manualshive.com logo in svg

Siemens SCALANCE W738-1, Руководство по эксплуатации, Страница: 8 / 66

Поделиться
Скачать
Siemens SCALANCE W738-1 Скачать руководство пользователя страница 8

Security recommendations 

 

 

 

SCALANCE W778-1 /W738-1 

8

 

Operating Instructions, 07/2020, C79000-G8976-C450-06 

 

Use a central logging server to log changes and access operations. Operate your 

logging server within the protected network area and check the logging information 

regularly. 

 

Use WPA2/ WPA2-PSK with AES to protect the WLAN. If iPCF or iPCF-MC is used, 

use the AES encryption. 

Passwords 

 

Define rules for the assignment of passwords. 

 

Regularly change your passwords to increase security. 

 

Use passwords with a high password strength. 

 

Make sure that all passwords are protected and inaccessible to unauthorized 

persons. 

 

A password must be changed if it is known or suspected to be known by unauthorized 

persons. 

 

Do not use the same password for different users and systems. 

Keys and certificates 

 

The device contains a pre-installed certificate with key. Replace this certificate with a 

self-made certificate with key. We recommend that you use a certificate signed by a 

reliable external or internal certification authority. You can install the certificate via 

the WBM (System > Load and Save). 

 

Use the certification authority including key revocation and management to sign the 

certificates. 

 

Ensure that user-defined private keys are protected and inaccessible to unauthorized 

persons. 

 

Verify certificates and fingerprints on the server and client to prevent "man in the 

middle" attacks. 

 

It is recommended that you use password-protected certificates in the PKCS#12 

format. 

 

It is recommended that you use certificates with a key length of at least 2048 bits. 

 

Change keys and certificates immediately, if there is a suspicion of compromise. 

Содержание SCALANCE W738-1

Страница 1: ...perating Instructions MSN65 W1 M12 E2 07 2020 C79000 G8976 C450 06 Introduction 1 Security recommendations 2 Safety notices 3 Description of the device 4 Mounting 5 Connection 6 Upkeep and maintenance 7 Technical specifications 8 Dimension drawing 9 Approvals 10 ...

Страница 2: ... only by personnel qualified for the specific task in accordance with the relevant documentation in particular its warning notices and safety instructions Qualified personnel are those who based on their training and experience are capable of identifying risks and avoiding potential hazards when working with these products systems Proper use of Siemens products Note the following WARNING Siemens p...

Страница 3: ...nstallation 31 5 3 Wall mounting 32 5 4 Installation on a DIN rail 33 5 4 1 Installation with the DIN rail mounting adapter 33 5 4 2 Mounting with bracket support 35 6 Connection 39 6 1 Safety when connecting up 39 6 2 Explosion hazard when disconnecting or replacing live cables FM ATEX 42 6 3 Suitable cables for temperatures above 70 C cable 50 C 70 C ATEX 42 6 4 Power supply 43 6 5 Ethernet 46 6...

Страница 4: ...Table of contents SCALANCE W778 1 W738 1 4 Operating Instructions 07 2020 C79000 G8976 C450 06 9 Dimension drawing 61 10 Approvals 63 Index 65 ...

Страница 5: ...also performs administrative functions in the network and for example provides client modules with a connection to wired networks to other client modules in the same wireless cell or in other wireless cells Purpose of the Operating Instructions Based on the operating instructions you will be able to install and connect up the SCALANCE W778 W738 correctly The configuration and the integration of th...

Страница 6: ...ustrial security measures that may be implemented please visit https www siemens com industrialsecurity Siemens products and solutions undergo continuous development to make them more secure Siemens strongly recommends that product updates are applied as soon as they are available and that the latest product versions are used Use of product versions that are no longer supported and failure to appl...

Страница 7: ... the PLUG C PLUG KEY PLUG security PLUG contains sensitive data such as certificates keys etc that can be read out and modified Software security functions Keep the firmware up to date Check regularly for security updates of the product You will find information on this on the Internet pages Industrial Security http www siemens com industrialsecurity Inform yourself regularly about security adviso...

Страница 8: ...t use the same password for different users and systems Keys and certificates The device contains a pre installed certificate with key Replace this certificate with a self made certificate with key We recommend that you use a certificate signed by a reliable external or internal certification authority You can install the certificate via the WBM System Load and Save Use the certification authority...

Страница 9: ...tions If SNMP is enabled change the community names If no unrestricted access is necessary restrict access with SNMP Use SNMPv3 in conjunction with passwords HTTP HTTPS Telnet SSH TFTP SFTP Use secure protocols when access to the device is not prevented by physical protection measures To prevent unauthorized access to the device or network take suitable protective measures against non secure proto...

Страница 10: ...rable Authentication Encryption Port Service DHCP client UDP 68 Outgoing only DHCP server UDP 67 Closed DNS client TCP 53 UDP 53 Outgoing only EthernetIP TCP 44818 UDP 2222 UDP 44818 Closed HTTP TCP 80 Open HTTPS TCP 443 Open NTP Client UDP 123 Outgoing only PROFINET UDP 34964 UDP 49154 UDP 49155 Open RADIUS UDP 1812 Closed Remote Capture TCP 2002 Closed SFTP client TCP 22 Closed SMTP client TCP 2...

Страница 11: ...tions SCALANCE W778 1 W738 1 Operating Instructions 07 2020 C79000 G8976 C450 06 11 Service Protocol port number Default port status Configurable Authentication Encryption Port Service IPv6 Closed SIMATIC NET TIME Closed ...

Страница 12: ...Security recommendations SCALANCE W778 1 W738 1 12 Operating Instructions 07 2020 C79000 G8976 C450 06 ...

Страница 13: ...ould cause severe burns Allow the device to cool down before starting any work on it WARNING The device is intended for indoor use only WARNING Suitable cables at high ambient temperatures If the temperature of the cable or housing socket exceeds 70 C or the branching point of conductors exceeds 80 C special precautions must be taken If the device is operated at ambient temperatures of between 50 ...

Страница 14: ...f you use the device under HazLoc or FM conditions you must also keep to the following safety notices in addition to the general safety notices for protection against explosion This equipment is suitable for use in Class I Division 2 Groups A B C and D or non hazardous locations only This equipment is suitable for use in Class I Zone 2 Group IIC or non hazardous locations only ...

Страница 15: ...C450 06 15 Description of the device 4 4 1 Description of the device W778 1 W738 1 M12 LED display Antenna connector R1A1 PLUG slot RESET button Antenna connector R1A2 Grounding Connector for power supply L1 L2 Ethernet connector P1 Ethernet connector P2 PoE capability ...

Страница 16: ...ing components are supplied with the product SCALANCE W778 or SCALANCE W738 3 protective caps for the M12 sockets 2 x Ethernet 1 x power supply 2 protective caps for the antenna sockets SIMATIC NET Industrial Wireless LAN CD Please check that the consignment you have received is complete If the consignment is incomplete contact your supplier or your local Siemens office Note The mounting adapter a...

Страница 17: ...0 KEY PLUG W740 iFeatures Client 6GK5907 4PA00 KEY PLUG W700 Security W700 Security Enabling of Inter AP Blocking and exchangeable storage medium for storage of configuration data 6GK5907 0PA00 Installation Component Description Article number Mounting adapter standard mount ing rail Adapter for mounting the W778 W38 on a 35 mm DIN rail according to DIN EN 50 022 6GK5798 8MF00 0AA1 Bracket support...

Страница 18: ...s shielded CAT 5 Sold by the meter 6XV1870 2B IE FC TP TRAILING CABLE 2X2 PROFINET type C Highly flexible bus cable TP installation cable for connection to FC OUTLET RJ 45 for use in drag chains 4 wire shielded CAT 5 Sold by the meter 6XV1840 3AH10 IE TP TORSION CABLE 2X2 PROFINET type C Highly flexible bus cable TP installation cable for use in highly flexible applications torsion 4 wire Sold by ...

Страница 19: ...onnect SMA female connectors 6GK5798 0PT00 2AA6 See also Safety when connecting up Page 39 Energy cable Component Description Article number Energy cable 2 x 0 75 Energy cable for connection of signaling con tact and power supply 24 VDC stranded wire 2 x 0 75 mm2 trailing type not assembled Sold by the meter 6XV1812 8A Robust Energy Ca ble 4 x 0 75 Energy cable for connection of power supply 24 VD...

Страница 20: ...escription Article number TI795 1N Electrical connection N Connect male Pack of 1 6GK5795 1TN00 1AA0 4 2 2 Flexible connecting cables and antennas 4 2 2 1 Flexible connecting cables Flexible connecting cable N Connect R SMA Flexible connecting cable for connecting an antenna to a SCALANCE W device with R SMA connectors preassembled with a connector N male and R SMA male Length Article number 0 3 m...

Страница 21: ...ngth Article number 1 m 6XV1875 5SH10 2 m 6XV1875 5SH20 5 m 6XV1875 5SH50 Flexible connecting cable IWLAN QMA N Connect male female Adapter cable for connecting a MIMO antenna with QMA connectors with the flexible connecting cables Preassembled with two connectors QMA male and N Connect female pack of 3 Length Article number 1 m 6XV1875 5JH10 For railway applications the following connecting cable...

Страница 22: ...rized 5 GHz 14dBi IP66 2xN Connect female 6GK5793 8DL00 0AA0 ANT793 8DP Directional antenna mast wall mounting 13 13 5 dBi 4 9 GHz and 5 GHz N Connect female This antenna is not available in Korea 6GK5793 8DP00 0AA0 ANT795 4MA Omnidirectional antenna directly on the device 3 5 dBi 2 4 GHz and 5 GHz IP30 R SMA connector male for direct installa tion on the device angle connector ad justable 0 180 6...

Страница 23: ...tional antenna 0 Bi 5 150 5 875 GHz N Connect female 6XV1875 2D NOTICE ANT795 4MA The ANT795 4MA antenna has degree of protection IP30 and is therefore only suitable for dry environments Note ANT793 8DJ The antenna ANT793 8DJ may only be used with the flexible connecting cable 6XV1875 5CH50 5 m length or 6XV1875 5CN10 10 m length Other flexible connecting cables are not permitted Notice for USA Ca...

Страница 24: ... the operating status of the device LED Color Meaning L1 Off Power supply L1 too low Green Power supply L1 is applied L2 Off Power supply L2 too low Green Power supply L2 is applied PoE Off The device is not supplied using PoE Green The device is supplied using PoE P1 Off There is no connection over the Ethernet port P1 Green There is a connection over the Ethernet port P1 link Flashing green and ...

Страница 25: ...nt is searching for a connection to an access point Flashing yellow Interval 100 ms on 100 ms off Access point mode With DFS 802 11h the channel is scanned for one minute for com peting radar signals before the channel can be used for data traffic Client mode The client waits for the MAC address due to the setting Automatic for the MAC mode parameter and is not connected to an access point Flashin...

Страница 26: ...ion The LED flash function is Either with SINEC PNI Or via the WBM page Discovery and Set via DCP Note Primary user radar on all enabled channels only when DFS is enabled If the device detects competing radar signals on all enabled channels of the WLAN interface the F LED is lit and R1 flash No data traffic is then possible for the next 30 minutes After this time the device runs the scan again and...

Страница 27: ...button Position NOTICE Loss of water and dust protection If the cover is not mounted correctly the device is not water and dust proof The reset button is located below the cover on the top of the SCALANCE W778 738 Note The RESET button is a long stroke button with a pressure point Press the button until you feel the pressure point ...

Страница 28: ...f the Load Save menu command of Web Based Management is unsuccessful the reset button can be used to load new firmware This situation can occur if there is a power outage during the normal firmware update You will find further information in the configuration manual in Downloading new firmware using TFTP without WBM and CLI Resetting the device to the factory defaults The device can be reset to th...

Страница 29: ...esponds to the ambient temperature of the device WARNING If a device is operated in an ambient temperature of more than 50 C the temperature of the device housing may be higher than 70 C The device must therefore be installed so that it is only accessible to service personnel or users that are aware of the reason for restricted access and the required safety measures at an ambient temperature high...

Страница 30: ... using according to FM If you use the device under FM conditions you must also keep to the following safety notices in addition to the general safety notices for protection against explosion WARNING EXPLOSION HAZARD The equipment is intended to be installed within an enclosure control cabinet The inner service temperature of the enclosure control cabinet corresponds to the ambient temperature of t...

Страница 31: ...irectional antennas must be mounted in keeping with their characteristics refer to the technical specifications of the antenna Radiation pattern diagrams For the device the following types of installation are permitted Wall mounting Installation on a DIN rail The device can be mounted on a DIN rail with a DIN rail mounting adapter a bracket support and the DIN rail mounting adapter for space savin...

Страница 32: ...g at least four times the weight of the device To mount the device on a wall follow the steps below 1 Prepare the drill holes for wall mounting For the precise dimensions refer to the section Dimension drawing Page 61 2 Secure the device to the wall with four screws The screws are not supplied with the device 3 Connect the power supply refer to the section Power supply Page 43 4 Fit the antennas r...

Страница 33: ... a DIN rail 5 4 1 Installation with the DIN rail mounting adapter The DIN rail mounting adapter is not included with the product see Accessories Assembly 1 Screw the DIN rail mounting adapter to the rear of the device The mounting material is supplied with the DIN rail mounting adapter 2 Place the device on the upper edge of the DIN rail ...

Страница 34: ...evice against the DIN rail until the DIN rail slider catch locks in place 4 Connect the power supply refer to the section Power supply Page 43 5 Fit the antennas refer to the section Antennas Page 47 Uninstalling 1 Turn off the power to the device 2 Disconnect all connected cables 3 Pull the DIN rail slider down with a screwdriver ...

Страница 35: ...forward and remove the device from the DIN rail 5 Loosen the screws of the DIN rail mounting adapter completely 5 4 2 Mounting with bracket support With the bracket support the device can be mounted on a DIN rail rotated through 90 The DIN rail mounting adapter and bracket holder are not included with the product see Accessories Page 17 ...

Страница 36: ... C79000 G8976 C450 06 Installation 1 Screw M3 tightening torque 0 7 Nm the bracket holder to the DIN rail mounting adapter The mounting material ships with the product 2 Screw tightening torque 0 7 Nm the bracket holder to the side of the device 3 Place the device on the upper edge of the DIN rail ...

Страница 37: ...device against the DIN rail until he DIN rail slider catch locks in place 5 Connect the power supply refer to the section Power supply Page 43 6 Fit the antennas refer to the section Antennas Page 47 Uninstalling 1 Turn off the power to the device 2 Disconnect all connected cables 3 Pull the DIN rail slider down with a screwdriver ...

Страница 38: ...ng 5 4 Installation on a DIN rail SCALANCE W778 1 W738 1 38 Operating Instructions 07 2020 C79000 G8976 C450 06 4 Tilt the device forward and remove the device from the DIN rail 5 Loosen the screws completely ...

Страница 39: ... the specified type of protection Lightning protection WARNING Danger due to lightning strikes Antennas installed outdoors must be within the area covered by a lightning protection system Make sure that all conducting systems entering from outdoors can be protected by a lightning protection potential equalization system When implementing your lightning protection concept make sure you adhere to th...

Страница 40: ...DEHN SÖHNE GmbH Co KG Hans Dehn Str 1 Postfach 1640 D 92306 Neumarkt Germany Supply voltage WARNING Safety extra low voltage The equipment is designed for operation with Safety Extra Low Voltage SELV by a Limited Power Source LPS This means that only SELV LPS Limited Power Source complying with IEC 60950 1 EN 60950 1 VDE 0805 1 must be connected to the power supply terminals or the power supply un...

Страница 41: ...etic interference the device must be grounded There must be no potential difference between the following parts otherwise the device or other connected device could be severely damaged Housing of the SCALANCE W700 and the ground potential of the antenna Housing of the SCALANCE W700 and the ground potential of a device connected over Ethernet Housing of the SCALANCE W700 and the shield contact of t...

Страница 42: ... Suitable cables for temperatures above 70 C cable 50 C 70 C ATEX WARNING Suitable cables at high ambient temperatures If the temperature of the cable or housing socket exceeds 70 C or the branching point of conductors exceeds 80 C special precautions must be taken If the device is operated at ambient temperatures of between 50 C and 70 C only use cables with a maximum permitted operating temperat...

Страница 43: ... with the SCALANCE W778 W738 Direct feed in via the four pin M12 socket position The power supply can be connected redundantly The inputs L1 L2 are decoupled There is no distribution of load The power supply unit with the higher output voltage supplies the device alone Power over Ethernet via the M12 Ethernet interface P2 position The power supply cannot be connected redundantly For the direct fee...

Страница 44: ...n assignment Pin Signal Assignment 1 L1 24 VDC 2 L2 24 VDC 3 M Ground 4 M Ground Connecting disconnecting the power supply NOTICE Turn off the power supply before you insert or remove the plug of the power supply 1 Connect the plug and socket Make sure that they lock in place correctly 2 Tighten the knurled screw torque 1 Nm Power over Ethernet Note Disabling the PoE power supply Before you pull a...

Страница 45: ...achment to Ethernet is only possible using four wire cables For this reason no PSE Power Sourcing Equipment can be used that only supplies the power via the free wire pairs Ethernet cables with M12 connectors for the SCALANCE W788 x M12 Gigabit Ethernet eight wire cannot be used for the SCALANCE W778 W738 Note No power sourcing equipment PSE The SCALANCE W778 W738 devices cannot be used as a PoE p...

Страница 46: ...llowing two M12 interfaces D coded 4 pin Position and pin assignment M12 interface P1 M12 interface P2 The power can also be supplied via this interface Power over Ethernet The four pin connecting socket has the following pin assignment Pin Assignment 1 TX 2 RX 3 TX 4 RX Connecting Ethernet ports 1 Connect the plug and socket Make sure that they lock in place correctly 2 Tighten the knurled screw ...

Страница 47: ...the plug on the socket key size SW19 torque 1 7 Nm 3 If you only use one antenna you need to connect this to the device via antenna connector R1 A1 position 4 Screw a terminating resistor to the unused antenna connector R1 A2 position if you are only using one antenna Note Terminating resistor You can connect one or two external antennas to the WLAN interface At the antenna connector R1A1 there mu...

Страница 48: ... be used in a closed building For this reason do not lead antennas into the outdoor area if you need to meet UL or CSA requirements Note Cabinet installation When installing the SCALANCE W778 W738 in a cabinet you need to use detached antennas A suitable flexible connecting cable for a connection between SCALANCE W778 W738 and a detached antenna are available from SIMATIC NET You will find detaile...

Страница 49: ... How it works The device supports the following modes of operation Without PLUG The device saves the configuration data in the internal memory This mode is active when no PLUG is inserted With PLUG If an unwritten PLUG factory status or deleted with Clean function is used the local configuration already existing on the device is automatically stored on the inserted PLUG If the PLUG contains a lice...

Страница 50: ...the firmware has been installed In this situation if a PLUG is inserted in the device following the restart this has the status NOT ACCEPTED since the PLUG still has the configuration data of the previous more up to date firmware This allows you to return to the previous more up to date firmware without any loss of configuration data If the original configuration on the PLUG is no longer required ...

Страница 51: ... slot is on the top of the device housing under a cover see Reset key Page 27 3 Release the screw of the slot cover and swing the slot cover to the side 4 The housing of the PLUG has a protruding ridge on the long side B The slot has a groove at this position Insert the C PLUG correctly oriented into the slot 5 Close the cover tightening torque 0 8 Nm to ensure that the device is closed and water ...

Страница 52: ...rding to EN60204 1 DIN VDE 0113 T1 electrical circuits must be grounded The chassis 0 V is grounded at one defined point Here once again the grounding is implemented with the lowest leakage resistance to ground in the vicinity of the power feed in With automation components functional ground also ensures interference free operation of a controller Via the functional ground interference currents co...

Страница 53: ...onfiguration user accounts certificates including the corresponding firmware on multiple devices The PRESET PLUG is write protected You configure the PRESET PLUG using the Command Line Interface CLI Creating a PRESET PLUG You create the PRESET PLUG using the Command Line Interface CLI You can create a PRESET PLUG from any PLUG To do this follow the steps outlined below Note Using configurations wi...

Страница 54: ... information on this in the operating instructions of your device 3 Insert the PRESET PLUG correctly oriented into the slot The PRESET PLUG is correctly inserted when it is completely inside the device and does not jut out of the slot 4 Turn on the power to the device again If there is a different firmware version on the device to be installed compared with that on the PRESET PLUG an upgrade downg...

Страница 55: ...mmend that you remove the PRESET PLUG before you reset the device to the factory settings Formatting a PRESET PLUG resetting the preset function You format the PRESET PLUG using the Command Line Interface CLI to reset the preset function To do this follow the steps outlined below 1 Start the remote configuration using Telnet CLI and log on with a user with the admin role 2 Change to the Global con...

Страница 56: ... the steps below 1 Turn off the power to the device 2 Loosen the screws of the cover 3 Remove the cover 4 Press the reset button and reconnect the device to the power supply while holding down the button 5 Hold down the button until the red error LED F stops flashing after approximately 10 seconds and is permanently lit 6 Release the button and wait until the fault LED F goes off The device starts...

Страница 57: ...ollow the steps below to load new firmware using TFTP 1 Turn off the power to the device 2 Now press the Reset button and reconnect the power to the device while holding down the button 3 Hold down the button until the red fault LED F starts to flash after approximately 2 seconds 4 Now release the button The bootloader waits in this state for a new firmware file that you can download by TFTP 5 Con...

Страница 58: ...ctions 07 2020 C79000 G8976 C450 06 Result The firmware is transferred to the device Note Please note that the transfer of the firmware can take several minutes During the transmission the red error LED F flashes Once the firmware has been transferred completely to the device the device is restarted automatically ...

Страница 59: ...e 1 300 Mbps Wireless standards supported IEEE 802 11a IEEE 802 11b IEEE 802 11g IEEE 802 11n Power supply for POE standards supported Standards IEEE 802 3af IEEE 802 3at Class Class 2 3 84 6 49 W Mode Mode A phantom power Attachment to Industrial Ethernet Quantity 2 Design M12 socket Properties Half duplex full duplex autocrossover autonegotiation autosensing floating PoE at port 2 Permitted cabl...

Страница 60: ...0 mA 36 V Power loss at 24 VDC At 24 VDC typical 6 W With PoE typical 6 W Permitted ambient conditions Ambient temperature During operation Non EEC variant 20 to 60 EEC variant 30 to 75 During storage 40 to 85 During transportation 40 to 85 Relative humidity During operation 95 at 25 C no condensation Operating altitude During operation 2 000 m above sea level at max 60 C ambient temperature Conta...

Страница 61: ...SCALANCE W778 1 W738 1 Operating Instructions 07 2020 C79000 G8976 C450 06 61 Dimension drawing 9 Note Dimensions are specified in mm Front view Width height and dimensions for wall mounting ...

Страница 62: ...Dimension drawing SCALANCE W778 1 W738 1 62 Operating Instructions 07 2020 C79000 G8976 C450 06 Side view Figure 9 1 Side view W778 W738 See also Wall mounting Page 32 ...

Страница 63: ...evant here on the data storage medium that ships with some products Product CD product DVD SIMATIC NET Manual Collection SIMATIC NET IWLAN CD Taiwan NCC Statement SCALANCE W778 1 W738 1 Taiwan NCC WARNINGS Chinese NCC警語 第十二條 經型式認證合格之低功率射頻電機 非經許可 公司 商號或使用者均不得擅自變更頻率 加 大功率或變更原設計之特性及功能 第十四條 低功率射頻電機之使用不得影響飛航安全及干擾合法通信 經發現有干擾現象時 應立即停用 並改善至無干擾時方得繼續使用 前項合法通信 指依電信法規定作業之無線電通信 低功率射頻電機須忍受合法通信或工業 科學及醫療用電波輻射性電機設...

Страница 64: ...es must be susceptible with the interference from legal communications or ISM radio wave radiated devices The operations near the radar system shall not be influenced The directed antenna with high gain 6dBi must apply to the fixed point to point system only WLAN 2 4GHz MPE standard value is 1 0 mW cm2 Measured value is 0 1848 mW cm2 WLAN 5GHz MPE standard value is 1 0 mW cm2 Measured value is 0 0...

Страница 65: ...s of the product 16 Configuration manuals 57 E Ethernet Connectors 46 F Factory defaults 28 28 56 Factory setting 56 Functional ground Connecting up 52 G Grounding 41 Connecting up 52 Grounding point 52 I Interfaces 59 L LED display 24 Lightning protection 39 P Power supply Connecting up 43 Primary user radar 24 Protective caps 16 R Reset device 28 28 56 S Safety extra low voltage 39 40 Safety not...

Страница 66: ...Index SCALANCE W778 1 W738 1 66 Operating Instructions 07 2020 C79000 G8976 C450 06 ...

Отзывы:

Нет отзывов