manualshive.com logo in svg

Phoenix Contact 1153079, Installation And Startup Manual

The Phoenix Contact 1153079 is a versatile product that requires an Installation And Startup Manual for optimal performance. You can download the manual for free from manualshive.com, providing step-by-step instructions to maximize the features of this device. Ensure proper installation and operation with this essential resource.

Share
Download
background image

FL MGUARD 1000 product family

22 / 52

PHOENIX CONTACT

108413_en_06

2.5.5

Firewall and device access

At the firewall, a distinction is made between incoming and 

routed

 data traffic: 

Incoming data traffic

 is the packets that are sent to the device (device access). 

Routed data traffic

 is the packets that are 

routed

 through the device, for example that 

come in via net zone 2 (XF2) and go out via net zone 1 (XF1).

Firewall (for incoming data traffic) = device access

 

Firewall (for routed data traffic) = routing

Table 2

-

10

Default setting

: firewall for incoming data traffic

Service, 

protocol

Incoming via 

Port

Description

HTTPS

Net zone 2 (XF2)

TCP 443

Corresponding requests to the 

web server of the device are per

-

mitted, i.e.:

– login and configuration via 

web-based management 

– login and configuration via 

RESTful server (

Config API

)

SNMP

Net zone 2 (XF2)

UDP 161

Corresponding requests to the 

SNMP server of the device are 

permitted.

DHCP

Net zone 2 (XF2)

UDP 67

Corresponding requests to the 

DHCP server of the device are 

permitted.

DNS

Net zone 2 (XF2)

TCP 53
UDP 53

Corresponding requests to the 

DNS server of the device are per

-

mitted.

NTP

Net zone 2 (XF2)

UDP 123

Corresponding requests to the 

NTP server of the device are per

-

mitted.

ICMP
(IPv4)

Net zone 2 (XF2)

Ping requests (

ICMP requests

) to 

the configured or assigned (per 

DHCP) IPv4 addresses of the net 

zones (in 

router mode

) or the man

-

agement IP address (in 

stealth 

mode

) are permitted.

Access to all other network services and network protocols of the device are dropped by 

the firewall.

Default setting

:

All packets that are sent from net zone 2 (XF2), i.e. from subnetwork 192.168.1.0/24, to 

any target address are forwarded by the device (

routed

). 

(Rule: 192.168.1.0/24 --> 0.0.0.0/0 = ACCEPT). 
All other packets are rejected.

Summary of Contents for 1153079

Page 1: ...User manual UM EN FL MGUARD 1000 FL MGUARD 1000 Installation and startup...

Page 2: ...achsmarktstra e 8 32825 Blomberg Germany phoenixcontact com 108413_en_06 FL MGUARD 1000 Installation and startup Designation Version Order No FL MGUARD 1102 1153079 User manual This user manual is val...

Page 3: ...tus and diagnostic indicators 14 2 5 Default setting 19 3 Mounting and installation 23 3 1 Mounting and removal 23 3 2 Connecting the supply voltage 24 3 3 Connecting to the network 25 3 4 Connecting...

Page 4: ...ACT 108413_en_06 5 2 Using smart mode 43 6 Device replacement device defect and repair 45 6 1 Secure deletion of sensitive data 45 6 2 Device replacement 45 6 3 Device defect and repair 45 6 4 Disposa...

Page 5: ...on technology as well as applicable stan dards and other regulations 1 4 Intended use The devices of the FL MGUARD 1000 series are security routers for industrial use with integrated stateful packet i...

Page 6: ...of material damage due to incorrect wiring Connect the network connections of the device to Ethernet installations only Some tele communications connections also use RJ45 jacks these must not be conne...

Page 7: ...tect network capable devices solutions and PC based software Phoenix Contact strongly recommends using an Information Security Management System ISMS to manage all of the infrastructure based organiza...

Page 8: ...r the measures you have taken still provide adequate protection for your components networks and systems threat analyses should be performed regularly Perform a threat analysis on a regular basis Deac...

Page 9: ...Response Team PSIRT The Phoenix Contact PSIRT is the central team for Phoenix Contact as well as for its sub sidiaries authorized to respond to potential security vulnerabilities incidents and other...

Page 10: ...FL MGUARD 1000 product family 10 52 PHOENIX CONTACT 108413_en_06...

Page 11: ...s or multiple subnets with the same IP configuration can easily be integrated into an existing network without having to change the IP configuration of the machine or the subnets Figure 2 1 NAT router...

Page 12: ...uld result in a malfunction Immediately upon delivery refer to the delivery note to ensure that the delivery is com plete Submit claims for any transport damage immediately and inform Phoenix Contact...

Page 13: ...1 RJ45 Ethernet port see Section 3 3 LNK ACT LED top SPD LED bottom see Section 2 4 2 Connection of digital inputs via COMBICON con nector Push in contact See Section 3 4 Status and diagnostic LEDs Se...

Page 14: ...update Ready for opera tion Test mode alarm Wait until the device has been started up com pletely The firmware is written to the device NOTE An interruptionin the power supply can damage the device Do...

Page 15: ...four seconds The smart mode func tion is executed Do not switch off the de vice NOTE An interrup tion in the power sup ply can damage the device Do not switch off the device Wait until the smart mode...

Page 16: ...EDs LNK ACT and SPD Designation Color Status Meaning LNK ACT XF1 XF2 Upper LED Green On Link active Flashing Data packets are being transmit ted Off Link not active SPD XF1 XF2 Lower LED Green or ange...

Page 17: ...n Color Status Meaning US1 Green On Supply voltage within the tolerance range see Section 7 Off Supply voltage not present or too low see Section 7 US2 Green On The devices do not have a redundant pow...

Page 18: ...F5 have gone out and PF1 flashes green heartbeat On permanent A serious error occurred The device did not reach readi ness for operation All network interfaces have been deactivated Restart the device...

Page 19: ...evice is restricted by the firewall for incoming data traf fic see Firewall for incoming data traffic device access Table 2 7 Default setting configuration of the network interfaces Function Net zone...

Page 20: ...7 DNS client Net zone 1 XF1 Net zone 2 XF2 applies the settings of net zone 1 Sends DNS requests to available DNS servers via UDP port 53 Default setting The address of a DNS server can be as signed p...

Page 21: ...SNMP server Net zone 2 XF2 Request via UDP Port 161 SNMP Clients that are connected with the device via net zone 2 can access the SNMP server read only DHCP server Net zone 2 XF2 Request via UDP port...

Page 22: ...configuration via RESTful server Config API SNMP Net zone 2 XF2 UDP 161 Corresponding requests to the SNMP server of the device are permitted DHCP Net zone 2 XF2 UDP 67 Corresponding requests to the D...

Page 23: ...il Push the module from the front towards the mounting surface B Once the module has been snapped on properly check that it is fixed securely Connect the DIN rail to protective earth ground Figure 3 1...

Page 24: ...rail Functional grounding of the module is achieved when the module is snapped onto the grounded DIN rail or via clamping point 5 functional ground FE of COMBICON connector XD1 NOTE Electrical voltage...

Page 25: ...1 or 2 until the connector engages with a click NOTE Connect the network connections Ethernet of the device to LAN installations on ly Some telecommunications connections also use RJ45 connections th...

Page 26: ...V DC Connecting I Os Remove COMBICON connector XG1 or XG2 from the device Connect the desired connecting cable to the COMBICON connector see Table 3 3 and 3 4 Plug COMBICON connector XG1 or XG2 onto...

Page 27: ...on the back of the device Format SD 32 0 mm 24 0 mm 2 1 mm Figure 3 3 SD card holder on the back of the device On principle we cannot guarantee the functionality and compatibility of SD cards from oth...

Page 28: ...FL MGUARD 1000 product family 28 52 PHOENIX CONTACT 108413_en_06...

Page 29: ...between two subnets The IP configuration of the device and the connected devices has to be adapted to the respective own network structure All devices of net zone 2 XF2 can automatically obtain their...

Page 30: ...is generally neither necessary to configure the device nor possible due to the lack of ac cess options via the web based management HTTPS In Easy Protect Mode firmware updates can be performed via the...

Page 31: ...ive Easy Protect Mode 4 2 2 Protecting network clients Connect the devices to be protected with net zone 2 of the device via a network port XF2 To protect several devices connect them to the device vi...

Page 32: ...possible for clients in one net zone to communicate and exchange data among each other and with clients from the other net zone With the firewall functions network access to individual or several netw...

Page 33: ...e assigned automatically per DHCP or a static configuration can be made see below If the configuration computer has already been configured to obtain its IP setting via DHCP the device automatically a...

Page 34: ...192 168 1 100 to the configuration computer The device serves as default gateway for the configuration computer Manually entering a static IP setting To configure static IP settings for the configura...

Page 35: ...Initial startup 108413_en_06 PHOENIX CONTACT 35 52 From the answer to the ping request you can tell whether the device reacts to re quests from the configuration computer...

Page 36: ...imported into a new device This makes it possible to carry out a device exchange quickly and easily if a malfunction should ever occur in a device Furthermore new devices can easily be commissioned b...

Page 37: ...he configuration computer with the device see Section 4 3 2 Start a web browser on the configuration computer Enter the IP address of the connected network interface of the device into the address lin...

Page 38: ...te The start page for the web based management of mGuardNT opens Figure 4 7 Start page for web based management The functions that can be configured by means of the web based management are de scribed...

Page 39: ...he Mode button for at least 5 seconds The FAIL LED lights up red Release the Mode button The device restarts The PF1 5 LEDs light up orange The device is ready for operation when the PF1 LED flashes g...

Page 40: ...ration API in short Config API The Config API is provided via a RESTful web server of the device The data is transmitted via the HTTP S protocol which is also used to call up websites How to use the C...

Page 41: ...s the installed firmware version with the last configura tion that was saved All settings passwords and certificates remain unaltered 5 1 2 Restoring configuration access Applications The IP configura...

Page 42: ...ement interface The device configuration passwords and certificates are to remain unaltered Result The firmware of the device is updated to a higher version by means of the update file stored on the S...

Page 43: ...ns Press and hold the Mode button for at least 5 seconds until all PF LEDs flash green continuously fast Release the Mode button The selected function is executed All PF LEDs that are not assigned to...

Page 44: ...default settings Selected Is being executed Completed successfully Failed The LED shows which smart mode function has been selected see Table 5 1 Additionally PF1 5 flash green simultaneously three ti...

Page 45: ...temperature range specified for trans port see Section 7 If necessary use dehumidifying agents Use suitable ESD packaging to protect components that are sensitive to electro static discharge Make sur...

Page 46: ...spose of packaging materials that are no longer needed cardboard packaging paper bubble wrap sheets etc with household waste in accordance with the cur rently applicable national regulations Dispose o...

Page 47: ...y Air pressure operation 68 kPa 108 kPa 3000 m above sea level Ambient compatibility Free from substances that would hinder coating with paint or varnish accord ing to VW specification Pollution degre...

Page 48: ...ital inputs Number 3 Voltage of input signal 0 V DC 36 V DC Maximum input current 5 mA Mechanical tests Vibration resistance in accordance with IEC 60068 2 6 Operation storage transport 5g 10 Hz 150 H...

Page 49: ...EN 61000 4 4 IEC 1000 4 4 burst Data cables Power supply Requirements in accordance with DIN EN 61000 6 2 Test intensity 3 criterion A Test intensity 3 criterion A Immunity in accordance with EN 61000...

Page 50: ...FL MGUARD 1000 product family 50 52 PHOENIX CONTACT 108413_en_06...

Page 51: ...products in your specific application in particular with regard to observing the applicable standards and regulations All information made available in the technical data is supplied without any accom...

Page 52: ...products Subsidiaries If there are any problems that cannot be solved using the documentation please contact your Phoenix Contact subsidiary Subsidiary contact information is available at phoenixconta...

Page 53: ......

Page 54: ...PHOENIX CONTACT GmbH Co KG Flachsmarktstra e 8 32825 Blomberg Germany Phone 49 5235 3 00 Fax 49 5235 3 41200 E mail info phoenixcontact com phoenixcontact com PHOENIX CONTACT 108413__en_06 Order No 06...

Reviews:

No comments

Related manuals for 1153079

Olsen Infinity Operation Manual preview
Infinity
Brand: Olsen Pages: 56
Waterous K Series Operation And Maintenance Instruction preview
K Series
Brand: Waterous Pages: 5
3TECH TS-12 Manual preview
TS-12
Brand: 3TECH Pages: 32
4EVAC Compact 500 Operation Manual preview
Compact 500
Brand: 4EVAC Pages: 15
Datavideo DN-100 Operation Manual preview
DN-100
Brand: Datavideo Pages: 28
p-light Maxi Installation And Instructions For Use preview
Maxi
Brand: p-light Pages: 28
NCR 7709 Kit Instructions preview
7709
Brand: NCR Pages: 20
DARAY X740 Operating & Installation Manual preview
X740
Brand: DARAY Pages: 32
Darco Body Armor Night Splint Manual preview
Body Armor Night Splint
Brand: Darco Pages: 2
MacDon D65 Installation Instructions Manual preview
D65
Brand: MacDon Pages: 74
ICELED MATRIX Installation And Operating Manual preview
MATRIX
Brand: ICELED Pages: 4
Facom U.18H36 Quick Manual preview
U.18H36
Brand: Facom Pages: 4
FaceLake FL-100 Manual preview
FL-100
Brand: FaceLake Pages: 2
FabiaTech FX5401 Users Quick Reference preview
FX5401
Brand: FabiaTech Pages: 2
FabiaTech Fanless Series Manual preview
Fanless Series
Brand: FabiaTech Pages: 77
TC Electronic Konnekt 24D User Manual preview
Konnekt 24D
Brand: TC Electronic Pages: 67
Tascam SS-CDR1 Technical Documentation preview
SS-CDR1
Brand: Tascam Pages: 3
GE Venue 50 Basic Service Manual preview
Venue 50
Brand: GE Pages: 289

Brands by name

Popular brands

Load more brands