← SSLOCSD

Clients/SSLOCSD/slack/2026/02/2026-02-25_south-county.md

slack
Source
2
Chunks
8
Entities
Doc
Type

Content

# #south-county — 2026-02-25 **16:56 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772067410891069):** ok, im ready **17:01 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772067661784289):** @Kevin **17:01 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067682651719):** type or huddle **17:01 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067705373719):** probably type so it goes in the record? **17:01 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772067715542339):** i was thinking that yeah. but up to you. **17:02 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067753489139):** Ok. so, the objective is to separate all the IO and other plc comms from the SCADA comms to try to speed up the faceplates **17:02 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067762606859):** there is a second nic on the PLC **17:03 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067785074389):** do you want to pop open the program? **17:03 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772067789310359):** k **17:05 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067914655899):** I think we only pull data from the CP4000 plc, and not the PACP (Aerzen PLC). **17:05 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067928845609):** there is messaging between cp4000 and PACP **17:05 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067937662909):** oh and the two RDT PLCs. **17:05 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772067945865879):** ok i have the CP4000 open **17:06 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772067973652239):** you can see all the ethernet nodes on there. **17:06 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068012066049):** yes **17:07 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068053941849):** I have VLANs in play already, but not sure it's well used. I had thought maybe we put all the IO etc on another vlan **17:07 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068064664919):** then put the second nic on the scada vlan **17:08 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068110524559):** would we need to change the IP of all the devices on the other vlan? i guess im not exactly sure how Vlans work **17:08 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068116435969):** let me look it up **17:08 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068135511479):** it's basically like having them all on a different subnet **17:09 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068148728489):** but you are doing it at the switch level **17:09 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068154992579):** even if they use the same subnet range? **17:09 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068158934509):** yep **17:09 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068161893369):** k **17:11 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068319880939):** do you know the make/model of the switches isolating the equipment from the scada network? **17:12 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068326560019):** do they all go through the same switch? **17:12 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068371428599):** It's a Moxa managed switch. they all go through that switch **17:13 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068384104319):** can we look up the model number? **17:13 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068399982409):** theres somethig about L2 vs L3 capability? have you looked into this already? **17:13 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068409233129):** I didn't sell it to them **17:13 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068414667519):** and all equipment will need to be sure not to have a gateway IP put in **17:13 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068435515399):** would it be worth it to go onsite to do some leg work? **17:14 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068492652729):** this feels experimental. i think onsite is a good idea. do a small scale test if possible. **17:15 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068519294799):** To guarantee separation: □ No IP address assigned to both VLANs on same device □ No ip routing enabled □ No firewall rules bridging them □ No trunk accidentally landing on same router interface □ No static routes between them **17:16 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068575822309):** we will have to take the PLC offline to change the NIC setup **17:17 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068649153429):** ah, that's the kicker. **17:17 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068656913279):** i got a fun note at the end of my question: This is one of those things that can quietly blow up a SCADA environment if done wrong. **17:17 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068666145379):** lol! **17:19 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068768013869):** onsite will give us more information about the switches too **17:20 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068811905189):** ok. let's go there tomorrow then? **17:20 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068818628129):** ok **17:20 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068838649299):** They are there by 0730. **17:20 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068849430229):** i can be there anytime **17:21 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068868842979):** let's plan for 8. **17:21 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772068873645909):** copy **17:21 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772068887126029):** thanks! **17:30 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772069444570419):** RUT to the EWS server is asking for a username and password.. usually its just a password.. i dont have any notes for a username here. **17:30 [Mason Radke](https://slack.com/archives/C08G4KZG7D5/p1772069451830679):** does your RUT connection work? **18:21 [Kevin](https://slack.com/archives/C08G4KZG7D5/p1772072484291589):** its autosys and our normal pw

Extracted Entities

TypeKeyValueConfidenceEvidence
credential RUT to EWS server login username: autosys / password: our normal pw 70% RUT to the EWS server is asking for a username and password.. its autosys and our normal pw
server PLC Name CP4000 90% I think we only pull data from the CP4000 plc
server Switch Make Moxa managed switch 90% It's a Moxa managed switch. they all go through that switch
server PLC Name PACP (Aerzen PLC) 80% and not the PACP (Aerzen PLC)
site Client Name SSLOCSD 100% Client: SSLOCSD
site Plant Name south-county 90% #south-county — 2026-02-25
task Onsite Visit Plan onsite visit for network and switch assessment 95% would it be worth it to go onsite to do some leg work?
task Onsite Visit Date 2026-02-26 08:00 90% ok. let's go there tomorrow then? ... let's plan for 8.
File: Clients/SSLOCSD/slack/2026/02/2026-02-25_south-county.md
Updated: 2026-02-26 02:30:18.291425