Rockwell Automation Stratix 4300 User Manual
  1. Manuals
  2. Brands
  3. Rockwell Automation Manuals
  4. Network Router
  5. Stratix 4300
  6. User manual

Rockwell Automation Stratix 4300 User Manual

Remote access routers
Hide thumbs
Table of Contents

Advertisement

Quick Links

Stratix 4300 Remote Access
Routers
Catalog Number 1783-RA2TGB, 1783-RA5TGB
User Manual
Original Instructions

Advertisement

Table of Contents
loading

Related Manuals for Rockwell Automation Stratix 4300

Summary of Contents for Rockwell Automation Stratix 4300

  • Page 1 Stratix 4300 Remote Access Routers Catalog Number 1783-RA2TGB, 1783-RA5TGB User Manual Original Instructions...
  • Page 2 If this equipment is used in a manner not specified by the manufacturer, the protection provided by the equipment may be impaired. In no event will Rockwell Automation, Inc. be responsible or liable for indirect or consequential damages resulting from the use or application of this equipment.

  • Page 3: Table Of Contents

    Router Restart ..........36 Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 4 Index ............39 Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 5: Preface

    Design (CRD) methodologies. The Implementation Guide represents a collaborative development effort from Cisco Systems Converged Plantwide Ethernet (CPwE) Design and Implementation and Rockwell Automation®. It is built on, and adds to, design guidelines from the Cisco Ethernet- Guide, publication ENET-TD001 to-the-Factory (EttF) solution and the Rockwell Automation Integrated Architecture®.
  • Page 6 Notes: Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 7 Uses VPN connections that are optimized for industrial communications with reduced latency Factory Talk Remote Access software: • Manages user and group configurations to segment network access and permissions • Provides log and audit trails for activities for established connections Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 8: Remote Access Solution Overview

    Together, these products enable secure access to industrial machines, skids, and assets. Cloud Server Infrastructure FactoryTalk Stratix 4300 Remote Access The Stratix 4300 must be registered to FactoryTalk Remote Access before a connection can be initiated. VPN Tunnel Server Infrastructure Stratix 4300 Secure...

  • Page 9: Best Practices

    • Stratix 4300 routers must be connected to the internet through its WAN port. Stratix 4300 routers do not enable any service through that port and only need an outgoing connection through to the configured outgoing port (TCP port 443, 80, or 5935). An additional firewall can provide more protection.

  • Page 10: Remote Access Routers

    Figure 1 - 1783-RA2TGB Table 1 - 1783-RA2TGB Router Front View Restart Status Indicator Server/USB Status Indicator COM RX Status Indicator USB 2.0 Power Status Indicator Remote Connect Status Indicator COM TX Status Indicator Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 11: 1783-Ra5Tgb

    Table 2 - 1783-RA5TGB Router Front View Restart Status Indicator Server/USB Status Indicator COM RX Status Indicator USB 2.0 LAN1 LAN2 LAN3 LAN4 Power Status Indicator Remote Connect Status Indicator COM TX Status Indicator Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 12 The output is active when the router is connected to its associated Domain. OUT0 The simple connection to the server does not activate the output. The Stratix 4300 is required to be successfully authenticated to the Domain OUT1 The output is active when at least one user is remotely connected to the Router.

  • Page 13: Multi-Factor Authentication

    After the first login, each following login asks for your authenticator code. This code is updated every 3 minutes. 3. Open the authenticator application on your device and type in the current code that is assigned to your account. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 14: Typical Remote Access Architectures

    Without NAT or Routing there are no North or South data flows through the Stratix 4300. East or West data flow (for example from the HMI to the Safety Controller) within the cell/area zone occurs in the embedded switch of the Stratix 4300.
  • Page 15 Chapter 1 Remote Access Architecture The following architecture is highlighting the use of the Stratix 4300 for remote access purposes and NAT/Routing purposes. The Stratix 4300 provides remote access to each individual cell/area zone. If there is a need for peer-to- peer or machine-to-machine communication, the Stratix 4300 NAT or Routing features can be configured to allow successful communication.
  • Page 16 Chapter 1 Remote Access Architecture The following architecture is highlighting the use of the Stratix 4300 for remote access purposes. The switch optionally provides some NAT/Routing services for the Cell/Area Zone for LAN to WAN communication. Without NAT or Routing there are no North/South data flows. Most other data flows in the cell occur at the industrial Ethernet switch.
  • Page 17 Stratix 4300. The VLAN required for Internet access or WAN must be extended into the cell/area zone IES to provide. This is to verify that the Stratix 4300 has Internet access for remote access.
  • Page 18 Stratix 4300 WAN connection. The WAN is connected directly to distribution to ease routing requirements. Any cloud or remote access related traffic from the Stratix 4300 goes directly to the distribution switch. Generally, the distribution switch is the central router for the industrial architecture before the Core routes traffic.

  • Page 19: Secure Remote Connectivity - Use Case: Modem Direct/Isolated

    The following architecture highlights a remote isolated cell. For the Internet connection in this architecture, an Internet modem like those provided by most Internet service providers is used. Internet Modem Stratix 4300 Controller Drive Isolated Machines Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 20 Chapter 1 Remote Access Architecture Notes: Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 21: Connect Via Ethernet

    The Stratix 4300® Router can be configured using an Ethernet connection to the device. Connect Via Ethernet 1. Login with the default IP address to the device in the Stratix 4300 Device Manager. The default IP address and LAN ports are set to 192.168.0.1. WAN ports are set to request an address via DHCP The default user name and password are both “admin”.
  • Page 22 The password change prompts the device to restart. 3. To apply the changes, restart your device. After your device reboots, the device manager opens on the general tab. From this point, you can explore options the Device Manager has. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 23 Chapter 2 Router Integration The date and time settings, and Local NTP Server interfaces can both be found under the General tab. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 24 System information about your router can also be found under the General tab. The interface tab shows what the ports on the device are doing, and the location of the MAC address for the WAN port. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 25 All LAN port information is also listed under the Interface tab, including the MAC address. From the Interface tab, you can choose your Serial port mode. Under the Networking tab, you can find options for your VPN connection. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 26 If you select “Digital input”, the router connects to the configured Domain only and exclusively when the proper electric input (IN0) is activated. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 27 Chapter 2 Router Integration All user accounts local to the Stratix 4300 are located under the Users tab. This tab is where you find your administrator account or change your current password. Under the diagnostic page, you can ping a network address. A log of the pings that are sent are tracked in a list below the Ping option.

  • Page 28: Add An Ip Address

    Associate the Router with a 1. In the FactoryTalk Remote Access environment, choose your domain and Domain click the plus (+) option. A tab with the five options that are shown below appears. 2. Click Add Device. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 29 4. To add the device, reenter the router credentials. IMPORTANT Your PC must be in the same subnet as the Stratix 4300 you are adding to the domain. 5. Find your router in the list that appears.
  • Page 30 You can also connect or disconnect from the router with the toggle option you see under the “VPN-Connected” tab. For more information on the Serial and USB options, refer to the help file in FactoryTalk Remote Access. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 31: Protect Against Unwanted Domain Change

    Chapter 2 Router Integration Protect Against Unwanted The Stratix 4300 Router features additional security for protection against Domain Change unwanted or unauthorized Domain change attempts. Once you register a domain, the server stores the details of the binding and blocks any possibility to change the domain without the execution of the dedicated procedure.

  • Page 32: Firewall Policies

    From the domain view, you can create or import a firewall policy. 1. To create a firewall policy, click the folder where you want to define the policy and then click Create firewall policy. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 33 The Ethernet type lists the Ethernet communication protocols. After selecting the Ethernet type, the appropriate configurable properties are displayed. For example, after selecting IP the configurable properties displayed are IP address, IP protocol, and IP ports. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 34 1. To import a firewall policy, start with the same process as creating one and select import. 2. Select the firewall policy that you want to import from the list then click OK. The policy is imported into the domain Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 35: Update The System

    If the router shuts down during this process, the factory reset is not completed. At the end of the reset process, the Server/USB indicator turns on and starts to blink. When the indicator is blinking red, the reset is complete. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 36: Router Restart

    2. Press and release the restart button. The restart status indicator turns red. The indicator blinks green four times to indicate that the restart has been completed. The router can also be restarted from Device Manager over VPN. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 37: Status Indicators

    Only active when at least one control center client is connected to the Remote Connection Green router. The indicators are directly connected to the serial port RX/TX signals and COM RX/COM TX Green/Yellow show traffic through the lines. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 38: Export Logs

    All CRUD (create, rename, update, delete) operations that are performed on all domain resources: - Users - Groups - Permissions - Device - Configurations • All remote access operations, with starting time and ending time. Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...

  • Page 39: Index

    21 router restart 36 secure remote access solution 19 secure remote connectivity - use case cell/area zone SRA 15 modem direct/isolated machine 19 status indicators 37 troubleshoot 37 typical remote access architectures 14 Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 40 Notes: Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 41 Stratix 4300 Remote Access Routers User Manual Rockwell Automation Publication 1783-UM014A-EN-P - October 2021...
  • Page 42 At the end of life, this equipment should be collected separately from any unsorted municipal waste. Rockwell Automation maintains current product environmental information on its website at rok.auto/pec. Allen-Bradley, expanding human possibility, FactoryTalk, Rockwell Automation, Stratix, and VersaView are trademarks of Rockwell Automation, Inc. EtherNet/IP is a trademark of ODVA, Inc.

This manual is also suitable for:

1783-ra2tgb1783-ra5tgb

Table of Contents