Download  Print this page

Security Functions; Firewall; Firewall Sequence When Checking Incoming And Outgoing Frames; Notation For The Source Ip Address (Advanced Firewall Mode) - Siemens CP 1243-1 PCC Operating Instructions Manual

Hide thumbs



Security functions

Note the range and application of the security functions of the CP, refer to the section Other
services and properties (Page 11).


Firewall sequence when checking incoming and outgoing frames

Each incoming or outgoing frame initially runs through the MAC firewall (layer 2). If the frame
is discarded at this level, it will not be checked by the IP firewall (layer 3). This means that
with suitable MAC firewall rules, IP communication can be restricted or blocked.

Notation for the source IP address (advanced firewall mode)

If you specify an address range for the source IP address in the advanced firewall settings of
the CP, make sure that the notation is correct:
● Separate the two IP addresses only using a hyphen.
● Do not enter any other characters between the two IP addresses.
Incorrect: -
If you enter the range incorrectly, the firewall rule will not be used.

Filtering of the system events

Communications problems if the value for system events is set too high
If the value for filtering the system events is set too high, you may not be able to achieve the
maximum performance for the communication. The high number of output error messages
can delay or prevent the processing of the communications connections.
In "Security > Log settings > Configure system events", set the "Level:" parameter to the
value "3 (Error)" to ensure the reliable establishment of the communications connections.
Siemens Automation
CP 1243-1 PCC
Operating Instructions, 02/2015, C79000-G8976-C384-01
Configuration and operation
5.8 Security functions


Table of Contents

  Related Manuals for Siemens CP 1243-1 PCC

This manual is also suitable for:

Simatic s7-1200