Successfully Establishing Vpn Tunnel Communication Between The Cp 1543-1 And Scalance M; Vpn Tunnel Communication With Softnet Security Client - Siemens S7-1500 Operating Instructions Manual
Simatic net
Hide thumbs
Also See for S7-1500:
- Function manual (402 pages) ,
- System manual (393 pages) ,
- Manual (188 pages)
Table of Contents
Advertisement
Configuring properties of the VPN group
1. Double-click on the newly created VPN group.
Result: The properties of the VPN group are displayed under "Authentication".
2. Enter a name for the VPN group. Configure the settings of the VPN group in the
properties.
These properties define the default settings of the VPN group that you can change at any
time.
Note
Specifying the VPN properties of the CP
You specify the VPN properties of the required CP in the local properties of the module
("Security" > "Firewall" > "VPN")
Result
You have created a VPN tunnel. The firewalls of the CPs are activated automatically: The
"Activate firewall" check box is selected as default when you create a VPN group. You
cannot deselect the check box.
● Download the configuration to all modules that belong to the VPN group.
4.4.1.2
Successfully establishing VPN tunnel communication between the CP 1543-1 and
SCALANCE M
Creating VPN tunnel communication between the CP 1543-1 and SCALANCE M is the same
as described in Procedure for S7-1500 stations (Page 37).
VPN tunnel communication will only be established if you have selected the check box
"Perfect Forward Secrecy" in the global security settings of the created VPN group ("VPN
groups > Authentication").
If the check box is not selected, the CP 1543-1 rejects establishment of the tunnel.
4.4.1.3
VPN tunnel communication with SOFTNET Security Client
Creating VPN tunnel communication between the CP SOFTNET Security Client and
CP 1543-1 is the same as described in Procedure for S7-1500 stations (Page 37).
VPN tunnel communication works only if the internal node is disabled
Under certain circumstances the establishment of VPN tunnel communication between
SOFTNET Security Client and the CP 1543-1 fails.
SOFTNET Security Client also attempts to establish VPN tunnel communication to a lower-
level internal node. This communication establishment to a non-existing node prevents the
required communication establishment to the CP 1543-1.
To establish successful VPN tunnel communication to the CP 1543-1, you need to disable
the internal node.
CP 1543-1
Operating Instructions, 05/2017, C79000-G8976-C289-07
Configuration, programming
4.4 Security
39
Hide quick links:
Advertisement
Table of Contents
