Siemens SIMATIC NET TeleControl S7-1200 CP 1243-1 Operating Instructions Manual page 60

Hide thumbs Also See for SIMATIC NET TeleControl S7-1200 CP 1243-1:

Operating instructions manual (230 pages)

Application example (38 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

page of 112

/ 112
Contents
Table of Contents
Bookmarks

Table of Contents

Configuration

4.8 Security

Creating a security user

To create a VPN tunnel, you require appropriate configuration rights. To activate the security

functions, you need to create at least one security user.

1. In the local security settings of the CP, click the "User login" button.

Result: A new window opens.

2. Enter the user name, password and confirmation of the password.

3. Click the "Logon" button.

You have created a new security user. The security functions are now available to you.

With all further logons, log on as user.

Select the "Activate security features" check box

After logging on, you need to select the "Activate security features" check box in the

configuration of both CPs.

You now have the security functions available for both CPs.

Creating the VPN group and assigning security modules

1. In the global security settings, select the entry "Firewall" > "VPN groups" > "Add new VPN

group".

2. Double-click on the entry "Add new VPN group", to create a VPN group.

Result: A new VPN group is displayed below the selected entry.

3. In the global security settings, double-click on the entry "VPN groups" > "Assign module

to a VPN group".

4. Assign the security modules between which VPN tunnels will be established to the VPN

group.

Note

Current date and current time on the CP for VPN connections

Normally, to establish a VPN connection and the associated recognition of the certificates to

be exchanged, the current date and the current time are required on both stations.

The establishment of a VPN connection to an engineering station that is also the telecontrol

server at the same time (TCSB installed), runs as follows along with the time of day

synchronization of the CP:

On the engineering station (with TCSB), you want the CP to establish a VPN connection.

The VPN connection is established even if the CP does not yet have the current time.

Otherwise the certificates used are evaluated as valid and the secure communication will

work.

Following connection establishment, the CP synchronizes its time of day with the PC

because the telecontrol server is the time master if telecontrol communication is enabled.

Operating Instructions, 12/2016, C79000-G8976-C365-02

CP 1243-1

Table of Contents

Siemens SIMATIC NET TeleControl S7-1200 CP 1243-1 Operating Instructions Manual page 60

Related Manuals for Siemens SIMATIC NET TeleControl S7-1200 CP 1243-1

Related Products for Siemens SIMATIC NET TeleControl S7-1200 CP 1243-1

Table of Contents