TAPKO MECip-Sec Product Description Download

Page: 1 / 50

MECip

SECURE

MECip-Sec

KNX IP Secure Router

Technical & Application Description

Summary of Contents for MECip-Sec

Page 1: ...MECip SECURE MECip Sec KNX IP Secure Router Technical Application Description...

Page 2: ...t written approval it may not be reproduced or commercialized distributed or presented to other individuals for commercial purpose Details and information contained within may be subject to change wit...

Page 3: ...ice Certificate 12 1 8 Feature Summary 13 2 KNXnet IP 14 2 1 IP Secure Tunneling 14 2 2 IP Secure Routing 14 2 3 IP Firmware Update 14 3 KNX Secure 15 4 Operational Description 16 4 1 IP Secure Router...

Page 4: ...nd 31 6 1 Protection of the MECip Sec Web Front end 31 6 2 Accessing the MECip Sec Web Front end 32 6 2 1 via Windows Explorer 32 6 2 2 via IP Address 33 6 2 3 via MAC Address 34 6 3 Device Info 35 6...

Page 5: ...s firmware via IP With using this web front end it s easy to identify MECip Sec in an installation by remotely switching on the Programming LED For reasons of protection the web frontend can be deacti...

Page 6: ...ors State IP Main line Ethernet Connector Bus State KNX TP Subline Function Button Telegram Traffic IP Main line Programming Button Telegram Traffic KNX TP Subline KNX TP Connector Group Address Routi...

Page 7: ...Traffic IP Main line blinking green Telegram traffic extent indicated by blinking off No telegram traffic Telegram Traffic KNX TP Subline blinking green Telegram traffic extent indicated by blinking b...

Page 8: ...ge red filter route all block all Individual Address Routing Table 4 LED Status Display for Factory Reset after first Function Button Press Number LED Color Comment State IP orange lights red if not c...

Page 9: ...mmissioning requires the Device Certificate Activation of Secure Commissioning requires a minimum ETS version see also Security functions Figure 2 Connection Scheme To start a secured configuration do...

Page 10: ...e Certificate Device Certificates can only be added to a password protected ETS project When no project password is set Secure Commissioning cannot be activated ETS projects with having Secure Commiss...

Page 11: ...upply The device may only be installed and put into operation by a qualified electrician or authorized person For planning and construction of electric installations the appropriate specifications gui...

Page 12: ...ces that are used within the ETS project ETS then automatically uses the correct certificates for programming the relevant devices For clear identification of the device after removing the tear off pa...

Page 13: ...mes available Settings to increase data throughput and decrease high bus traffic are featured IACK sending on sent out messages is configurable Repetition is configurable for both Physical Telegrams a...

Page 14: ...nnections become secured This means the data communication of every channel is encrypted and the possibility is offered to protect the single channels by passwords 2 2 IP Secure Routing Regarding KNX...

Page 15: ...ecure couplers in secure mode and plain KNX IP Secure couplers cannot be configured when IP Backbone Security is on Encrypted KNX telegrams that are processed by secured devices can be distinguished b...

Page 16: ...not When MECip Sec receives telegrams that use group addresses as destination only the telegrams whose group addresses are entered in the filter table are routed If a telegram is routed by MECip Sec...

Page 17: ...have the same IP multicast address Multicast IP address 224 0 23 12 may need to be changed in respect of the network type and of the network components settings It is recommended to change this addre...

Page 18: ...absolutely mandatory to guarantee proper functioning In a KNX system with MECip Sec backbone couplers and MECtp Sec line couplers it is necessary to ensure that every MECip Sec has an address assigne...

Page 19: ...taking a webcam picture of the QR code that is additionally contained on the tear off part of the Device Certificate side label Figure 6 Tear off Part of the Device Certificate Side Label After openin...

Page 20: ...Operational Description MECip SECURE 20 Figure 8 Adding Device Certificate...

Page 21: ...hes Programming Mode on and off LED 7 lighting red indicates Programming Mode is on Once the download is started in ETS the Programming Button has to be pressed After that the new Individual Address b...

Page 22: ...toIP the Obtain an IP address automatically option must be set For more details and information about configuring IP networks please ask your local network administrator Figure 10 Automatic IP Address...

Page 23: ...used as ETS Current Interface and its IP address is changed by a configuration download ETS tries to maintain the connection to the Current Interface having the previous IP address To be more exact t...

Page 24: ...ction and set the Switch off time use the parameter tab General like shown in chapter 5 1 General After switching back from Manual Function to normal operation the latest downloaded filter parameter s...

Page 25: ...st update button in the web front end MECip Sec switches to its boot mode see chapter 6 5 Firmware Update and Status update authorized is indicated Figure 13 Authorized Update Request Table 8 Activati...

Page 26: ...Group telegrams pass all telegrams Configuration setting for telegram routing when the Manual Function is active Switch off time for Manual Function 10 min 1 hour 4 hours 8 hours 1 hour After expiry o...

Page 27: ...ering and route all telegrams are transmitted To set telegram routing different as available here use configure Group telegrams Main group 0 13 transmit all not recommended block filter filter Filteri...

Page 28: ...Routing of Physical Telegrams and Group Telegrams can be set to block no routing filter telegrams are routed according to filtering and route all telegrams are transmitted To set telegram routing diff...

Page 29: ...er subline transmission error e g due to missing receiver Group telegrams can be not repeated be repeated only once or be repeated for max 3 times Telegram confirmation on subline if routed always if...

Page 30: ...dow must be used A click on the Tunneling Channel opens the channel s Properties window for configuring Then up to four Individual Addresses of the subline can be set Figure 17 Configuring of IP Secur...

Page 31: ...ttings To raise protection for an installation the web front end availability is configurable The highest degree is reached when not available is set for normal runtime operation To use the remote fun...

Page 32: ...owser the correct HTTP port must be used Factory default HTTP port is 8080 6 2 1 via Windows Explorer When the web front end is set to be available MECip Sec appears in the local network window due to...

Page 33: ...set IP configuration HTTP port IP address and DHCP in the URL bar has to be entered without brackets http IP address HTTP port Example1 DHCP is not used With the latest ETS download the IP address was...

Page 34: ...ce in the Windows explorer Due to name resolution it is mandatory to establish communication by Host name Hereby activation of NetBIOS is necessary Use the MAC address AA BB CC XX YY ZZ and the pre se...

Page 35: ...vice Info After accessing the web front end the Device Info tab appears General information about actual device state current settings device parameters like addresses names etc and software versions...

Page 36: ...is additionally visible The red curve shows the maximum busload on TP and the green one shows the average busload on TP Figure 24 KNX Tab For showing the busload diagram the web browser must support S...

Page 37: ...must be made sure the new assigned addresses have not been existing in the project before or in the installation When Security is active it is highly recommended not to press the Set button and to ass...

Page 38: ...b front end instructions from step 3 to step 5 must be followed refresh request update To exit boot mode it is necessary to enter the Update tab of the web front end Then either the firmware update ha...

Page 39: ...en the request update button appears it has to be pressed to select the update file and enter boot mode Figure 28 Request Update Step 5 The update file can be selected and be uploaded by a click on Up...

Page 40: ...gment For communication across different lines or segments the couplers connecting the lines generate the relevant IACKs BUSY A BUSY is a negative IACK frame If the sender detects a BUSY then the rece...

Page 41: ...see Acknowledgement frames Individual Address The Individual Address of a device defines the location of the device within the topology Long Telegrams Long telegrams or long frames are telegrams havi...

Page 42: ...available since ETS version 5 7 2 ETS Inside 1 4 0 Short Telegrams Short telegrams or short frames are telegrams having an APDU length that is not exceeding 15 octets Short telegrams use the standard...

Page 43: ...ams main group 0 13 filter filter table is empty Group telegrams main group 14 31 route all Physical telegrams filter KNX TP KNX TP Subline to IP Main line Group telegrams main group 0 13 filter filte...

Page 44: ...Pollution degree 2 according to IEC60664 1 Protection class III according to IEC61140 Overvoltage category II according to IEC60664 1 Approbation KNX certified according to ISO IEC14543 3 and EN ISO...

Page 45: ...Technical MECip SECURE 45 8 3 Drawings Dimensions shown here are specified in mm The total device width is 2 modules at 18 mm Figure 30 Dimension drawings...

Page 46: ...ovided with the distribution The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission THIS SOFTWARE IS PROVIDED BY THE...

Page 47: ...on again dis reconnection of KNX TP line Is it Ok to connect and disconnect the Ethernet cable quickly No Don t do this Before reconnection wait for a few seconds What shows the Programming LED if the...

Page 48: ...b front end Update tab must be used or after 10 min it will be switched off automatically Is it possible to do a Reset during the device is in boot mode No LED 2 Bus State KNX TP will light up red whe...

Page 49: ...IP address in the IP window of the device properties download the application and select the MECip Sec that is now indicated by the new IP address I want to set filter settings but LED 5 works not as...

Page 50: ...e R1 0 March 2022 TAD is intended for x 0 1 2 and y a b c Firmware 3 0 x Databases R1 0y ETS version ETS5 7 3 and higher Weblink to actual ETS Database https www tapko de mecip sec Contact sales tapko...

Search results

Summary of Contents for MECip-Sec

Reviews:

Related manuals for MECip-Sec

Brands by name

Popular brands

TAPKO MECip-Sec, Product Description

Search results

Summary of Contents for MECip-Sec

Reviews:

Related manuals for MECip-Sec

Brands by name

Popular brands