Configuration
4.1 Security recommendations
CP 154xSP-1
52
Operating Instructions, 12/2019, C79000-G8976-C426-05
Table 4- 1
Server ports (all three CP types)
Protocol / function
Port number (pro-
tocol)
Default of the
port
Port status
Authentication
DHCP
68 (UDP)
Closed
Open after configuration (while the
CP obtains a new address)
No
S7 and online con-
nections
102 (TCP)
Closed
Open after configuration *
No
HTTP
80 (TCP)
Closed
Open after configuration
Yes
HTTPS
443 (TCP)
Closed
Open after configuration
Yes
SNMP
161 (UDP)
Open
Open after configuration
Yes (with SNMPv3)
* Some service providers consider the opening of port 102 a security vulnerability.
To avoid opening the port during online diagnostics, see section Online security diagnostics
via port 8448 (CP 1542SP-1 IRC, CP 1543SP-1) (Page 90).
Table 4- 2
Server ports - only CP 1542SP-1 IRC and CP 1543SP-1
Protocol / function
Port number (pro-
tocol)
Default of the
port
Port status
Authentication
Online diagnostics
102 (TCP)
Closed
Open after configuration
No
Communication via
SINEMA RC
443 (TCP)
Closed
Open after configuration
Yes
Syslog
514 (UDP)
Closed
Open after configuration
No
Table 4- 3
Server ports - only CP 1542SP-1 IRC
Protocol / function
Port number (pro-
tocol)
Default of the
port
Port status
Authentication
DNP3
20000 (TCP/UDP)
can be set
Closed
Open after configuration
Yes, when Secure
Authentication is ena-
bled.
IEC 60870-5-104
2404 (TCP)
can be set
Closed
Open after configuration
No