manualshive.com logo in svg

LOYTEC LIP-ME20X, User Manual, Page: 29 / 35

Share
Download
LOYTEC LIP-ME20X User Manual Download Page 29

LIP-ME20X User Manual 

29 

LOYTEC  

Version 7.2 

LOYTEC electronics GmbH 

 

9 Security Hardening Guide 

This guide contains security-relevant information for operating the product on IT networks. 
The  information  refers  to  the  firmware  version  and  the  instructions  found  in  the  previous 
chapters of this User Manual. 

9.1  Installation Instructions 

Install the device over the Web interface: 

 

Set  up  the  BACnet  protocol  settings  as  described  in  Section  5.2.1.  When  connecting 
over the Web UI use https:// in the URL. 

 

Set a secure password for the admin and operator accounts. 

 

Disable the HTTP, FTP, and Telnet servers in the IP port configuration as described in 
the  LOYTEC  Device  User  Manual  [1].  Note,  that  FTP  and  Telnet  are  disabled  in 
factory defaults as of firmware 7.0.0. 

 

Create  a  new  HTTPS  server  certificate  as  described  in  the  LOYTEC  Device  User 
Manual [1]. 

9.2  Firmware 

The  device  is  equipped  with  one  piece  of  software.  This  is  the  firmware  image  and  its 
related  firmware  version.  The  firmware  is  distributed  as  a  downloadable  file.  The  device 
can  be  upgraded  by  placing  the  firmware  image  onto  the  device  using  the  procedure 
described in Chapter 7. 

9.3  Ports 

This Section lists all ports, which may be used by the device. The ports are default settings 
for their respective services. If not stated otherwise, the ports can be changed. 

Required Ports: 

 

47808 udp: This is the data exchange port for BACnet/IP. It is required for the primary 
function  of  the  device  to  exchange  control  network  data  between  routers  over  the  IP 
network. Each device needs this port open. 

Optional  ports  not  necessary  for  the  primary  product  function.  They  can  be  disabled  as 
described in the installation instructions in Section 9.1: 

 

21 tcp: This port is opened by the FTP server. The port can be changed and disabled. 

Summary of Contents for LIP-ME20X

Page 1: ...LIP ME20X L IP BACnet Router User Manual LOYTEC electronics GmbH...

Page 2: ...TROL OR ENGINE CONTROL EQUIPMENT WITHIN AN AIRCRAFT OR FOR ANY OTHER APPLICATION IN WHICH IN THE FAILURE OF SUCH PRODUCT COULD CREATE A SITUATION IN WHICH PERSONAL INJURY OR DEATH MAY OCCUR No part of...

Page 3: ...on and IP Connection 20 5 2 Configuration of the LIP ME20X 20 5 2 1 Configuration on the Web Interface 20 5 2 2 Configuration on the LCD Display 20 5 3 Remote Protocol Analyzer 22 5 4 Reset to Factory...

Page 4: ...2 Firmware 29 9 3 Ports 29 9 4 Services 30 9 5 Upgrade Key Strength 30 9 6 Logging and Auditing 31 10 Specifications 32 10 1 Physical Specifications 32 10 1 1 LIP ME201C LIP ME202C 32 10 1 2 LIP ME204...

Page 5: ...ight Saving Time FD Foreign Device FTP File Transfer Protocol GMT Greenwich Mean Time IP Internet Protocol LAN Local Area Network MAC Media Access Control MIB Management Information Base MS TP Master...

Page 6: ......

Page 7: ...also available on each of the MS TP ports This makes the LIP ME202C and LIP ME204C a perfect alternative to installing four separate routers reducing space and cost In addition the LIP ME20XC models a...

Page 8: ...rk in the respective column If a feature is not available in the particular model the column is left blank Model Features LIP ME201C LIP ME202C LIP ME204C BACnet Router MS TP Ports 1 2 4 BBMD OPC XML...

Page 9: ...unauthorized access to the devices systems and networks These should only be connected to a network or the Internet if adequate security measures are in place e g firewalls separate networks and a co...

Page 10: ...try Regulations of the utility company Any specifications diagrams dispositions cable lists and regulations of the customer or system integrator Any third party regulations e g general contractor or c...

Page 11: ...vice Safety Device safety is guaranteed by supply with low voltage 24VAC or 24VDC and a double insulation between mains voltage 230VAC 24VAC circuits and the housing or by supply via Power over Ethern...

Page 12: ...ety transformers according to IEC 61558 with double insulation designed for 100 duty cycle to supply SELV or PELV circuits U S Class 2 circuits according to UL 5085 3 For efficiency reasons the power...

Page 13: ...ons must be observed CAUTION Protection of Mains Voltage Transformers 24VDC power supplies must be protected on the primary circuit using a control cabinet fuse CAUTION Power over Ethernet PoE LPAD 7...

Page 14: ...common Web interface LCD display and operating interfaces topics common to all LOYTEC devices Support for LTE LOYTEC devices now support the LTE 800 mobile interface This interface is connected via t...

Page 15: ...gned by the mobile carrier A number of dynamic DNS providers are preconfigured and can be selected on the IP Host tab of the port configuration as shown in Figure 3 Figure 3 Dynamic DNS Settings Secur...

Page 16: ...ting 4 2 New in LIP ME20X 6 4 0 This section describes the major changes and new features For a full list of changes refer to the Readme file Localized Web Interface The entire Web interface of the de...

Page 17: ...nfigurator upgrade paths It is however optional and can be turned off by deselecting the check box Figure 7 Backup before Upgrade on the Web interface 4 3 New in LIP ME20X 6 0 0 This section describes...

Page 18: ...WAN connected to Ethernet 2 while the building network services are running locally on the LAN connected to Ethernet 1 For configuration the device provides separate Ethernet tabs in the port configur...

Page 19: ...poses the same OPC tags as the well known OPC XML DA server In addition OPC UA offers superior security features as well as slimmer data transfers For more information on the OPC UA server please refe...

Page 20: ...tact This is required before proceeding with configuration on the Web UI Click on BACnet Config and setup the BACnet Device Configuration see Section 3 2 17 BACnet Configuration in the LOYTEC Device U...

Page 21: ...e device reboots with the new IP address To Configure the BACnet Device ID over the LCD Display 1 On the LCD main screen navigate to Device Settings 2 Then navigate to the menu BACnet 3 In that menu n...

Page 22: ...ble on each port For doing so the remote capture has to be enabled See Section 8 2 for more details 5 4 Reset to Factory Defaults In case the password of the device has been forgotten you may need to...

Page 23: ...ith bar code Ser Figure 9 Example product label Unless stated otherwise all bar codes are encoded using Code 128 An additional label is also supplied with the device for documentation purposes The spe...

Page 24: ...ial Device models with an LCD display can also be configured to their basic settings through jog dial navigation on the LCD UI The main page of the LCD UI is shown in Figure 10 It displays the device...

Page 25: ...evice if it has no configuration yet This feature is beneficial when replacing a device PIN Alter the default PIN to any 4 digit number to protect certain operations on the LCD UI The user will be pro...

Page 26: ...P ME20X User Manual 26 LOYTEC Version 7 2 LOYTEC electronics GmbH 6 6 Wiring The wiring information of the product and its terminal layout are shown on the installation sheet found in the product s bo...

Page 27: ...lid primary image When the LIP ME20X boots up with the fallback image the port LEDs are flashing red The firmware image is distributed in a firmware ZIP archive that applies to all LIP ME20X models 7...

Page 28: ...OYTEC electronics GmbH Blumengasse 35 A 1170 Vienna Austria Europe e mail support loytec com web http www loytec com tel 43 1 40208050 fax 43 1 402080599 or LOYTEC Americas Inc N27 W23957 Paul Road Su...

Page 29: ...tificate as described in the LOYTEC Device User Manual 1 9 2 Firmware The device is equipped with one piece of software This is the firmware image and its related firmware version The firmware is dist...

Page 30: ...can be disabled after setting up the device FTP FTP server It is used for firmware upgrade and access to the log file Telnet Telnet server It provides access to the device console menu over the networ...

Page 31: ...log file which can be read out over FTP or the Web server This log contains information when the device started and when crucial communication errors occur Other information such user log on are not...

Page 32: ...idity non condensing storage 10 to 90 RH 50 C Enclosure Installation enclosure 107 mm wide DIN 43 880 Environmental Protection IP 40 enclosure IP 20 screw terminals Installation DIN rail mounting EN 5...

Page 33: ...20 screw terminals Installation DIN rail mounting EN 50 022 or wall mounting 10 2Resource Limits Table 3 specifies the resource limits of the LIP ME models Model Limits 201C 202C 204C BDT max recomme...

Page 34: ...bH 11 References 1 LOYTEC Device User Manual 7 2 LOYTEC electronics GmbH Document 88086507 April 2020 2 L INX L GATE User Manual 7 2 LOYTEC electronics GmbH Document 88073027 April 2020 3 LWEB 900 Use...

Page 35: ...BDT limits in Section 10 1 2 2015 01 26 5 1 STS Updated for firmware version 5 1 Added LIP ME204 models Added Section 1 2 LIP ME20X Models Added Section 2 1 New in LIP ME20X 5 1 0 Added Section 4 6 L...

Reviews:

No comments