manualshive.com logo in svg

Siemens CP 1243-7 LTE-EU, Operating Instructions Manual, Page: 63 / 132

Share
Download
Siemens CP 1243-7 LTE-EU Operating Instructions Manual Download Page 63

 

Configuration and operation 

 

4.13 Security functions 

CP 1243-7 LTE 
Operating Instructions, 01/2015, C79000-G8976-C381-01 

63

 

4.13.1.6

 

CP as passive subscriber of VPN connections 

Setting permission for VPN connection establishment with passive subscribers 

If the CP is connected to another VPN subscriber via a gateway, you need to set the 

permission for VPN connection establishment to "Responder". 
This is the case in the following typical configuration: 

VPN subscriber (active) ⇔ gateway (dyn. IP address) ⇔ Internet ⇔ gateway (fixed IP 

address) ⇔ CP (passive)

 

Configure the permission for VPN connection establishment for the CP as a passive 

subscriber as follows: 
1.

 

In STEP 7, go to the devices and network view. 

2.

 

Select the CP. 

3.

 

Open the "VPN" tab. 

4.

 

For each VPN connection with the CP as a passive VPN subscriber, change the default 

setting "Initiator/Responder" to the setting "Responder". 

4.13.2

 

Firewall 

4.13.2.1

 

Firewall sequence when checking incoming and outgoing frames 

Each incoming or outgoing frame initially runs through the MAC firewall (layer 2). If the frame 

is discarded at this level, it will not be checked by the IP firewall (layer 3). This means that 

with suitable MAC firewall rules, IP communication can be restricted or blocked. 

4.13.2.2

 

Notation for the source IP address (advanced firewall mode) 

If you specify an address range for the source IP address in the advanced firewall settings of 

the CP, make sure that the notation is correct: 

 

Separate the two IP addresses only using a hyphen. 
Correct: 192.168.10.0-192.168.10.255 

 

Do not enter any other characters between the two IP addresses. 
Incorrect: 192.168.10.0 - 192.168.10.255 

If you enter the range incorrectly, the firewall rule will not be used. 

4.13.2.3

 

Firewall settings for S7 connections via a VPN tunnel 

IP rules in advanced firewall mode 

If you set up S7 connections with a VPN tunnel between the CP and a communications 

partner, you will need to adapt the local firewall settings of the CP: 
Select the "Allow*" action for S7 connections in advanced firewall mode ("Security > Firewall 

> IP rules") for both communications directions of the VPN tunnel. 

Summary of Contents for CP 1243-7 LTE-EU

Page 1: ...____ ___________________ SIMATIC NET S7 1200 TeleControl CP 1243 7 LTE Operating Instructions CP 1243 7 LTE EU 01 2015 C79000 G8976 C381 01 Preface Application and properties 1 LEDs and connectors 2 Installation connecting up commissioning 3 Configuration and operation 4 Programming the program blocks 5 Diagnostics and upkeep 6 Technical specifications 7 Dimension drawings A Approvals B Accessorie...

Page 2: ...perated only by personnel qualified for the specific task in accordance with the relevant documentation in particular its warning notices and safety instructions Qualified personnel are those who based on their training and experience are capable of identifying risks and avoiding potential hazards when working with these products systems Proper use of Siemens products Note the following WARNING Si...

Page 3: ... the top hinged cover of the module housing next to the article number you will see the hardware product version printed as a placeholder X for example X 2 3 4 In this case X would be the placeholder for hardware product version 1 You will find the firmware version of the CP as supplied behind the top hinged cover of the housing to the left below the LED field You will find the IMEI under the lowe...

Page 4: ... when installing and commissioning the device The necessary configuration steps are described in the form of an overview You will also find instructions for operation and information about the diagnostics options of the device New in this issue First issue Replaced manual issue None Current manual release on the Internet You will also find the current version of this manual on the Internet pages o...

Page 5: ...a medium DOC_OSS S7CMCP_74 pdf DOC_OSS CP124x 7_76 pdf Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants solutions machines equipment and or networks They are important components in a holistic industrial security concept With this in mind Siemens products and solutions undergo continuous development Siemens ...

Page 6: ...vice Training Service Support You will find information on Training Service Support in the multi language document DC_support_99 pdf on the data medium supplied with the documentation Trademarks The following and possibly other names not identified by the registered trademark sign are registered trademarks of Siemens AG SIMATIC SIMATIC NET SIMATIC STEP 7 SCALANCE TeleControl Server Basic MODEM MD7...

Page 7: ...sioning 33 3 1 Important notes on using the device 33 3 1 1 Notices on use in hazardous areas 34 3 1 2 General notices on use in hazardous areas according to ATEX 35 3 1 3 Notices regarding use in hazardous areas according to UL HazLoc 35 3 2 Installing the CP and commissioning 36 4 Configuration and operation 41 4 1 Notes on operation 41 4 2 Configuration in STEP 7 41 4 3 Information required for...

Page 8: ...3 Ethernet interface X1 67 4 15 4 Partner stations 70 4 15 4 1 Partner stations Telecontrol server 70 4 15 4 2 Partner for inter station communication 72 4 15 5 Communication with the CPU 74 4 15 6 E mail configuration 75 4 15 7 Data point configuration 76 4 15 7 1 Data point name and data point index 76 4 15 7 2 Threshold value trigger and Analog value preprocessing 77 4 15 7 3 Threshold value tr...

Page 9: ...contents CP 1243 7 LTE Operating Instructions 01 2015 C79000 G8976 C381 01 9 A Dimension drawings 117 B Approvals 119 C Accessories 125 C 1 Antenna 125 C 2 TS Gateway 125 D Documentation references 129 Index 131 ...

Page 10: ...Table of contents CP 1243 7 LTE 10 Operating Instructions 01 2015 C79000 G8976 C381 01 ...

Page 11: ... fails the CP attempts to dial in to an available network with the next lower mobile wireless standard Fallback response of the CP 1243 7 LTE EU LTE UMTS GSM This is only possible if the corresponding mobile wireless standard is enabled in the configuration of the CP The CP allows the following types of WAN communication Communication from remote stations to the telecontrol server TCSB in the mast...

Page 12: ...ss data via mobile wireless networks with the following standards GPRS General Packet Radio Service EDGE The packet oriented services for data transmission GPRS EDGE are handled via the GSM network Note The CP is not suitable for GSM networks in which the code multiplex method Code Division Multiple Access CDMA is used UMTS Universal Mobile Telecommunications System HSPA High Speed Packet Access U...

Page 13: ...Messages Page 86 Inter station communication between S7 1200 stations via the telecontrol server In this application the CP establishes a connection to the telecontrol server via the mobile wireless network The telecontrol server forwards the messages to the destination station For this communications service the CP and TCSB use their own protocol on OSI layer 7 that among other things supports ce...

Page 14: ...the STEP 7 project to the station Querying diagnostics data on the station You will find application examples of the structure in the section Configuration examples Page 21 For more detailed information refer to section Calling a TeleService connection Page 55 1 3 Other services and properties Other services and properties Data point configuration Due to the data point configuration in STEP 7 prog...

Page 15: ...ccess to the Web server of the CPU With the aid of the Web server of the CPU you can read out module data from the station Data buffering Storage of event data If a connection fails the CP can buffer the data of events of different classes and transfer them bundled to the telecontrol server Data transfer is on request or triggered The telecontrol communication with TCSB is triggered in two ways Af...

Page 16: ...h telecontrol communication disabled HTTPS For secure access to the Web server of the CPU Note Plants with security requirements recommendation Use the following option If you have systems with high security requirements use the secure protocols NTP secure and HTTPS If you connect to public networks you should use the firewall Think about the services you want to allow access to the station via pu...

Page 17: ...s during configuration IPsec tunnels are created between all Security modules of a VPN group All internal nodes of these Security modules can communicate securely with each other through these tunnels Logging To allow monitoring events can be stored in log files that can be read out using the configuration tool or can be sent automatically to a Syslog server For information on configuring the Secu...

Page 18: ...ow the user data of a frame represent a consistent data area in terms of the time of transfer User data per frame with the various connection types For TCP connections Max 8192 bytes For ISO on TCP connections Max 1452 bytes For UDP connections Max 1472 bytes With frames of telecontrol communication the individual values of the data points are time stamped Number of PLC tags for data point configu...

Page 19: ...d up as follows Maximum 226 rules with individual addresses Maximum 30 rules with address ranges or network addresses e g 140 90 120 1 140 90 120 20 or 140 90 120 0 16 Maximum 128 rules with limitation of the transmission speed Bandwidth limitation 1 5 Requirements for operation Hardware requirements Apart from the CP in the remote S7 1200 the following hardware is also required A CPU with firmwar...

Page 20: ...use TeleService without a telecontrol server the TS Gateway software is required for the TeleService gateway The software and the manual describing it are on the DVD that ships with the CP For the documentation of the application see 4 Page 130 or 3 Page 130 in the References Requirements for using mobile wireless services A contract with a suitable mobile wireless network provider The contract mu...

Page 21: ...lt of an event For a description of the configuration refer to the sections Configuring data points and messages Page 47 and Messages Page 86 SMS messages that are sent or received due to calling the corresponding program blocks of Open User Communication You will find information on the blocks in the section Program blocks for OUC Page 91 you will find the description of the programming in the ST...

Page 22: ... event For a description of the configuration refer to the sections Configuring data points and messages Page 47 Messages Page 86 and E mail configuration Page 75 E mails sent as a result of calling the program block TMAIL_C You will find information on the blocks in the section Program blocks for OUC Page 91 you will find the description of the programming in the STEP 7 information system Telecon...

Page 23: ...ions equipped with a suitable telecontrol CP CP 1243 1 CP 1242 7 GPRS V2 CP 1243 7 LTE To allow inter station communication the telecontrol server forwards the messages of the sending station to the receiving station Direct communication between stations Figure 1 3 Direct communication between two S7 1200 stations In this configuration two SIMATIC S7 1200 stations communicate directly with each ot...

Page 24: ...ation and telecontrol server are connected via the Intranet LAN or Internet The telecontrol server and remote station are connected via the Internet and via the mobile wireless network The engineering station and telecontrol server can also be the same computer in other words STEP 7 and TCSB are installed on the same computer Figure 1 4 TeleService via the mobile wireless network in a configuratio...

Page 25: ...1 01 25 TeleService with TeleService gateway via LAN The connection between the engineering station and S7 station is via the TeleService gateway The engineering station is connected to the TeleService gateway via LAN Figure 1 5 TeleService via the mobile wireless network with TeleService gateway connection via LAN ...

Page 26: ...ervice with TeleService gateway via the Internet The connection between the engineering station and S7 station is via the TeleService gateway The engineering station is connected to the TeleService gateway via the Internet Figure 1 6 TeleService via the mobile wireless network with TeleService gateway connection via the Internet ...

Page 27: ...of the module housing The socket for the power supply is located on the top of the module The connector for the external antenna is located on the bottom of the module The compartment for inserting the SIM card is located behind the upper hinged cover of the module Opening the housing Open the upper or lower cover of the housing by pulling it down or up as shown in the illustration The covers exte...

Page 28: ... NETWORK Status of the connection to the mobile wireless network green CONNECT Status of the connection to the master station yellow green SIGNAL QUALITY Signal quality of the mobile wireless network green VPN Status of the VPN connection Note LED colors when the module starts up When the module starts up all its LEDs are lit for a short time Multicolored LEDs display a color mixture At this point...

Page 29: ...IM card flashing red Missing or incorrect PIN Connection to the mobile wireless network Existing connection to the service in the mobile wireless network No connection to the service in the mobile wireless network Connection to communications partners green Connection established to at least one part ner CPU in RUN green Connection established to at least one part ner CPU in STOP flashing green No...

Page 30: ...51 dBm Medium strength network 89 74 dBm Weak network 109 90 dBm No network 110 dBm flashing red Missing external power supply VPN connections VPN connection established No VPN connection established No VPN connection configured on the CP Loading firmware Loading firmware The DIAG LED flashes alternating red and green flashing green Firmware was successfully loaded flashing red Error loading firmw...

Page 31: ...rs 2 3 1 Power supply Power supply The 3 pin socket for the external 24 V DC power supply is located on the top of the module The matching plug ships with the product You will find the pin assignment of the socket in section Pin assignment of the socket for the external power supply Page 116 Figure 2 2 Socket for the 24 V DC power supply ...

Page 32: ...or communication in the mobile wireless network This is connected via the SMA socket of the CP The SMA socket is located behind the lower front cover of the CP You will find a suitable antenna for indoor and outdoor use in the section Accessories Page 125 More detailed information on the electrical connections For technical information on the electrical connections refer to the section Technical s...

Page 33: ...les or networks the coupling in of strong electromagnetic pulses onto the power supply cables is possible This can be caused for example by lightning strikes or switching of higher loads The connector of the external power supply is not protected from strong electromagnetic pulses To protect it an external overvoltage protection module is necessary The requirements of EN61000 4 5 surge immunity te...

Page 34: ...upply terminals The power supply unit for the equipment power supply must comply with NEC Class 2 as described by the National Electrical Code r ANSI NFPA 70 If the equipment is connected to a redundant power supply two separate power supplies both must meet these requirements WARNING EXPLOSION HAZARD DO NOT CONNECT OR DISCONNECT EQUIPMENT WHEN A FLAMMABLE OR COMBUSTIBLE ATMOSPHERE IS PRESENT WARN...

Page 35: ...ecautions must be taken If the equipment is operated in an air ambient in excess of 50 C only use cables with admitted maximum operating temperature of at least 80 C WARNING Take measures to prevent transient voltage surges of more than 40 of the rated voltage This is the case if you only operate devices with SELV safety extra low voltage 3 1 3 Notices regarding use in hazardous areas according to...

Page 36: ... the relevant sections in the system manual S7 1200 Programmable Controller refer to the documentation in the Appendix When installing and connecting up keep to the procedures described in the system manual S7 1200 Programmable Controller Configuration One requirement for the commissioning of the CP is the completeness of the STEP 7 project data see below You should also read the section Configura...

Page 37: ...CP Step Execution Notes and explanations 1 Turn off the power supply to the station 2 Release the slide for the SIM card on the bottom of the CP behind the lower cover by gently pressing the release pin 3 Remove the slide from the housing 4 Insert the SIM card in the slide as illustrated 5 Push the slide back into the housing where it locks gently in place 6 Turn on the power supply to the station...

Page 38: ...22 5 mm 16 analog I Os RTD 8 I Os 70 mm 35 mm Communications inter faces Examples CM 1241 RS232 CM 1241 RS485 30 mm 15 mm CM 1243 5 PROFIBUS master CM 1242 5 PROFIBUS slave 30 mm 15 mm CP 124x 7 30 mm 15 mm Width B The distance between the edge of the housing and the center of the hole in the DIN rail mounting clip DIN rail mounting clips All CPUs SMs CMs and CPs can be installed on the DIN rail i...

Page 39: ...nges depend on the position of the installed device You will find the permitted temperature ranges in the section General technical specifications Page 113 Installation of the rack Installation position of the CP Horizontal installation of the rack Vertical installation of the rack Note Connection with power off Only wire up the S7 1200 with the power turned off Note Power supply from the power ou...

Page 40: ... in the section Pin assignment of the socket for the external power supply Page 116 5 Connect the antenna to the SMA socket of the CP Lower surface of the CP Notice Protect the antenna connector using suitable overvoltage protection equipment if the antenna cable is long er than 30 m Protect the antenna connector with suitable lightning protection if you install the antenna outdoors If you install...

Page 41: ...d connections in an engineering station in SIMATIC STEP 7 You will find the required version in the section Requirements for operation Page 19 You can configure a maximum of three CMs CPs per station If you insert several CPs in an S7 1200 you can for example establish redundant communications paths Configuring communication with the CPU data point configuration CP communication is not programmed ...

Page 42: ...e data points and any messages e mail SMS Note Changing the project number or station number for the entire STEP 7 project If you change the project number or the station number in the CP identification parameter group for a telecontrol CP these parameters are changed for all CPs in the STEP 7 project 7 If required program the program blocks for S7 communication and Open User Communication 8 Save ...

Page 43: ...nter the PIN of the SIM card of the CP incorrectly during STEP 7 configuration and download the station the CP stores the wrong PIN An incorrectly entered PIN is transferred by the CP only once so that the SIM card is not locked If you change the PIN of the SIM card externally to the incorrectly configured PIN new PIN of the SIM card incorrectly entered PIN in STEP 7 the CP rejects this PIN again ...

Page 44: ...tner stations Telecontrol server Page 70 DNS server address es You require the DNS server address if you address the telecontrol server using a name that can be resolved by DNS and the DNS is not operated by the network provider You configure DNS in the parameter group DNS configuration If you do not specify an address the DNS server address is obtained automatically from the network provider reco...

Page 45: ...ameter group Project number Station number Password for authentication 4 4 Configuration of the TeleService access Configuration for using TeleService To meet the requirements for using the TeleService functions for the CP you need to make the necessary settings at the following points in STEP 7 Communication types parameter group of the CP Select the following options Enable telecontrol communica...

Page 46: ...ire the user name at the start of a TeleService session Authentication method Select the authentication method Password for this user Password Assign the password You require the password at the start of a TeleService session Note You specify the password properties of the security functions in the Password policies tab You enter the password on the engineering station when starting a TeleService ...

Page 47: ... for data point configuration can be created in the standard tag table or in a user defined tag table All PLC tags intended to be used for data point configuration must have the attribute Visible in HMI Address areas of the PLC tags are input output or bit memory areas on the CPU Note Number of PLC tags Remember the maximum possible number of PLC tags the can be used for data point configuration i...

Page 48: ...ectory of the relevant station Local modules CP 1200 Figure 4 1 Configuring data points and messages You will find more information on configuration in the following sections and in the STEP 7 information system 4 6 Datapoint types During the configuration of the user data to be transferred by the CP each data point is assigned a protocol specific data point type The data point types supported by ...

Page 49: ...g point number with sign 32 bits Analog input REAL Q M DB Analog output REAL Q M DB Floating point number with sign 64 bits Analog input LREAL Q M DB Analog output LREAL Q M DB Block of data 1 64 bytes Data ARRAY 1 DB Data ARRAY 1 DB 1 For the possible formats of the ARRAY data type refer to the following section Block of data ARRAY With the ARRAY data type contiguous memory areas up to a size of ...

Page 50: ... priority are read in every scan cycle Low priority read jobs Some of the values of input data points with the scan priority Low priority are read in every scan cycle The number of values read per cycle is specified for the CP in the Communication with the CPU parameter group with the Max number of read jobs parameter The values that exceed this value and can therefore not be read in one cycle are...

Page 51: ...mong all configured and enabled communications partners For information on the configuration refer to the parameter Frame memory size in the section Communication with the CPU Page 74 If the connection to a communications partner is interrupted the individual values of the events are stored in the RAM of the CP When the connection returns the buffered values are sent The frame memory operates chro...

Page 52: ... on a status change With data points that are configured as an event the change to the status bit leads to an event being generated refer also to the section Status IDs of data points Page 54 Example When the value of a data point configured as an event is updated during startup of the station by reading the CPU data for the first time the status RESTART of this data point changes bit status chang...

Page 53: ...t is set by the user program When necessary a separate trigger tag can be configured for each data point Resetting the trigger tag in the bit memory area DB If the memory area of the trigger tag is in the bit memory or in a data block the trigger tag is reset to zero when the data point value is transferred You specify whether the value of a data point is transferred to the communications partner ...

Page 54: ... value Val ue range exceeded Value not updated after start Value is invalid Bit status always 0 1 1 1 1 1 1 1 4 10 Connection establishment Connection establishment Connection to the telecontrol server The connection to the telecontrol server is always established by the CP If a connection established by the CP is interrupted the CP automatically attempts to re establish the connection Note the se...

Page 55: ...ated by status displays of the program blocks With TCP segments the protocol specific acknowledgement mechanisms are used 4 12 Calling a TeleService connection Requirement for the engineering station and the STEP 7 project The STEP 7 project with the CP is stored on the engineering station The required configuration steps have been performed see section Configuration of the TeleService access Page...

Page 56: ...e data for the TeleService user that you configured in STEP 7 in the global Security settings see also section Configuration of the TeleService access Page 45 Requirements in the security configuration of the CP For the remote station TeleService can only be used if the engineering station with CP 1628 or via SCALANCE S and the CP are configured in a common VPN group For TeleService you need to en...

Page 57: ... 7 project 2 Select the Online Online Diagnostics menu The Online access dialog opens 3 Choose the entry TeleService via mobile wireless in the Type of interface drop down list 4 Choose the entry Mobile wireless TeleService board in the PG PC interface drop down list 5 Click on the icon next to the PG PC interface drop down list The Establish remote connection dialog box opens 6 Make the necessary...

Page 58: ... that is embedded in a neighboring assigned network VPN uses the usual addressing mechanisms of the assigned network however in terms of the data it transports its own frames and therefore operates independent of the rest of this network VPN allows communication of the VPN partners in the subnet with the assigned network VPN is based on tunnel technology and can be individually configured Communic...

Page 59: ...ncoming connections make sure that the CP is assigned a fixed public IP address by the mobile wireless network provider You must also make sure that apart from this IP address the ports required for VPN are reachable from the Internet 4 13 1 3 Creating a VPN tunnel for S7 communication between stations Requirements To allow a VPN tunnel to be created for S7 communication between two S7 stations or...

Page 60: ...al security settings of the CP click the User login button Result A new window opens 2 Enter the user name password and confirmation of the password 3 Click the Logon button You have created a new security user The security functions are now available to you With all further logons log on as user Select the Activate security features check box After logging on you need to select the Activate secur...

Page 61: ...the secure communication will work Following connection establishment the CP synchronizes its time of day with the PC because the telecontrol server is the time master if telecontrol communication is enabled Configure the properties of the VPN group 1 Double click on the newly created VPN group Result The properties of the VPN group are displayed under Authentication 2 Enter a name for the VPN gro...

Page 62: ...al node Use the procedure for disabling the node as explained below only if the described problem occurs Disable the node in the SOFTNET Security Client tunnel overview 1 Disable the option Enable active learning check box The lower level node initially disappears from the tunnel list 2 In the tunnel list select the required connection to the CP 3 With the right mouse button select Enable all memb...

Page 63: ...ng frames Each incoming or outgoing frame initially runs through the MAC firewall layer 2 If the frame is discarded at this level it will not be checked by the IP firewall layer 3 This means that with suitable MAC firewall rules IP communication can be restricted or blocked 4 13 2 2 Notation for the source IP address advanced firewall mode If you specify an address range for the source IP address ...

Page 64: ...Procedure for time of day synchronization With applications that require time of day synchronization e g telecontrol you need to synchronize the time of day of the CP regularly If you do not synchronize the time of day of the CP regularly there may be deviations of several seconds per day in the time information of the CP The CP supports the two methods of time of day synchronization Time from par...

Page 65: ...For more information on configuration refer to the STEP 7 online help of the Time synchronization parameter group NTP secure with security functions enabled If you use Security functions a valid time of day is extremely important It is recommended to use the NTP secure method The secure method NTP secure uses authentication with symmetrical keys according to the hash algorithms MD5 or SHA 1 You ca...

Page 66: ...ion should be enabled Communication types parameter group Enable telecontrol communication Enables communication with a Telecontrol server on the CP Note To enable telecontrol communication the Security functions must also be enabled Activate online functions Enables access to the CPU for the online functions via the CP diagnostics loading project data etc If the function is enabled the engineerin...

Page 67: ... networks parameter group In this parameter group you specify the dial in behavior of the CP into various mobile wireless networks Teleservice settings parameter group In this parameter group you specify the connection parameters for the TeleService server s 4 15 3 Ethernet interface X1 The Ethernet interface The CP does not have a physical Ethernet interface In STEP 7 the Ethernet interface is us...

Page 68: ...eply from the communications partner within the keepalive monitoring time If the CP does not receive a reply within the configured time it terminates the connection The monitoring time is configured for the Ethernet interface as the default for all TCP connections The default value can be adapted individually for each connection in Partner stations Ethernet interface X1 Advanced options Transfer s...

Page 69: ...eceived from the partner when the connection monitoring time elapses the frame is repeated up to three times After three unsuccessful attempts the connection is terminated and re established Watchdog cycle Interval at which a watchdog frame is sent to the telecontrol server if there is no productive data exchange Watchdog monitoring time After sending a watchdog frame an answer is expected from th...

Page 70: ...an be reached from the Internet Set the port forwarding on the DSL router so that the public IP address external network is led to the virtual IP address of the TCSB server PCs internal network The station does not therefore receive any information telling it which of the two computers of the redundancy group it is connected to Connection monitoring When the function is enabled the connection to t...

Page 71: ...ime the CP sends a keepalive to the telecontrol server Permitted range 0 to 65535 s Default 180 s If you enter 0 zero the function is disabled TCP keepalive monitoring time If the value configured here differs from the value configured in the Ethernet interface parameter group the monitoring time of the Partner stations parameter group is used After sending a keepalive the CP expects a reply from ...

Page 72: ...the program 4 15 4 2 Partner for inter station communication Inter station communication In this table you specify the communications partners of the CP for inter station communication The communications partner is a CP in the partner S7 station Connections for inter station communication run via the telecontrol server Note the special features when configuring the data points for inter station co...

Page 73: ...me memory of the CP if the connection is disturbed Note that the capacity of the frame memory is shared by all communications partners If the option is disabled even frames for events are only stored in the image memory of the CP in other words if there are problems on the connection older values are overwritten by new values Access ID The access ID of the partner CP is displayed here The Access I...

Page 74: ...he user program of the CPU sets the PLC tag Diagnostics trigger tag BOOL to 1 the CP updates the values of the configured PLC tags for advanced diagnostics After writing the current values to the PLC tags for advanced diagnostics the CP sets the Diagnostics trigger tag to 0 signaling the CPU that the updated values can be read from the PLC tags Reading out the following diagnostics data can be ena...

Page 75: ... which the CP was last unable to log in to the telecontrol server 4 15 6 E mail configuration Configuring e mails in STEP 7 In the E mail configuration entry you configure the protocol to be used and the data for access to the e mail server in STEP 7 In the message editor Messages entry in STEP 7 you configure the individual e mails see section Messages Page 86 E mail configuration With the defaul...

Page 76: ...rtificates and root certification authorities tab 4 Select any row in the table Trusted certificates and root certification authorities 5 Select the Import entry in the shortcut menu 6 In the dialog that follows select the required certificate 4 15 7 Data point configuration 4 15 7 1 Data point name and data point index Character set for data point names When a data point is created the name of th...

Page 77: ...ntical for the sending and receiving CP see also section Partner stations Configuring the inter station communication Page 85 4 15 7 2 Threshold value trigger and Analog value preprocessing Sequence of processing Threshold value trigger and Analog value preprocessing Note Threshold value trigger Calculation only after Analog value preprocessing Note that the analog value preprocessing is performed...

Page 78: ...s are met 4 15 7 3 Threshold value trigger The CP calculates the value for the threshold value trigger after the analog value preprocessing refer to the section Analog value preprocessing Page 79 Threshold value trigger How the integrattion calculation works To calculate the threshold value trigger the integration method is used In the integration threshold value calculation it is not the absolute...

Page 79: ... 0 6 1 1 5 5 20 1 0 4 1 5 6 0 19 9 19 9 0 6 2 1 In this example a value of 2 0 was configured for the threshold value trigger With the changes in the process value shown in the example the threshold value trigger fires twice if the value 2 0 is reached At the time 3 5 s The value of the integrated deviation is at 2 0 The new process value stored in the send buffer is 20 5 At the time 6 0 s The val...

Page 80: ...n value generation is configured If mean value generation is configured no threshold value trigger can be configured for the analog value event involved Analog inputs that are configured as an event are processed on the CP in the following sequence Sequence of analog value processing 1 Reading the data from the input area of the CPU 2 Analog value preprocessing part 1 Processing involves the follo...

Page 81: ... also be calculated if the transmission of the analog value message is triggered by a request from the communications partner The duration of the mean value calculation period is then the time from the last transmission for example triggered by the trigger to the time of the request Once again the accumulation restarts so that the next mean value can be calculated Overflow range underflow range Ac...

Page 82: ...flow range is only sent after the fault suppression time has elapsed if it is still pending If the value returns to the measuring range before the fault suppression time elapses the current value is transferred immediately A typical use case for this parameter is the suppression of peak current values when starting up powerful motors that would otherwise be signaled to the control center as a disr...

Page 83: ... points Page 54 The OVER_RANGE bit of the status identifier of the data point is set as follows when the relevant analog value is transferred Limit value high If the limit value is exceeded OVER_RANGE 1 If the value falls below the limit value OVER_RANGE 0 Limit value low If the value falls below the limit value OVER_RANGE 1 If the value then exceeds the limit value OVER_RANGE 0 Requirements for t...

Page 84: ...polar life zero 1 4864 1 318729855 FFFF ED00 0 001 3 518 3 999 1 185 0 004 17 59 Underrange bipolar 27649 32512 1812067105 2130769779 93FF 8100 20 001 23 516 100 004 117 593 Undershoot wire break 32768 2147483648 8000 3 518 1 185 17 593 The raw values of the measured values relate to the values of 16 bit or 32 bit PLC tags Note Evaluation of the value even when the option is disabled If you enable...

Page 85: ...er and a CP in an S7 station cannot be selected as the partner at the same time Partner number for inter station communication Specify the partner CP for inter station communication for this data point by selecting the partner number from the drop down list The partners you specified in the table of the Partner stations Partner for inter station communication can be selected The access ID of the r...

Page 86: ...an be a PC with an Internet connection or an S7 1200 You configure the e mails in STEP 7 in the data point and message configuration You can find this using the project tree Project directory of the relevant station Local modules CP For the view in STEP 7 refer to the section Configuring data points and messages Page 47 Triggering sending of messages One of the following events triggers sending of...

Page 87: ...ient Text of the message optionally with the value of a PLC tag In the text of every message you can not only transfer the configured text but also the value of a PLC tag To do this enter as a placeholder for the value to be sent in the message text For the configuration refer to the next section Include value Enable status identifier External status If this option is enabled in STEP 7 a status is...

Page 88: ...failed Cause There was not enough memory space for sending 8412 The configured DNS server could not resolve specified domain name 8413 Due to an internal error in the DNS subsystem the domain name could not be resolved 8414 An empty character string was specified as the domain name 8415 An internal error occurred in the cURL module Execution was aborted 8416 An internal error occurred in the SMTP ...

Page 89: ...r Cc 8554 Transfer failed 85xx Other error message from the e mail server Apart from the leading 8 the status corresponds to the three digit error number of the SMTP protocol Include value If you enable the option Include value the CP sends a value for the placeholder from the memory area of the CPU in the message To do this you configure a PLC tag whose value is integrated in the message The valu...

Page 90: ...Configuration and operation 4 16 Access to the Web server CP 1243 7 LTE 90 Operating Instructions 01 2015 C79000 G8976 C381 01 ...

Page 91: ... assigned by the mobile wireless network provider Note Different program block versions Note that in STEP 7 you cannot use different versions of a program block in a station Supported program blocks for OUC The following instructions in the specified minimum version are available for programming Open User Communication TSEND_C V3 0 TRCV_C V3 0 Compact blocks for connection establishment terminatio...

Page 92: ...communication between two S7 1200 stations TCON_Phone For transferring SMS messages TMail_V4 For transferring e mails addressing the e mail server using an IPv4 address TMail_V6 For transferring e mails addressing the e mail server using an IPv6 address You will find the description of the SDTs with their parameters in the STEP 7 information system under the relevant name You will find notes on pr...

Page 93: ...gram a phone number in the PhoneNumber parameter of the TCON_PHONE system data type the CP cannot receive any SMS messages Receiving SMS messages from several partners As an alternative you can create a separate block set for each partner as described above for 1 partner or a single block set with the following special feature in the TCON_PHONE block If you enter an asterisk after the phone number...

Page 94: ...sender String 160 String of 160 bytes for the message text The SMS message text can contain max 160 characters Byte Status of the SMS message 0 Invalid 1 Unread 2 Read Storing the last 10 received SMS messages You can output up to 10 received SMS messages from the receive block by making the entry SMSSTORE for the PhoneNumber parameter of TCON_PHONE In this case you need to create an adequately la...

Page 95: ...haracter set for the SMS text The CP supports the following ASCII character set hexadecimal value and character name for SMS message texts 0x0A LF line feed 0x0D CR carriage return 0x20 Space 0x21 0x5A 0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0x5F 0x61 0x7A a b c d e f g h i j k l m n o p q r s t u v w x y z ...

Page 96: ... the memory area with the configuration data The configuration data is stored in a data block DB The DB cannot be created with optimized block access The structure of the DB is specified by the system data type SDT IF_CONF The configuration data to be modified on the CP is put together as necessary in blocks in IF_CONF IF_CONF_ for the individual parameters Parameters that are not intended to chan...

Page 97: ...guration data Reference to the memory area with the collected configuration data to be modi fied ENO OUTPUT BOOL 0 Error 1 Error free Enable output If there is a runtime error with the instruc tion ENO 0 is set BUSY OUTPUT BOOL 0 Execution of the instruction not yet started completed or aborted 1 The instruction is executing Condition code of the execution status of the block DONE OUTPUT BOOL 0 1 ...

Page 98: ...ased on DONE ERROR and STATUS that must be evaluated by the user program DONE ERROR STATUS Meaning 1 0 0000H Job executed without errors 0 0 7000H No job processing active first block call 0 0 7001H Job processing started first block call 0 0 7002H Job processing already active renewed block call when BUSY 1 0 1 80E6H No query in progress block call not started 0 1 80EBH Query temporarily rejected...

Page 99: ... 7 project Creating the DB and the IF_CONF structures You can create the parameters of the CP within the IF_CONF DB in one or more structures each with one or more fields You will need to type in the data types of the fields using the keyboard They are not displayed in the selection list The data types are not case sensitive Follow the steps below to create IF_CONF 1 Create a data block of the typ...

Page 100: ...eral parameters Id This parameter identifies the field and must not be modified Length This parameter indicates the length of the field The value serves as information Fields with strings and or arrays have a variable length Due to hidden bytes the actual length of fields can be greater than the sum of the displayed parameters Mode The following values are permitted to these parameters Table 5 2 V...

Page 101: ...dity 1 2 see above general parameters AccesspointGPRS STRING 98 APN Name of the access point from the mobile wireless network to the Internet AccesspointUser STRING 42 APN user name AccesspointPassword STRING 22 APN password CP identification In STEP 7 the corresponding data is located in the Security parameter area Table 5 4 IF_CONF_Login Parameter Data type Initial value Description Id UINT 5 ID...

Page 102: ... parameters TcsName reserved STRING 254 Name of the telecontrol server that can be resolved by DNS or IP address as string RemotePort UINT Port of the telecontrol server Rank UINT Priority of the server 1 2 1 first telecontrol server 2 second telecontrol server second server not relevant SMSC In STEP 7 the corresponding data can be found in the parameter area Mobile wireless communications setting...

Page 103: ...in STRING 8 PIN of the SIM card inserted in the SIM card The parameter is not relevant if the PIN was correctly configured If the PIN was incorrectly configured the correct PIN can be entered Authorized phone number In STEP 7 the corresponding data is located in the Security parameter area Table 5 8 IF_CONF_WakeupList Parameter Data type Initial value Description Id UINT 13 ID of the parameter fie...

Page 104: ...h highest priority no 5 with lowest priority Entry of the Public Land Mobile Network PLMN of the network provider consisting of Mobile Country Code MCC and Mobile Network Code MNC Example test network of Siemens AG 26276 TeleService access DNS name IP address of the server Access data of the TeleService server switching station In STEP 7 the corresponding data is located in the Mobile wireless com...

Page 105: ...or window Here you can obtain the following information on the selected module Entries in the diagnostics buffer of the CPU Information on the online status of the module STEP 7 Diagnostics functions via the Online Online and diagnostics menu On the diagnostics pages you can obtain static information on the selected module General information on the module General information on the module Diagnos...

Page 106: ... Time Information on the time on the device Diagnostics options via the Web server of the CPU You will find details on the diagnostics options of the Web server in the S7 1200 system manual see 1 Page 129 Diagnostics SMS message The CP sends a diagnostics SMS message to a telephone with an authorized call number if it receives an SMS message with the following text from this telephone CPDIAG The d...

Page 107: ...e connection to the telecontrol server If the data to be sent exceeds the default size of an SMS message several SMS messages are sent Diagnostics options of the telecontrol server For telecontrol communication TCSB provides several diagnostics options that you should use if problems occur during productive operation If there are connection problems between the station and telecontrol server you c...

Page 108: ...he Web server of the CPU as of CPU firmware version V4 0 You can recognize that firmware is being loaded by the flashing LEDs of the CP see section LEDs Page 28 The last two methods are described below Loading the firmware with the online functions of STEP 7 via a WAN Requirements The CP can be reached using its IP address The engineering station and the CP are located in the same subnet The new f...

Page 109: ...hether you have enabled or disabled the Allow access only using HTTPS option in the General parameter group Connection establishment with HTTP Procedure if the Allow access only using HTTPS option is disabled Connection establishment with HTTPS Procedure if the Allow access only using HTTPS option is enabled These two variants are described in the following sections Requirement The new firmware fi...

Page 110: ... can log in with the Web server without downloading the certificate using HTTP Connection establishment with HTTPS 1 Connect the PC on which the new firmware file is located to the CPU via the Ethernet interface 2 Enter the address of the CPU in the address box of your Web browser https IP address 3 Press the Enter key The start page of the Web server opens 4 Continue as described in the following...

Page 111: ...n installing and connecting up keep to the procedures described in the system manual S7 1200 Programmable Controller Make sure that the power supply is turned off when installing uninstalling the devices The STEP 7 project data of the CP is stored on the local CPU If there is a fault on the device this allows simple replacement of this communications module without needing to load the project data...

Page 112: ...Diagnostics and upkeep 6 3 Module replacement CP 1243 7 LTE 112 Operating Instructions 01 2015 C79000 G8976 C381 01 ...

Page 113: ...terminals Cable cross section Minimum Maximum 0 14 mm2 AWG 25 1 5 mm2 AWG 15 Max tightening torque of the screw terminals 0 45 Nm 4 lb in Electrical isolation Power supply unit to internal circuit 710 VDC for 1 minute Current consumption typical From 24 VDC external 75 mA From the S7 1200 backplane bus 100 mA Effective power loss typical From 24 VDC external 1 8 W From the S7 1200 backplane bus 0 ...

Page 114: ...Design dimensions and weight Module format Compact module for S7 1200 single width Degree of protection IP20 Weight Net weight Weight including packaging 133 g 170 g Dimensions W x H x D 30 x 100 x 75 mm Installation options 35 mm DIN rail Switch panel You will find additional functions and performance data in the section Application and properties Page 11 ...

Page 115: ...rface Maximum transmit power in the service used LTE FDD B3 B4 B7 B13 B20 23 dBm Class 3 WCDMA FDD B1 B2 B5 B8 24 dBm Class 3 EDGE 1800 1900 MHz 26 dBm Class E2 EDGE 850 900 MHz 27 dBm Class E2 DCS 1800 PCS 1900 30 dBm Class 1 GSM 850 950 33 dBm Class 4 LTE Transmission speed maximum Downlink 100 Mbps Uplink 50 Mbps HSPA Transmission speed maximum Downlink HSDPA 42 Mbps Uplink HSUPA 5 76 Mbps EDGE...

Page 116: ...uctions 01 2015 C79000 G8976 C381 01 7 3 Pin assignment of the socket for the external power supply Figure 7 1 Socket for the external 24 VDC power supply view from above Table 7 3 Pin assignment of the socket for the external power supply Pin Labeling Function 1 L 24 VDC 2 M Ground reference for 24 VDC 3 Ground connector ...

Page 117: ...CP 1243 7 LTE Operating Instructions 01 2015 C79000 G8976 C381 01 117 Dimension drawings A Note All dimensions in the drawings of the CP are in millimeters Figure A 1 Front view ...

Page 118: ...Dimension drawings CP 1243 7 LTE 118 Operating Instructions 01 2015 C79000 G8976 C381 01 Figure A 2 Side view left Figure A 3 From above ...

Page 119: ...uncil of 23 March 1994 on the approximation of the laws of the Member States concerning equipment and protective systems intended for use in potentially explosive atmospheres 1999 5 EC R TTE Directive of the European Parliament and of the Council of 9 March 1999 on Radio Equipment and Telecommunications Terminal Equipment and the mutual recognition of their conformity 2011 65 EU RoHS Directive of ...

Page 120: ...protection by type of protection n ATEX The CP meets the requirements of the EC directive 94 9 EC Equipment and Protective Devices for Use in Potentially Explosive Atmospheres Applied standards EN 60079 0 Hazardous areas Part 0 Equipment General requirements EN 60079 15 Explosive atmospheres Part 15 Equipment protection by type of protection n ATEX approval II 3 G Ex nA II T4 Test number KEMA 10 A...

Page 121: ...vices Part 1 Common technical requirements ETSI EN 301 489 3 V1 6 1 Electromagnetic compatibility and radio spectrum matters ERM Electromagnetic compatibility EMC for radio equipment and services Part 3 Specific conditions for wireless devices with a low range SRD for use on frequencies between 9 kHz and 246 GHz ETSI EN 301 489 7 V1 3 1 Electromagnetic compatibility and radio spectrum matters ERM ...

Page 122: ...io equipment to be used in the 1 GHz to 40 GHz frequency range Part 2 Harmonized standard covering the essential requirements of article 3 2 of the R TTE directive ETSI EN 301 511 V9 0 2 Global system for mobile communication GSM Harmonized standard for mobile phones in the GSM 900 and GSM 1800 bands covering essential requirements of article 3 2 of the R TTE directive ETSI EN 301 908 1 V6 2 1 IMT...

Page 123: ...zardous Location CSA C22 2 No 213 Hazardous Location APPROVED for Use in Cl 1 Div 2 GP A B C D T4A Ta 20 C 60 C Cl 1 Zone 2 GP IIC T4 Ta 20 C 60 C FM Factory Mutual Research FM Approval Standard Class number 3600 and 3611 Approved for use in Class I Division 2 Group A B C D Temperature Class T4A Ta 60 C Class I Zone 2 Group IIC Temperature Class T4 Ta 60 C C Tick The CP meets the requirements of t...

Page 124: ...r check the Internet pages of Siemens Industry Online Support 102255422 http support automation siemens com WW view en 102255422 Under this entry go to the relevant product and select the following settings Entry list tab entry type Certificates Overview of the approvals for SIMATIC NET products You will find an overview of the approvals for SIMATIC NET products including approvals for shipbuildin...

Page 125: ...orks 2G and UMTS networks 3G weatherproof for indoor and outdoor areas 5 m connecting cable connected permanently to the antenna SMA connector including installation bracket screws wall plugs You will find detailed information in the documentation of the device You will find this on the Internet on the pages of Siemens Industry Online Support under the following entry ID 23119005 http support auto...

Page 126: ...provider Configuration of the SMS gateway provider With the help of TS Gateway SMS gateway providers are configured that are necessary for the sending of SMS messages to the remote S7 stations Note TS Gateway only for TeleService TS Gateway is used only for the TeleService function via the mobile wireless network No connections to the remote stations can be monitored and no process data can be tra...

Page 127: ...ring station connected to a LAN or with Internet access TeleService using mobile wireless is possible on an engineering station with the STEP 7 project that contains the remote station with the mobile wireless CP STEP 7 version required for TeleService via the mobile wireless network V13 SP1 SIMATIC S7 1200 CPU with firmware version as of V4 1 Mobile wireless CP with firmware version as described ...

Page 128: ...Accessories C 2 TS Gateway CP 1243 7 LTE 128 Operating Instructions 01 2015 C79000 G8976 C381 01 ...

Page 129: ... http support automation siemens com WW view en Enter the entry ID of the relevant manual as the search item The ID is listed below some of the reference entries in brackets As an alternative you will find the SIMATIC NET documentation on the pages of Product Support 10805878 http support automation siemens com WW view en 10805878 Go to the required product group and make the following settings En...

Page 130: ...eway Version V3 Operating Instructions Siemens AG entry ID 107535103 http support automation siemens com WW view en 107535103 4 SIMATIC NET TeleControl Server Basic Version V3 Operating Instructions Siemens AG entry ID 46635999 http support automation siemens com WW view en 46635999 5 SIMATIC NET Industrial Ethernet Security Basics and Application configuration manual Siemens AG Entry ID 18701555 ...

Page 131: ...ed image mode 51 Frame memory 18 51 G Gateway 63 Glossary 5 H Hardware product version 3 I Image memory 51 IMEI 3 Importing a certificate e mail 76 Inserting removing a SIM card 36 Instructions OUC 91 Inter station communication 13 22 Inter station communication configuration 72 IP address fixed 59 IP configuration 14 M Messages 86 N NTP 64 NTP secure 65 IPsec tunnel O Online functions 66 OPC conf...

Page 132: ...telecontrol communication 86 Number of messages 19 Programming OUC 91 SMTPS 75 SSL TLS 75 STARTTLS 75 Status IDs data points 52 STEP 7 version 20 T TCSB 4 TeleService gateway 19 TeleService via mobile wireless 14 Threshold value trigger 78 Time stamp 18 49 Time of day synchronization 15 Training 6 Transmission mode 53 Trigger tag resetting 53 86 TS Gateway 19 127 U Unsolicited 53 User data 18 V VP...

Reviews:

No comments