Secure Ouc Of An S7-1500 Cpu As Tls Server To An External Plc (Tls Client) - Siemens SIMATIC ET 200AL System Manual

5. Create one of the instructions TSEND_C, TRCV_C or TCON in the program editor.
6. Interconnect the CONNECT parameter of one of the instructions TSEND_C, TRCV_C or TCON
with the tags of the data type TCON_QDN_SEC.
In the example below, the CONNECT parameter of the TCON instruction is interconnected
with the tag "DNS connectionSEC" (data type TCON_QDN_SEC).
Figure 3-20
Additional information
You can find more information on the TCON_QDN_SEC system data type in the STEP 7 online
help.
For additional information on secure communication, refer to the section Secure
Communication (Page 40).
3.6.3.2

Secure OUC of an S7-1500 CPU as TLS server to an external PLC (TLS client)

The following section describes how you can set up Open User Communication via TCP from
an S7-1500 CPU as TLS server to a TLS client.
Setting up a secure TCP connection via the domain name of the communication partner
S7-1500 CPUs as of firmware version V2.0 support secure communication with addressing via
a Domain Name System (DNS).
For secure TCP communication over the domain name you need to create a data block with
the TCON_QDN_SEC system data type yourself, assign parameters and call it directly at one of
the instructions TSEND_C, TRCV_C or TCON.
Requirements:
• Current date and time are set in the CPU.
• Your network includes at least one DNS server.
• You have configured at least one DNS server for the S7-1500 CPU.
• TLS client and TLS server have all the required certificates.
Communication
Function Manual, 05/2021, A5E03735815-AJ
TCON instruction
Communications services
3.6 Secure Communication
75