDS ENGINE (FW2-B)


    2/WAN SOPHOS XGS107

    MGMT( LAN2):10.10.9.2/24
    L3CORESW-B
    DEFAULT PORT1 : https://172.17.16.16 : 4444

    ARUBA 5400R ZL2

    STNLANSVR
    172.17.160.1
    INTERNAL NETWORK
    GATEWAY:17

    MGMT

    L3CORESW-B
    UPS

    IP ADDRESS : 172.17.200.250
    MANAGEMENT IP : 10.10.9.4

    1
    L3CORESW-B
    1 3 5 7 9 11 13 15 17 19 21 23 L2GIGSW-B
    2

    2 4 6 8 10 12 14 16 18 20 22 24

    MGMT TO L2GIGSW1-B
    PORT-16

    MC MC MIRROR

    UNIT#1 AHP SAC SPARE SPARE

    TO FW2-B
    LAN1
    CHP WS SPARE SPARE IDS

    REV. DATE ALTERED REV. DATE ALTERED


    CHECKED CHECKED
    APPROVED APPROVED
    (ALL DIMENSIONS ARE IN mm)

    STATION LAN - NET-B

    DMZ NETWORK

    R1 STNLANSVR2 STAND ALONE


    152 172.17.160.153
    TEST SERVER
    72.17.200.251 GATEWAY:172.17.200.251

    TFT

    TFT TFT

    UPS

    NOTE :
    CISCO C2960 IP ADDRESS ASSIGNMENT CAN VARY DEPENDING ON SITE REQUIREMENT.
    3 5 7 9 11 13 15 17 19 21 23 AX CX
    L2GIGSW-B
    LEGEND :
    VLAN 1- PORT(13-24):10.10.9.5(MANAGEMENT)
    4 6 8 10 12 14 16 18 20 22 24 BX DX
    VLAN 2- PORT(1-12):172.17.200.150 M/C MEDIA CONVERTER

    UTP CABLE NET-B


    DELL PE T440
    NMS SERVER
    FO CABLE NET-B
    J2R4BW3
    IP ADDRESS : 10.10.9.10 MANAGMENT CABLES
    TFT GATEWAY:10.10.9.5

    FP : FIBER PORT

    NOTE
    1. To have security and isolation across various network segments of Station LAN, (FW2-A with IPS) -is configured as two virtual firewalls.
    The first virtual firewall with DMZ and LAN port-1 is configured as transaparent mode for connectivity between DCS network and DMZ/Station LAN network
    and Second virtual firewall with Lan port-4 & Lan port 3 is configured in NAT mode for connectivity between Plant network and DMZ/StationLAN network.

    NTPC FARAKKA R&M STAGE-3 (3x200 MW) STN LAN PKG


    M/s NTPC

    SYSTEM CONFIGURATION FOR STN LAN-B

    CE/1XXX-SHC-56-02

    You might also like