Siemens SINUMERIK 840D pl Manual
  1. Manuals
  2. Brands
  3. Siemens Manuals
  4. Controller
  5. SINUMERIK 840D pl
  6. Manual

Siemens SINUMERIK 840D pl Manual

Cnc controllers
Hide thumbs Also See for SINUMERIK 840D pl:
Table of Contents

Advertisement

Quick Links

SINUMERIK
MindSphere
Manage MyMachines /Remote -
installation in existing control
environments
Application examples
Valid for control:
SINUMERIK 840D pl/ 840D sl/840DE sl
HMI-Advanced
SINUMERIK Operate V2.7.3.10
Manage MyMachines /Remote V1.0.2.0
10/2018
A5E45211403B AB
V6.4/7.6
Fundamental safety
instructions
Preface
Introduction
Installation/configuration
Appendix
1
2
3
4
A

Advertisement

Table of Contents
loading

Related Manuals for Siemens SINUMERIK 840D pl

Summary of Contents for Siemens SINUMERIK 840D pl

  • Page 1 Fundamental safety instructions Preface Introduction SINUMERIK Installation/configuration MindSphere Manage MyMachines /Remote - Appendix installation in existing control environments Application examples Valid for control: SINUMERIK 840D pl/ 840D sl/840DE sl HMI-Advanced V6.4/7.6 SINUMERIK Operate V2.7.3.10 Manage MyMachines /Remote V1.0.2.0 10/2018 A5E45211403B AB...
  • Page 2 Note the following: WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems.

  • Page 3: Table Of Contents

    Table of contents Fundamental safety instructions........................5 General safety instructions.......................5 Warranty and liability for application examples ................6 Industrial security ........................7 Preface .................................9 Introduction..............................13 Overview ..........................13 System requirements ......................14 Installation/configuration..........................19 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate......19 SINUMERIK control with SINUMERIK Operate - Setting the proxy........26 Installing Service Client Manage MyMachines /Remote under Windows XP ......29 Connecting the SINUMERIK control system with MindSphere ..........35 SIMATIC IoT2040 ........................36...
  • Page 4 Table of contents Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 5: Fundamental Safety Instructions

    Fundamental safety instructions General safety instructions WARNING Danger to life if the safety instructions and residual risks are not observed If the safety instructions and residual risks in the associated hardware documentation are not observed, accidents involving severe injuries or death can occur. ●...

  • Page 6: Warranty And Liability For Application Examples

    Fundamental safety instructions 1.2 Warranty and liability for application examples Warranty and liability for application examples Application examples are not binding and do not claim to be complete regarding configuration, equipment or any eventuality which may arise. Application examples do not represent specific customer solutions, but are only intended to provide support for typical tasks.

  • Page 7: Industrial Security

    Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends that product updates are applied as soon as they are available and that the latest product versions are used. Use of product versions that are no longer supported, and failure to apply the latest updates may increase customer’s exposure to cyber...
  • Page 8 Fundamental safety instructions 1.3 Industrial security WARNING Unsafe operating states resulting from software manipulation Software manipulations (e.g. viruses, trojans, malware or worms) can cause unsafe operating states in your system that may lead to death, serious injury, and property damage. ●...

  • Page 9: Preface

    Siemens' content, and adapt it for your own machine documentation. Training At the following address (http://www.siemens.com/sitrain), you can find information about SITRAIN (Siemens training on products, systems and solutions for automation and drives). FAQs You can find Frequently Asked Questions in the Service&Support pages under Product Support (https://support.industry.siemens.com/cs/de/en/ps/faq).
  • Page 10 Note regarding the General Data Protection Regulation Siemens respects the principles of data privacy, in particular the data minimization rules (privacy by design). For the "Manage MyMachines Remote" product, this means the following: Information about the remote session duration and those participating.
  • Page 11 Preface Technical Support Country-specific telephone numbers for technical support are provided in the Internet at the following address (https://support.industry.siemens.com/sc/ww/en/sc/2090) in the "Contact" area. Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 12 Preface Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 13: Introduction

    Introduction Overview This document provides information about how to connect SINUMERIK Powerline controls with the HMI Advanced and SINUMERIK Operate operating software with the "Manage MyMachines /Remote" application. The description below refers to the components listed in following Chapter: System requirements (Page 14).

  • Page 14: System Requirements

    MindSphere. Operating software and hardware The following procedure is provided with the following components by way of example: Table 3-1 SINUMERIK 840D pl Operating software version SINUMERIK Integrate Hardware version...
  • Page 15 PCs that are used for visualization and configuration of Manage MyMachines /Remote with the machine operator or end customer. Further information about PCs in the industrial environment can be found in the Configuration Manual: Industry Security (https://support.industry.siemens.com/cs/ww/de/view/108862708). Note Making the SINUMERIK control secure (machine operator side) The necessary security measures (e.g.
  • Page 16 Note Saving the acquired data The "Manage MyMachines Remote" product was developed by Siemens, taking the "privacy by design" principle into account. This means that it is up to the service provider (OEM) to decide how long the acquired data, such as information about the time period and participation in remote sessions, will be stored.
  • Page 17 ● For further information on "SINUMERIK Integrate", please refer to: SINUMERIK Integrate MMP, MMT, AMC, AMP, AMM/E, AMD Commissioning Manual Additional information regarding MindSphere applications is available at the following links: MindSphere (https://support.industry.siemens.com/cs/de/en/view/109742256) MindSphere documentation (https://documentation.mindsphere.io/index.html#/kiosk/de) Additional information When connecting SINUMERIK controls that are not of the current generation, special attention must be paid to security requirements.
  • Page 18 Introduction 3.2 System requirements Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 19: Installation/Configuration

    Installation/configuration SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate Procedure 1. Start the SINUMERIK control system in Windows service mode. 2. Open the installation directory. 3. Start the "setup.exe" setup file by double-clicking. – If you have not installed the appropriate Internet Explorer, a message will appear indicating this, for example, "The program requires Internet Explorer 6 or higher".
  • Page 20 Installation/configuration 4.1 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate 6. The "Installation mode" window opens. – Select the option button "Expert mode (with additional installation options)." – Click "Next >". 7. The "Controller configuration" window opens. Select your controller. –...
  • Page 21 Installation/configuration 4.1 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate 8. Now select the SINUMERIK connection type in the "Controller configuration" window. – Select the option button "HMI-Advanced and SINUMERIK 840D/Di or 810D + PCU50/70". – Click "Next >". 9. The "Choose Destination Location" window opens and the installation directory is displayed. –...
  • Page 22 Installation/configuration 4.1 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate 10.The "Controller configuration" window opens. – Select the option button for connection "1:1". – Then click "Next >". 11.The "Reconfigurable parameters" window opens. – Select the "SINUMERIK Integrate URLs" and "Internet proxy configurations" check boxes.
  • Page 23 Installation/configuration 4.1 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate 12.The "SINUMERIK Integrate URL configuration" window opens. The proxy server is required to connect the control to MindSphere. – Enter the following WebService URL for the MindSphere V3 Livesystem in the "MHComm"...
  • Page 24 Installation/configuration 4.1 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate 15.The "SINUMERIK authentication information" window opens. Enter the data in the text boxes: – User name: – Password: – Confirm password: – Domain: – Click "Next >". Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 25 Installation/configuration 4.1 SINUMERIK control with HMI-Advanced - installing SINUMERIK Integrate 16.The "Start copying files" window opens and the settings made are displayed. – Click "Next >" to copy the data to the SINUMERIK control. 17.You are prompted to restart the system after the installation has been completed. To do this, click "OK".

  • Page 26: Sinumerik Control With Sinumerik Operate - Setting The Proxy

    Installation/configuration 4.2 SINUMERIK control with SINUMERIK Operate - Setting the proxy SINUMERIK control with SINUMERIK Operate - Setting the proxy The SINUMERIK Operate operating software is delivered together with the SINUMERIK Integrate Client software. An update is not possible. Note Transferring SINUMERIK data on the MindSphere platform The following steps allow you to transfer the SINUMERIK data to the MindSphere platform.
  • Page 27 Installation/configuration 4.2 SINUMERIK control with SINUMERIK Operate - Setting the proxy Procedure 1. The "Settings" window is open. Press the "URLs>" softkey. 2. Press the "Edit" softkey and select the following settings: – Directory: Select the "User" entry in the "Directory" drop-down list. –...
  • Page 28 Installation/configuration 4.2 SINUMERIK control with SINUMERIK Operate - Setting the proxy 5. Press the "Edit" softkey and select the following settings: – Select the "Use fix proxy" check box. – Enter your proxies in the "Proxy 1" to "Proxy 3" text boxes. –...

  • Page 29: 4.3 Installing Service Client Manage Mymachines /Remote Under Windows Xp

    Installation/configuration 4.3 Installing Service Client Manage MyMachines /Remote under Windows XP Installing Service Client Manage MyMachines /Remote under Windows XP Requirement You have downloaded the following software from "Manage MyMachines /Remote", e.g. to a USB flash drive. ● Manage MyMachines /Remote Service Client for Machine Operators - PCU Procedure 1.
  • Page 30 Installation/configuration 4.3 Installing Service Client Manage MyMachines /Remote under Windows XP 4. The welcome dialog box opens and shows the current version. Click "Next >" to prepare for installation. 5. The "License Agreement" window opens. Read the license agreement. – Click "Print" if you want to print out the terms. –...
  • Page 31 Installation/configuration 4.3 Installing Service Client Manage MyMachines /Remote under Windows XP 6. The "Destination Folder" window opens and the installation directory is displayed. Click "Next >". - OR - Click "Change..." to change the directory. 7. The Wizard is ready to install the program. Click "Install"...
  • Page 32 Installation/configuration 4.3 Installing Service Client Manage MyMachines /Remote under Windows XP 8. The "Installing services and root certificates" window opens. Click "OK" to continue with the installation. 9. The "Welcome to the Certificate Export Wizard" window opens. Click "Next >" to start importing the certificates. - OR - If you click "<...
  • Page 33 Installation/configuration 4.3 Installing Service Client Manage MyMachines /Remote under Windows XP 10.The "Certificate Store" window opens. – Select the check box "Automatically select the certificate store based on the type of certificate". – Click "Next >". 11.The "Completing the Certificate Import Wizard" window is opened. You see the selected settings.
  • Page 34 Installation/configuration 4.3 Installing Service Client Manage MyMachines /Remote under Windows XP 12.You receive a security warning. Click "Yes" to continue installing the certificates. 13.A message is displayed indicating that the certificate was successfully imported. Click "OK", to exit certificate import. 14.The "Wizard Completed "...

  • Page 35: Connecting The Sinumerik Control System With Mindsphere

    Installation/configuration 4.4 Connecting the SINUMERIK control system with MindSphere Connecting the SINUMERIK control system with MindSphere The activation of SINUMERIK Integrate, the setting up of the URL/proxy and the restart creates the "boot_job" folder in the /var/tmp/ directory. If the directory is not set up, create it manually. There are two ways to copy the "onboard.key"...

  • Page 36: Simatic Iot2040

    (Page 14), paragraph "SIMATIC IoT2040". 4.5.1 SIMATIC IoT2000 SD card example image on IoT2040 Procedure Download the SIMATIC IoT2000 SD-Card example image from the following link: SD card image (https://support.industry.siemens.com/cs/document/109741799/) - OR - From the .zip file: Image Zip example (https://support.industry.siemens.com/cs/attachments/109741799/) Roadkil's disk image 1.
  • Page 37 Installation/configuration 4.5 SIMATIC IoT2040 4. Select the "example-V2.2.0.wic" image file. 5. Click "Start". Note Preparing the SD card Erase all existing partitions on the SD card before you start. Parameter Description Input file Output disk/partition Blocked space (10 MB is recommended) --progress Shows the progress Procedure...
  • Page 38 Installation/configuration 4.5 SIMATIC IoT2040 3. Write "dd --list". A list of all mounted drives and partitions appears. 4. Search for the correct drive that you want to use. Observe the displayed warning. 5. Download the image file and the target drive to the "dd tool". The procedure takes approximately 3 - 5 minutes.

  • Page 39: Infrastructure

    Installation/configuration 4.5 SIMATIC IoT2040 \\?\Device\Harddisk0\Partition2 link to \\?\Device\HarddiskVolume2 \\?\Device\Harddisk0\Partition3 link to \\?\Device\HarddiskVolume3 \\?\Device\Harddisk1\Partition0 link to \\?\Device\Harddisk1\DR4 Removable media other than floppy. Block size = 512 size is 7780433920 bytes \\?\Device\Harddisk1\Partition1 link to \\?\Device\HarddiskVolume7 Removable media other than floppy. Block size = 512 size is 7780433920 bytes Virtual input devices /dev/zero...
  • Page 40 Installation/configuration 4.5 SIMATIC IoT2040 Default network configuration The configuration for installation of the "default image" is shown below. The standard network configuration of IoT2000 is: ● X1 P1 LAN (eth0) – DHCP: no – IP: 192.168.200.1 – Subnet mask: 255.255.255.0 ●...
  • Page 41 Installation/configuration 4.5 SIMATIC IoT2040 Configure a static (invariable) IP at a port, e.g. X1 P1 LAN (eth0) auto eth0 iface eth0 inet static address 192.168.200.1 netmask 255.255.255.0 gateway 192.168.200.252 The "gateway" parameter is optional. Note Problems with the network configuration ●...
  • Page 42 Installation/configuration 4.5 SIMATIC IoT2040 Setting the proxy connection If you require a proxy server for the Internet connection, proceed as described in the next sections. For example, the Internet connection is required to download the packages required for the following steps. You have two options for adding a proxy connection: ●...
  • Page 43 Installation/configuration 4.5 SIMATIC IoT2040 The following settings are valid: ● /usr/local/apache2/conf/httpd.conf ● /usr/local/apache2/conf/extra/httpd-vhosts.conf ● All settings that you configured, for example, with your SINUMERIK control. Permanent proxy connection The proxy connection is permanent and also remains after a warm restart or reboot. The example data is used for the following commands;...

  • Page 44: Apache Http

    Installation/configuration 4.5 SIMATIC IoT2040 4.5.3 Apache http Operational sequences and downloads You require the following operational sequences and download packages for setting up the Apache httpd. Note Installation security Always use the current version for the installation. 1. Download the following data packages: –...
  • Page 45 Installation/configuration 4.5 SIMATIC IoT2040 Storing packages in the appropriate folders To store the packages in the appropriate folders and to name them correctly, run the following commands in directory "/usr/downloads/": mkdir --parents /usr/local mv httpd-2.4.33 apache2 mv apache2 /usr/local/ mv apr-1.6.3 apr mv apr /usr/local/apache2/srclib/ mv apr-util-1.6.1 apr-util mv apr-util /usr/local/apache2/srclib/...
  • Page 46 Installation/configuration 4.5 SIMATIC IoT2040 4. Save the change. 5. Open the directory: cd /usr/local/apache2/srclib/apr/ Run the following commands: ./configure --prefix=/usr/local/apr/ make make install /usr/local/apache2/srclib/apr/libtool --finish /usr/local/apr/lib/ Compiling and installing Apache APR-util 1. Switch to the folder: cd /usr/local/apache2/srclib/apr-util/ 2. Run the following commands: ./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/ make make install...

  • Page 47: Configuring Apache Http

    Installation/configuration 4.5 SIMATIC IoT2040 Apache Webserver (httpd) - Configuring autostart Creating the start file 1. Open the directory: /etc/init.d/ 2. Create the "apache2" file. 3. Enter the following text in the file: #!/bin/bash # apache2 Startup script for the Apache HTTP server chkconfig: 3 85 15 Apache is a World Wide Web server.
  • Page 48 Country Name (2 letter code) [AU]:DE State or Province Name (full name) [Some-State]:Bavaria Locality Name (e.g., city) []:Nuremberg Organization Name (e.g., company) [Internet Widgits Pty Ltd]:Siemens Organizational Unit Name (e.g., section) []:MindSphere Common Name (e.g. server FQDN or YOUR name) []:IoT2040 Email Address []:...
  • Page 49 Installation/configuration 4.5 SIMATIC IoT2040 The following files are edited: ● /usr/local/apache2/conf/httpd.conf ● /usr/local/apache2/conf/extra/httpd-ssl.conf ● /usr/local/apache2/conf/extra/httpd-vhosts.conf Editing httpd.conf Enter the following lines: Listen 8082 LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule ssl_module modules/mod_ssl.so #LoadModule status_module modules/mod_status.so #LoadModule autoindex_module modules/mod_autoindex.so LoadModule vhost_alias_module modules/mod_vhost_alias.so #LoadModule dir_module modules/mod_dir.so...
  • Page 50 Installation/configuration 4.5 SIMATIC IoT2040 Editing extra\httpd-ssl.conf Enter the following lines: #Listen 443 #SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES #SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES Note: Run the following lines as a command: SSLCipherSuite ECDHE-RSA-AES128-CBC-SHA256:ECDHE-RSA-AES128-GCM- SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-SHA256 Note: Run the following lines as a command: SSLProxyCipherSuite ECDHE-RSA-AES128-CBC-SHA256:ECDHE-RSA-AES128- GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-SHA256 SSLProtocol -all +TLSv1.2 SSLProxyProtocol -all +TLSv1.2 #ServerName www.example.com:443 #ServerAdmin you@example.com...
  • Page 51 Installation/configuration 4.5 SIMATIC IoT2040 Configuration files - Export httpd.conf # This is the main Apache HTTP server configuration file. It contains the # configuration directives that give the server its instructions. # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information. # In particular, see # <URL:http://httpd.apache.org/docs/2.4/mod/ directives.html>...
  • Page 52 Installation/configuration 4.5 SIMATIC IoT2040 # ServerRoot: The top of the directory tree below which the server # configuration, error and log files are kept. # Do not add a slash at the end of the directory path. If you point # ServerRoot at a non-local disk, be sure to specify a local disk on # Mutex directive, if file-based mutexes are used.
  • Page 53 Installation/configuration 4.5 SIMATIC IoT2040 # Dynamic Shared Object (DSO) support # To be able to use the functionality of a module that was built as a DSO, you # must place corresponding 'LoadModule' lines at this location so # directives contained in it are actually available _before_ they are used.
  • Page 54 Installation/configuration 4.5 SIMATIC IoT2040 LoadModule authn_file_module modules/mod_authn_file.so #LoadModule authn_dbm_module modules/mod_authn_dbm.so #LoadModule authn_anon_module modules/mod_authn_anon.so #LoadModule authn_dbd_module modules/mod_authn_dbd.so #LoadModule authn_socache_module modules/ #mod_authn_socache.so LoadModule authn_core_module modules/mod_authn_core.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_groupfile_module modules/ mod_authz_groupfile.so LoadModule authz_user_module modules/mod_authz_user.so #LoadModule authz_dbm_module modules/mod_authz_dbm.so #LoadModule authz_owner_module modules/ #mod_authz_owner.so #LoadModule authz_dbd_module modules/mod_authz_dbd.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule access_compat_module modules/...
  • Page 55 Installation/configuration 4.5 SIMATIC IoT2040 #LoadModule include_module modules/mod_include.so LoadModule filter_module modules/mod_filter.so #LoadModule substitute_module modules/mod_substitute.so #LoadModule sed_module modules/mod_sed.so #LoadModule deflate_module modules/mod_deflate.so LoadModule mime_module modules/mod_mime.so LoadModule log_config_module modules/mod_log_config.so #LoadModule log_debug_module modules/mod_log_debug.so #LoadModule logio_module modules/mod_logio.so LoadModule env_module modules/mod_env.so #LoadModule expires_module modules/mod_expires.so LoadModule headers_module modules/mod_headers.so #LoadModule unique_id_module modules/mod_unique_id.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule version_module modules/mod_version.so...
  • Page 56 Installation/configuration 4.5 SIMATIC IoT2040 #LoadModule lbmethod_byrequests_module modules/ #mod_lbmethod_byrequests.so #LoadModule lbmethod_bytraffic_module modules/ #mod_lbmethod_bytraffic.so #LoadModule lbmethod_bybusyness_module modules/ #mod_lbmethod_bybusyness.so #LoadModule lbmethod_heartbeat_module modules/ #mod_lbmethod_heartbeat.so LoadModule unixd_module modules/mod_unixd.so #LoadModule dav_module modules/mod_dav.so #LoadModule status_module modules/mod_status.so #LoadModule autoindex_module modules/mod_autoindex.so #LoadModule info_module modules/mod_info.so #LoadModule cgid_module modules/mod_cgid.so #LoadModule dav_fs_module modules/mod_dav_fs.so LoadModule vhost_alias_module modules/ mod_vhost_alias.so #LoadModule negotiation_module modules/...
  • Page 57 Installation/configuration 4.5 SIMATIC IoT2040 # 'Main' server configuration # The directives in this section set up the values used by the 'main' # server, which responds to any requests that are not handled by a # <VirtualHost> definition. These values also provide defaults for # any <VirtualHost>...
  • Page 58 Installation/configuration 4.5 SIMATIC IoT2040 # Note starting at this point, you must specifically allow # particular features to be enabled - so if something is not working # expected, make sure that you have specifically enabled it # below. # DocumentRoot: The directory from which you access your # documents.
  • Page 59 Installation/configuration 4.5 SIMATIC IoT2040 # DirectoryIndex: sets the file that Apache accesses if a directory # is requested. <IfModule dir_module> DirectoryIndex index.html </IfModule> # The following lines prevent .htaccess and .htpasswd files from being # viewed by Web clients. <Files ".ht*"> Require all denied </Files>...
  • Page 60 Installation/configuration 4.5 SIMATIC IoT2040 combinedio </IfModule> # The location and format of the access log file (Common Logfile Format). # If you do not define any access log files within a <VirtualHost> # container, they will be logged here. If, however, you *do* # define per-<VirtualHost>...
  • Page 61 Installation/configuration 4.5 SIMATIC IoT2040 # ScriptAlias: This controls which directories contain server scripts. # ScriptAliases are essentially the same as Aliases, except that # documents in the target directory are treated as applications # run by the server when requested rather than as documents sent to # client.
  • Page 62 Installation/configuration 4.5 SIMATIC IoT2040 # TypesConfig points to the file containing the list of mappings from # file name extension to MIME type. TypesConfig conf/mime.types # AddType allows you to add to or override the MIME configuration # file specified in TypesConfig for specific file types. #AddType application/x-gzip .tgz # AddEncoding allows certain browsers to uncompress # information on the fly.
  • Page 63 Installation/configuration 4.5 SIMATIC IoT2040 # Filters allow you to process content before it is sent to the client. # To parse .shtml files for server-side includes (SSI): # (You will also need to add "Includes" to the "Options" directive.) #AddType text/html .shtml #AddOutputFilter INCLUDES .shtml </IfModule>...
  • Page 64 Installation/configuration 4.5 SIMATIC IoT2040 # EnableMMAP and EnableSendfile: On systems that support it, # memory-mapping or the sendfile syscall can be used to deliver # files. This usually improves server performance, but must # be turned off when serving from networked-mounted # filesystems or if support for these functions is otherwise # broken on your system.
  • Page 65 Installation/configuration 4.5 SIMATIC IoT2040 # Configure mod_proxy_html to understand HTML4/XHTML1 <IfModule proxy_html_module> Include conf/extra/proxy-html.conf </IfModule> # Secure (SSL/TLS) connections Include conf/extra/httpd-ssl.conf # Note: The following must be present to support # starting without SSL on platforms with no/dev/random equivalent # but a statically compiled-in mod_ssl. <IfModule ssl_module>...
  • Page 66 Installation/configuration 4.5 SIMATIC IoT2040 extra\httpd-ssl.conf # This is the Apache server configuration file providing SSL support. # It contains the configuration directives to instruct the server how # access pages over an https connection. For detailed information about these # directives, see <URL:http://httpd.apache.org/docs/2.4/mod/ mod_ssl.html>...
  • Page 67 SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-SHA256 Note: Run the following lines as a command: SSLProxyCipherSuite ECDHE-RSA-AES128-CBC-SHA256:ECDHE-RSA-AES128- GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-SHAhttps:// defthw99wvesrv.ad001.siemens.net:4003/Themes/CustomControls/ Viewlets/CloseBtn.gif256 # By the end of 2016, only TLSv1.2 ciphers should remain in use. # Older ciphers should be disallowed as soon as possible, while the # kRSA ciphers do not offer forward secrecy. These changes inhibit...
  • Page 68 Installation/configuration 4.5 SIMATIC IoT2040 # User agents such as Web browsers are not configured for the user's # own preference of either security or performance, therefore this # must be the prerogative of the Web server administrator who manages # CPU load versus confidentiality, so enforce the server's cipher order.
  • Page 69 Installation/configuration 4.5 SIMATIC IoT2040 # Pass Phrase Dialog: # Configure the pass phrase gathering process. # The filtering dialog program ('builtin' is an internal # terminal dialog) must provide the pass phrase on stdout. SSLPassPhraseDialog builtin # Inter-Process Session Cache: # Configure the SSL Session Cache: First the mechanism # to use and second the expiring timeout (in seconds).
  • Page 70 Installation/configuration 4.5 SIMATIC IoT2040 # General setup for the virtual host DocumentRoot "/usr/local/ apache2/htdocs" #ServerName www.example.com:443 #ServerAdmin you@example.com ServerName IoT2040:443 ErrorLog "/usr/local/apache2/logs/error_log" TransferLog "/usr/local/apache2/logs/access_log" # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # Server Certificate: # Point SSLCertificateFile at a PEM-encoded certificate.
  • Page 71 Installation/configuration 4.5 SIMATIC IoT2040 # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM-encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files.
  • Page 72 Installation/configuration 4.5 SIMATIC IoT2040 # Access Control: # With SSLRequire you can do per-directory access control based # on arbitrary complex Boolean expressions containing server # variable checks and other lookup directives. The syntax is a # mixture between C and Perl. See the mod_ssl documentation # for more details.
  • Page 73 Installation/configuration 4.5 SIMATIC IoT2040 StdEnvVars: This exports the standard SSL/TLS related 'SSL_*' environment variables. By default, this export is switched off for performance reasons, because the extraction step is an expensive operation and is usually useless for serving static content. So one usually enables the export for CGI and SSI requests only.
  • Page 74 Installation/configuration 4.5 SIMATIC IoT2040 ssl-accurate-shutdown: This forces an accurate shutdown when the connection is closed, i.e. a SSL close notify alert is sent and mod_ssl waits for the close notify alert of the client. This is 100% SSL/TLS standard compliant, but in practice often causes hanging connections with brain-dead browsers.
  • Page 75 Installation/configuration 4.5 SIMATIC IoT2040 extra\httpd-vhosts.conf # Virtual Hosts # Required modules: mod_log_config # If you want to maintain multiple domains/hostnames on your # machine you can setup VirtualHost containers for them. Most configurations # use only name-based virtual hosts so the server doesn't need to worry about # IP addresses.

  • Page 76: Configuring Sinumerik Controls

    Installation/configuration 4.5 SIMATIC IoT2040 <VirtualHost *:8082> ServerName gateway.eu1.mindsphere.io/ SSLProxyEngine On RequestHeader set Front-End-Https "On" ProxyPass / http://gateway.eu1.mindsphere.io/ ProxyPassReverse / http://gateway.eu1.mindsphere.io/ </VirtualHost> 4.5.5 Configuring SINUMERIK controls 4.5.5.1 Overview Introduction This chapter describes configuring the following SINUMERIK control for use of an Apache proxy on the IoT2040.
  • Page 77 Installation/configuration 4.5 SIMATIC IoT2040 3. The "Welcome" window opens. – To edit the configuration, select the "Reconfigure" option button. – To perform the setup of the "SINUMERIK Integrate Client", click "Next >". 4. The "Installation mode" window opens. – Select the option button "Expert mode (with additional installation options)." –...
  • Page 78 Installation/configuration 4.5 SIMATIC IoT2040 5. The "Additional Products" window opens. – Click "Next >". 6. The "Reconfigurable parameters" window opens. – Select the "NO - Do not prepare SINUMERIK Integrate client for series start-up" option button. – Click "Next >". Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 79 Installation/configuration 4.5 SIMATIC IoT2040 7. Select the following check boxes: – "SINUMERIK Integrate URLs" – "Internet proxy configurations" – Click "Next >". 8. The "SINUMERIK Integrate URL configuration" window opens. – Configure the URL for connection to MindSphere with http, rather than with https. Enter the following web service URL for MindSphere V3 Livesystem in the "MHComm"...
  • Page 80 Installation/configuration 4.5 SIMATIC IoT2040 9. The following prompt is displayed: "Please check internet proxy setting, the product use them to connect to the SINUMERIK Integrate Servers!". – Click "OK". 10.The "Internet Properties" > "General" window opens. – Open the "Connections" tab. Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 81 Installation/configuration 4.5 SIMATIC IoT2040 11.The "Connections" window opens. – In the "Local Area Network (LAN) settings" group box, click the "LAN settings" button. Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 82 Installation/configuration 4.5 SIMATIC IoT2040 12.The "Local Area Network (LAN) settings" window opens. Enter the proxy settings: – Clear the "Automatically detect settings" check box. – Clear the "Use automatic configuration script" check box. – In the "Proxy server" group box, select the "Use a proxy server for your LAN …." check box.
  • Page 83 Installation/configuration 4.5 SIMATIC IoT2040 13.The "Detected internet connection settings" window opens. The defined proxy settings are shown for checking. – Click "Next >". 14.The following question is displayed: "Do you need proxy autentication?" – Click the "No" button. Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 84 Installation/configuration 4.5 SIMATIC IoT2040 15.Select the "Fix internal security settings" check box. – Click "Next >". Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 85: Sinumerik Control With Sinumerik Operate - Setting The Proxy

    Installation/configuration 4.5 SIMATIC IoT2040 16.The "Start copying files" window opens. The specified proxy settings are displayed for validation. – Click "Next >". 17.The "Maintenance Complete" window opens. – Click "Finish>" to complete the installation. 4.5.5.3 SINUMERIK control with SINUMERIK Operate - Setting the proxy This chapter describes configuring the SINUMERIK Integrate Client for SINUMERIK Operate.
  • Page 86 Installation/configuration 4.5 SIMATIC IoT2040 Procedure 1. The "Settings" window is open. Press the "URLs>" softkey. 2. Press the "Settings" softkey and select the following settings: – Directory: Select the "User" entry in the "Directories" drop-down list. – Display home page: Select the "Overwrite here" check box. –...
  • Page 87 Installation/configuration 4.5 SIMATIC IoT2040 Example The IP address of IoT2040 is 192.168.0.198. This results in the following configuration: ● MindSphere V3 Livesystem: 192.168.0.198:8082 Error correction in the proxy connection The certificate is generated with the general name IoT2040. Rather than the IP address, it may be necessary to use FQDN: IoT2040 to access the proxy.
  • Page 88 Installation/configuration 4.5 SIMATIC IoT2040 Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 89: Configuring Mmm /R Sc Mo

    Installation/configuration 4.5 SIMATIC IoT2040 4.5.5.4 Configuring MMM /R SC MO Procedure 1. Click on icon "MMM /R 2. In the menu bar, call "Settings" > "Proxy...". The "Welcome" window opens. Enter your login data: – User name – Password – Tenant Click "OK".

  • Page 90: Backup The Root Access To The Iot2040 Box - Optional

    Installation/configuration 4.5 SIMATIC IoT2040 4.5.6 Backup the root access to the IoT2040 Box - optional Although this step is optional, we recommend that this configuration is performed for security reasons. 4.5.6.1 Setting a password for the root user. No password is set for the root user. For security reasons, it is recommended that you set the root password soon.

  • Page 91: Generating Ssh Key Pairs

    Installation/configuration 4.5 SIMATIC IoT2040 4.5.6.2 Generating SSH key pairs Procedure 1. Create the directory in which the keys are stored: mkdir -p ~/.ssh 2. Create the key pairs: ssh-keygen -t rsa – Generate the key pair "public/private rsa". – Enter the storage location of the key, e.g. /home/root/.ssh/id_rsa. –...
  • Page 92 Installation/configuration 4.5 SIMATIC IoT2040 Procedure 1. Download the generated private key from the IoT2040 into the local SINUMERIK control, into the following directory: /home/root/.ssh/id_rsa. 2. Start the PuTTY Key Generator by double-clicking "PuTTYgen". Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...
  • Page 93 Installation/configuration 4.5 SIMATIC IoT2040 3. The "PuTTY Key Generator" window opens. There is still no key. – Click "Load" in the "Actions" area. Load the file with private key "id_rsa". 4. The "PuTTYgen Notice" window opens and a message indicates the success of the operation.

  • Page 94: Connect To The Iot2040 Using The Private Key

    Installation/configuration 4.5 SIMATIC IoT2040 5. The "PuTTY Key Generator" window opens. The key is displayed. – In the "Actions" area, click "Save private key". 6. The new file, e.g. "id_rsa_PUTTY.ppk", is now created. 4.5.6.4 Connect to the IoT2040 using the private key Requirement Create the connection to the IoT2040 either with WinSCP or with PuTTY once you have installed the private key, e.g.
  • Page 95 Installation/configuration 4.5 SIMATIC IoT2040 Procedure 1. Login to WinSCP. 2. Select Edit > Advanced > SSH > Authentication > Authentication parameters > Private key file. 3. Deactivate the login with user name and password. Note Ensure login Perform this step only when you are sure that you can login with the created private key! Otherwise, you can no longer login to the IoT2040 and must reinstall the firmware.
  • Page 96 Installation/configuration 4.5 SIMATIC IoT2040 – opkg remove gdb Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 97: Appendix

    Appendix List of abbreviations Admin Administrator (user role) AMM /C Analyze MyMachine /Condition Computerized Numerical Control: Communication Directory: Frequently Asked Questions Hour HTTP Hypertext Transfer Protocol HTTPS HyperText Transfer Protocol Secure, Commissioning engineer (user role) Identification number Internet Explorer Interface Client Internet of Things Industrial PC Megabyte...
  • Page 98 Appendix A.1 List of abbreviations Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

  • Page 99: Index

    Index Apache APR Generating SSH key pairs, 91 Compiling, 45 Installing, 45 Apache APR-util Compiling, 46 Hardware setup, 36 Installing, 46 HMI Advanced, 19 Apache HTTP server httpd.conf, 51 Autostart, 47 Compiling and installing, 46 Starting and stopping, 46 Apache httpd Download packages, 44 installation SIMATIC IoT2040, 36...
  • Page 100 Index Requirement, 14 SIMATIC IoT2040, 36 Hardware setup, 36 SSL connection - certificate, 47 User name, 41 X1 P1, (Connecting with static address) X2 P1 Connecting with DHCP, 41 Manage MyMachines /Remote - installation in existing control environments Application examples, 10/2018, A5E45211403B AB...

This manual is also suitable for:

Sinumerik 840de slSinumerik 840d sl

Table of Contents