Siemens SIMATIC NET SCALANCE W740 Series Скачать руководство пользователя | Manualshive

Страница: 435 / 456

background image

Troubleshooting/FAQ

8.4 Instructions for secure network design

SCALANCE W780/W740 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C267-13

435

8.4

Instructions for secure network design

Note the information below to protect your network against attacks:

●

Use a secure connection with HTTPS
In contrast to HTTP, HTTPS allows you secure access for configuring the WLAN clients

and the access points using Web Based Management. For more detailed information,

refer to the section "Load & Save (Page 196)".

●

Use WPA2/ WPA2-PSK with AES
Use only WPA2/AES to prevent password misuse. WPA2/ WPA2-PSK with AES provides

the greatest security. For more detailed information, refer to the section "Basic (Access

Point) (Page 369)".

●

Protect your network from man-in-the-middle attacks
To protect your network from man-in-the-middle attacks, a network setup is

recommended that makes it more difficult for the attacker to access the communications

path between two end devices.
–

You can, for example, protect devices by arranging so that the Agent IP is only

accessible via a single management VLAN. For more detailed information, refer to the

section "Agent IPv4 (Page 186)".

–

A further option is to install a separate HTTPS certificate on the WLAN client / access

point. The HTTPS certificate checks the identity of the device and controls the

encrypted data exchange. You can install the HTTPS certificate via HTTP. For more

detailed information, refer to the section "HTTP (Page 200)".

●

Use SNMPv3
SNMPv3 provides you with highest possible security when accessing the devices via

SNMP. For more detailed information, refer to the section "SNMP (Page 225)".

NOTICE
Changing the default password after configuring with STEP 7
If a device in the default status is configured only with STEP 7, it is not possible to change

the default password. This change must be made directly on the device using WBM or CLI.

Otherwise the default password is retained and any user could log in using the default

password.

«
...
433
434
435
436
437
...
»

Содержание SIMATIC NET SCALANCE W740 Series

Страница 1: ..._______________ ___________________ SIMATIC NET Industrial Wireless LAN SCALANCE W780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 Introduction 1 Description 2 Security recommendations 3 Technical basics 4 IP addresses 5 Configuring with Web Based Management 6 Upkeep and maintenance 7 Troubleshooting FAQ 8 Appendix A A Appendix B B Appendix C C Append...

Страница 2: ...e operated only by personnel qualified for the specific task in accordance with the relevant documentation in particular its warning notices and safety instructions Qualified personnel are those who based on their training and experience are capable of identifying risks and avoiding potential hazards when working with these products systems Proper use of Siemens products Note the following WARNING...

Страница 3: ...5 2 4 IEEE 802 11n 28 2 5 Requirements for installation and operation of SCALANCE W devices 32 2 6 C PLUG and KEY PLUG 33 2 7 Digital input output 35 2 8 Power over Ethernet PoE 37 3 Security recommendations 41 4 Technical basics 47 4 1 Configuration limits for WBM and CLI 47 4 2 Interfaces and system functions 49 4 3 EtherNet IP 53 4 4 PROFINET 54 4 5 VLAN 55 4 6 MAC based communication 56 4 7 iP...

Страница 4: ...ss Settings 97 6 3 1 4 Management Interfaces 98 6 3 1 5 Antenna Settings 100 6 3 1 6 Radio Settings 101 6 3 1 7 Access Point Einstellungen 104 6 3 1 8 Client Settings 106 6 3 1 9 Client Allowed Channel Settings 108 6 3 1 10 Security Settings 110 6 3 1 11 Dot1x Supplicant Settings 113 6 3 1 12 Dot1x RADIUS Server Settings 114 6 3 1 13 Summary of Settings 115 6 4 Information menu 116 6 4 1 Startseit...

Страница 5: ...6 4 15 2 Management Sent 169 6 4 15 3 Management Received 170 6 4 15 4 Data Sent 171 6 4 15 5 Data Received 172 6 4 16 WLAN iFeatures 173 6 4 16 1 iREF Client List 173 6 4 16 2 iREF WDS List 175 6 4 16 3 AeroScout 176 6 4 16 4 iPRP 177 6 5 System menu 180 6 5 1 Configuration 180 6 5 2 General 183 6 5 2 1 Device 183 6 5 2 2 Coordinates 184 6 5 3 Agent IPv4 186 6 5 4 Agent IPv6 187 6 5 4 1 IPv6 Defa...

Страница 6: ...254 6 5 18 EtherNet IP 256 6 5 19 PLUG 258 6 5 19 1 Configuration 258 6 5 19 2 License 262 6 5 20 Ping 264 6 6 Interfaces menu 266 6 6 1 Ethernet 266 6 6 1 1 Overview 266 6 6 1 2 Configuration 267 6 6 2 WLAN 271 6 6 2 1 Basic 271 6 6 2 2 Advanced 276 6 6 2 3 Antennas 279 6 6 2 4 Allowed Channels 283 6 6 2 5 802 11n 285 6 6 2 6 AP 287 6 6 2 7 AP WDS 290 6 6 2 8 AP 802 11a b g data rates 293 6 6 2 9...

Страница 7: ... Client 373 6 9 4 3 AP communication 376 6 9 4 4 AP RADIUS Authenticator 378 6 9 4 5 Client RADIUS Supplicant 380 6 9 4 6 Key 382 6 9 5 MAC ACL 383 6 9 5 1 Rules Configuration 383 6 9 5 2 Ingress Rules 385 6 9 5 3 Egress Rules 387 6 9 6 IP ACL 389 6 9 6 1 Rules Configuration 389 6 9 6 2 Protocol Configuration 390 6 9 6 3 Ingress Rules 392 6 9 6 4 Egress Rules 395 6 9 7 Management ACL 398 6 9 8 Int...

Страница 8: ...tibility with predecessor products 434 8 4 Instructions for secure network design 435 8 5 Configuring the device using the TIA Portal 436 8 5 1 Message SINEMA configuration not yet accepted 437 8 6 WLAN client Trigger handover via SNMP 439 A Appendix A 441 A 1 MIB files supported by SCALANCE W700 device 441 B Appendix B 443 B 1 Private MIB variables of the SCALANCE W700 443 C Appendix C 445 C 1 Un...

Страница 9: ...6 1 RJ 45 SCALANCE W786 2 RJ 45 SCALANCE W786 2IA RJ 45 SCALANCE W786 2 SFP This Configuration Manual applies to the following software version SCALANCE W700 firmware as of version V 6 3 Note This configuration manual does not apply to the SCALANCE W7xC 2 Purpose of the Configuration Manual This Configuration Manual is intended to provide you with the information you require to install commission ...

Страница 10: ... Operating Instructions This document contains information on installing and connecting up the following products and their approvals SCALANCE W788 1 RJ 45 SCALANCE W788 1 M12 SCALANCE W788 2 RJ 45 SCALANCE W788 2 M12 SCALANCE W788 2 M12 EEC SCALANCE W748 1 RJ 45 SCALANCE W748 1 M12 Operating Instructions SCALANCE W786 x This document contains information on installing and connecting up the follow...

Страница 11: ...es as well as a variety of plug in connectors lightning protectors a power splitter and an attenuator Terms used The designation stands for IPv4 address IPv4 address IPv6 address IPv6 address IP address IPv4 IPv6 address IPv4 interface Interface that supports IPv4 IPv6 interface Interface that supports IPv6 The interface can have more than one IPv6 address The IPv6 addresses have different ranges ...

Страница 12: ...ne element of such a concept Customers are responsible for preventing unauthorized access to their plants systems machines and networks Such systems machines and components should only be connected to an enterprise network or the internet if and to the extent such a connection is necessary and only when appropriate security measures e g firewalls and or network segmentation are in place For additi...

Страница 13: ...ary You will find the SIMATIC NET glossary here SIMATIC NET Manual Collection or product DVD The DVD ships with certain SIMATIC NET products On the Internet under the following address 50305045 https support industry siemens com cs ww en view 50305045 License conditions Note Open source software Read the license conditions for open source software carefully before using the product You will find l...

Страница 14: ... W788 1 M12 SCALANCE W788 2 M12 SCALANCE W788 2 M12 EEC SCALANCE W788 1 RJ 45 SCALANCE W788 2 RJ 45 Access points IP65 W786 x SCALANCE W786 1 RJ 45 SCALANCE W786 2 RJ 45 SCALANCE W786 2IA RJ 45 SCALANCE W786 2 SFP All SCALANCE W access points W78x SCALANCE W788 1 M12 SCALANCE W788 2 M12 SCALANCE W788 2 M12 EEC SCALANCE W788 1 RJ 45 SCALANCE W788 2 RJ 45 SCALANCE W786 1 RJ 45 SCALANCE W786 2 RJ 45 ...

Страница 15: ...on SCALANCE W780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 15 1 3 Structure of the type designation The type designation of a SCALANCE W700 is made up of several parts that have the following meaning ...

Страница 16: ...Introduction 1 3 Structure of the type designation SCALANCE W780 W740 to IEEE 802 11n Web Based Management 16 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 17: ...onfiguration Manual 08 2018 C79000 G8976 C267 13 17 Description 2 Note Interruption of the WLAN communication The WLAN communication can be influenced by high frequency interference signals and can be totally interrupted Remember this and take suitable action ...

Страница 18: ...an access point in client mode Standalone configuration with access point This configuration does not require a server and the access point does not have a connection to a wired Ethernet Within its transmission range the access point forwards data from one WLAN node to another The wireless network has a unique name All the SCALANCE W700 devices exchanging data within this network must be configure...

Страница 19: ...ected to a wired network via an access point Span of wireless coverage for the wireless network with several access points The access points are all configured with the same unique SSID network name All nodes that want to communicate over this network must also be configured with this SSID If a mobile station moves from the area covered by one access point to the area covered by another access poi...

Страница 20: ...unicate at the same time with the access points in their wireless cells If neighboring access points are set up for different frequencies this leads to a considerable improvement in performance As a result neighboring wireless cells each have their own medium available and the delays resulting from time offset transmission no longer occur The channel spacing should be as large as possible a practi...

Страница 21: ...between access points and other WDS compliant devices These are used to create a wireless backbone or to connect an individual access point to a network that cannot be connected directly to the cable infrastructure due to its location Two alternative configurations are possible The WDS partner can be configured using the WDS ID or using its MAC address The following graphic shows the implementatio...

Страница 22: ...ion Manual 08 2018 C79000 G8976 C267 13 Network access with a client or an access point in client mode The SCALANCE W700 device can be used to integrate wired Ethernet devices for example SIMATIC S7 PLC in a wireless network The following graphic shows the connection of a SIMATIC S7 PLC to a wireless LAN ...

Страница 23: ...ifferent frequencies The SCALANCE W788 supports the protection class IP65 and the protection class IP30 The access points are available in two versions M12 for degree of protection IP65 RJ 45 for the degree of protection IP30 With a SCALANCE W788 with two WLAN interfaces you can also implement a redundant wireless connection to a SCALANCE W78x with two WLAN interfaces Possible applications of the ...

Страница 24: ...a WLAN interface This makes the device suitable for the following applications The SCALANCE W748 forwards data within its transmission range from one node to another without a connection to wired Ethernet being necessary The SCALANCE W748 can be used as a gateway from a wired to a wireless network The SCALANCE W748 can be used as a wireless bridge between two networks The device can also connect u...

Страница 25: ...ith DFS the access point searches for primary users for 60 seconds before starting communication on the selected channel During this time the access point does not send beacons If signals are found on the channel the channel is blocked for 30 minutes the access point changes channel and repeats the check Primary users are also searched for during operation Support of the authentication standards W...

Страница 26: ...Manual 08 2018 C79000 G8976 C267 13 overlapping frequency ranges The following overlaps exist with Industrial Wireless LAN and WirelessHART IWLAN channel IEEE 802 11 b g n WHART channel IEEE 802 15 4 1 11 16 6 15 20 7 16 21 11 20 25 13 21 25 Note All SCALANCE W700 access points can be reconfigured for client mode ...

Страница 27: ...IP65 6GK5786 2FC00 0AA0 6GK5786 2FC00 0AA0 1 6GK5786 2FC00 0AC0 2 SCALANCE W786 2IA RJ 45 2 Internal 1 x gigabit Ethernet cop per IP65 6GK5786 2HC00 0AA0 6GK5786 2HC00 0AB0 1 SCALANCE W786 2 SFP 2 external 2 x SFP slots IP65 6GK5786 2FE00 0AA0 6GK5 786 2FE00 0AB0 1 SCALANCE W788 1 M12 1 external 1 x gigabit Ethernet cop per IP65 6GK5788 1GD00 0AA0 6GK5788 1GD00 0AB0 1 SCALANCE W788 2 M12 2 externa...

Страница 28: ...d IEEE 802 11g b or in the 5 GHz frequency band IEEE 802 11a IEEE 802 11n can operate in both frequency band In the IEEE 802 11n standard there are mechanisms implemented in PHY and MAC layers that increase the data throughput and improve the wireless coverage MIMO antenna technology Maximum ratio combining MRC Spatial multiplexing Channel bonding Frame aggregation Accelerated guard interval Modul...

Страница 29: ...ristic signals Here each spatial position is different from the neighboring position By characterizing the individual senders the recipient is capable of separating several signals from each other Maximum ratio combining MRC In a multiple antenna system the wireless signals are received by the individual antennas and combined to form one signal The MRC method is used to combine the wireless signal...

Страница 30: ...l Width MHz parameter Frame aggregation With IEEE 802 11n it is possible to group together individual data packets to form a single larger packet this is known as frame aggregation There are two types of frame aggregation Aggregated MAC Protocol Data Unit A MPDU With A MPDU multiple MPDU data packets with the same destination address are bundled and sent as one large A MPDU Aggregated Mac Service ...

Страница 31: ...s IEEE 802 11n can use the reduced guard interval of 400 ns You specify the guard interval on the WBM page AP 802 11n Page 285 Modulation and coding schemes The IEEE 802 11n standard supports different data rates The data rates are based on the number of spatial streams the modulation method and the channel coding The various combinations are described in modulation and coding schemes ...

Страница 32: ...s for installation and operation of SCALANCE W devices A PG PC with network connection must be available in order to configure the SCALANCE W devices If no DHCP server is available a PC on which the Primary Setup Tool PST is installed is necessary for the initial assignment of an IP address to the SCALANCE W devices For the other configuration settings a computer with Telnet or a Web browser is ne...

Страница 33: ...et using DHCP and the DHCP server has not been reconfigured accordingly A reconfiguration is necessary if you use functions based on MAC addresses Note In terms of the PLUG the SCALANCE devices work in two modes Without PLUG The device stores the configuration in internal memory This mode is active when no PLUG is inserted With PLUG The configuration stored on the PLUG is displayed over the user i...

Страница 34: ... disruptions will occur in network operation due to multiple identical IP addresses You assign fixed IP addresses extra following the basic installation In a PLUG that was configured as a PRESET PLUG the device configuration user accounts certificates and the firmware are stored Note Restore factory defaults and restart with a PRESET PLUG inserted If you reset a device to the factory defaults when...

Страница 35: ...output with Web Based Management WBM If the digital input changes the status an entry is made in the event protocol table OID of the private MIB variable snMspsDigitalOutputLevel iso 1 org 3 dod 6 internet 1 private 4 enterprises 1 siemens 4329 industria lComProducts 20 iComPlatforms 1 simaticNet 1 snMsps 1 snMspsCommon 1 snMspsDi gitalIO 39 snMspsDigitalIOObjects 1 snMspsDigitalOutputTable 3 snMs...

Страница 36: ...igitalInputTable 2 snMspsDigitalInpu tEntry 1 snMspsDigitalInputLevel 6 values of the MIB variable 1 Signal 0 at the digital input DI 2 Signal 1 at the digital input DI MIB file The MIB variables can be found in the file SN MSPS DIGITAL IO MIB that is part of the private MIB file snMspsWlan mib You will find more detailed information in Private MIB variables of the SCALANCE W700 Page 443 ...

Страница 37: ...nd 3 6 see variant 2 This alternative is suitable for a data transmission rate of 10 100 Mbps This type of power supply is not suitable for 1 Gbps since with gigabit all 8 wires are used for data transfer Variant 2 phantom power With phantom power the power is supplied over the pairs that are used for data transfer in other words all eight 1 Gbps or four 10 100 Mbps wires are used both for the dat...

Страница 38: ...lengths Table 2 1 Permitted cable lengths copper cable Fast Ethernet Cable type Accessory plug outlet TP cord Permitted cable length IE TP torsion cable with IE FC Outlet RJ 45 10 m TP cord 0 to 45 m 10 m TP cord with IE FC RJ 45 Plug 180 0 to 55 m IE FC TP Marine Cable IE FC TP Trailing Cable IE FC TP Flexible Cable with IE FC Outlet RJ 45 10 m TP cord 0 to 75 m 10 m TP cord with IE FC RJ 45 Plug...

Страница 39: ... 100 Mbps only Phantom power 1 Yellow Green white Data Data power 2 Orange Green Data Data power 3 White Orange white Data Data power 6 Blue Orange Data Data power 4 Blue Power unused at 10 100 Mbps 5 Blue white Power unused at 10 100 Mbps 7 Brown white Power unused at 10 100 Mbps 8 Brown Power unused at 10 100 Mbps LEDs for PoE on the SCALANCE W700 device When the SCALANCE W700 device is supplied...

Страница 40: ...Description 2 8 Power over Ethernet PoE SCALANCE W780 W740 to IEEE 802 11n Web Based Management 40 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 41: ...e memory card or the PLUG C PLUG KEY PLUG security PLUG contains sensitive data such as certificates keys etc that can be read out and modified Software security functions Keep the firmware up to date Check regularly for security updates of the product You will find information on this on the Internet pages Industrial Security http www siemens com industrialsecurity Inform yourself regularly about...

Страница 42: ...nd certificates This section deals with the security keys and certificates you require to set up HTTPS HyperText Transfer Protocol Secured Socket Layer We strongly recommend that you create your own HTTPS certificates and make them available There are preset certificates and keys on the device The preset and automatically created HTTPS certificates are self signed We recommend that you use HTTPS c...

Страница 43: ...Pv3 Check whether use of SNMPv1 is necessary SNMPv1 is classified as non secure Use the option of preventing write access The product provides you with suitable setting options If SNMP is enabled change the community names If no unrestricted access is necessary restrict access with SNMP Use SNMPv3 in conjunction with passwords HTTP HTTPS Telnet SSH Use secure protocols when access to the device is...

Страница 44: ...d Factory setting Open The factory setting of the port is Open Closed The factory setting of the port is Closed Authentication Specifies whether the protocol authenticates the communications partner during access Protocol Port number Port status Factory setting of the port Authentication SSH TCP 22 Open when configured Open Yes TELNET TCP 23 Open when configured Open Yes HTTP TCP 80 Open when conf...

Страница 45: ...gement Configuration Manual 08 2018 C79000 G8976 C267 13 45 Protocol Port number Port status Factory setting of the port Authentication DHCP UDP 67 68 Open when configured Closed No RADIUS UDP 1812 1813 Open when configured Closed No TFTP UDP 69 Open when configured Closed No ...

Страница 46: ...Security recommendations SCALANCE W780 W740 to IEEE 802 11n Web Based Management 46 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 47: ...n your device some functions are not available Configurable function Maximum number System Syslog server 3 DNS server manual IPv4 IPv6 3 learned IPv4 IPv6 2 in total 7 SMTP server 2 SNMPv1 trap recipient 10 SNTP server 2 NTP server 1 DHCP pools 1 IPv4 addresses managed by the DHCP server dy namic static 100 DHCP static assignments per DHCP pool 20 DHCP options 20 Interfaces Force destination addre...

Страница 48: ...e configuration 20 Ingress and egress rules for MAC ACL total 40 per interface 20 ingress rules 20 egress rules Client 80 P1 WLAN Access point 680 P1 WDS 1 Y VAP 1 Y Dual access point 1320 P1 WDS X Y VAP X Y IP ACL rule configuration 20 Ingress and egress rules for port ACL IP total 40 per interface 20 ingress rules 20 egress rules Client 120 P1 WLAN man agement VLAN Access point 720 P1 WDS 1 Y VA...

Страница 49: ...e WBM pages you can only select the available interfaces We reserve the right to make technical changes Client device W748 1 M12 W748 1 RJ 45 Access points W786 1 RJ 45 W788 1 M12 W788 1 RJ 45 Access points W786 2 RJ 45 W786 2IA RJ 45 W786 2 SFP W788 2 M12 W788 2 M12 EEC W788 1 RJ 45 W788 2 RJ 45 Wireless interface WLAN WLAN 1 WLAN 1 WLAN 1 in client mode only one WLAN inter face is availa ble WLA...

Страница 50: ...re not available We reserve the right to make technical changes Access point mode Access points in client mode Client device Information Security Inter AP blocking W780 iFeatures MLFB 6GK5 907 8PA00 W700 Security MLFB 6GK5907 0PA00 WLAN AP overview Client list WDS list AP overlap Force roaming Client overview Available APs IP assignment Background noise WLAN statistics Error Management sent Manage...

Страница 51: ... chan nels 802 11n AP AP WDS AP 802 11a b g data rates AP 802 11n data rates Client 802 11a b g data rates Client 802 11n data rates Force roaming Signal recorder Spectrum analyzer Layer 3 NAT Basic NAPT Security WLAN Basic AP communication AP RADIUS au thenticator Client RADIUS supplicant Key Inter AP Blocking Basic W780 iFeatures MLFB 6GK5 907 8PA00 W700 Security MLFB 6GK5907 0PA00 Allowed IP ad...

Страница 52: ... W740 iFeatures MLFB 6GK5 907 4PA00 iPCF MC Only dual APs W780 iFeatures MLFB 6GK5 907 8PA00 Access point in client mode W780 iFeatures MLFB 6GK5 907 8PA00 Client W740 iFeatures MLFB 6GK5 907 4PA00 iPRP W780 iFeatures MLFB 6GK5 907 8PA00 Access point in client mode W780 iFeatures MLFB 6GK5 907 8PA00 Client W740 iFeatures MLFB 6GK5 907 4PA00 iREF W780 iFeatures MLFB 6GK5 907 8PA00 AeroScout W780 iF...

Страница 53: ...orks This industry protocol is used by field buses industrial networks such as DeviceNet ControlNet and EtherNet IP at the application layer as an interface between the deterministic fieldbus world and the automation application controller I O HMI OPC The CIP is located above the transport layer and expands the pure transport services with communications services for automation engineering These i...

Страница 54: ...o the management level as well as plant wide engineering PROFINET also has the following features Use of TCP IP Automation of applications with real time requirements Real Time RT communication Isochronous Real Time IRT communication Seamless integration of fieldbus systems You configure PROFINET in System PROFINET Page 254 PROFINET IO Within the framework of PROFINET PROFINET IO is a communicatio...

Страница 55: ...ame is expanded by 4 bytes VLAN tagging Apart from the VLAN ID this expansion also includes priority information Options for the VLAN assignment There are various options for the assignment to VLANs Port based VLAN Each port of a device is assigned a VLAN ID You configure port based VLAN in Layer 2 VLAN Page 331 Protocol based VLAN Each port of a device is assigned a protocol group Subnet based VL...

Страница 56: ...aximum possible number of Ethernet nodes with layer 2 communication downstream from the client 1 Notes on the Automatic setting As long as there is no link on the Ethernet interface the device uses the MAC address of the Ethernet interface so that it can be reached in this status In this status the device can be found using the Primary Setup Tool and configured with WBM or CLI As soon as there is ...

Страница 57: ...int In iPCF mode both the search for a new access point and the registration with this access point have been optimized in terms of time Handover times significantly below 50 ms are achieved The Legacy Free iPCF LF setting is available to prevent the performance from being slowed down by the IEEE 802 11 a b g device generation When enabled only the devices that communicate with the IEEE 802 11n st...

Страница 58: ...oint with two wireless interfaces a so called dual access point The one interface operates as management channel and sends short frames beacons with administrative information e g channel setting of the data channel and SSID The other interface data channel exclusively transfers the user data The Legacy Free iPCF LF setting is available to prevent the performance from being slowed down by the IEEE...

Страница 59: ...nt 1 Wireless cell of access point 2 Wireless cell of access point 3 Wireless cell of access point 4 Plant Restrictions iPCF iPCF HT and iPCF MC are developments of Siemens AG and function only with nodes on which iPCF iPCFv2 iPCF MC is implemented With an access point with several WLAN interfaces it is possible to use both iPCF iPCF HT as well as standard WLAN at the same time ...

Страница 60: ...fers the user data The following requirements must be met before you can use iPCF MC Only SCALANCE W700 devices with two WLAN interfaces can be used as access points The data interface WLAN1 and management interface WLAN2 must be operated in the same frequency band and must match in terms of their wireless coverage iPCF MC will not work if the two wireless interfaces are equipped with directional ...

Страница 61: ...vidual client is handled via the most suitable antenna Which antenna is most suitable is determined by the access point based on the RSSI values of received packets Taking into account antenna gain and possible cable losses packets are only sent via the antennas with which the maximum signal strength at the client end can be expected During this time the other antennas are inactive and the legally...

Страница 62: ... 1 x spatial stream is possible iREF cannot be used along with other iFeatures for example iPCF or iPCF MC Advantages Due to the directional data transmission and dynamic deactivation of antennas that do not radiate in the direction of the particular client interference can be reduced The signal strength is improved because the active antenna always has the maximum permitted transmit power availab...

Страница 63: ...nt to the recipient in duplicate via both networks Devices capable of PRP have at least two separate Ethernet interfaces that are connected to independent networks With devices not capable of PRP a redundancy box RedBox is connected upstream This allows access for so called Single Attached Nodes SAN to PRP networks The RedBox duplicates every Ethernet frame to be sent and adds a PRP trailer to the...

Страница 64: ...duplicated by the RedBox at the AP end and the two redundant frames are transferred via the switch to the access points Via the two different wireless paths the redundant PRP frames are transferred to the RedBox at the client end The clients are also connected to their RedBox via a switch This forwards the first PRP frame to arrive to SAN2 and discards the second one Note On the interfaces of the ...

Страница 65: ... from arriving at the RedBox with too great a time difference If for example the communication between AP1 and client A is very slow the slower frame is discarded at the receiving end You configure iPRP in iFeatures iPRP Page 416 Requirement The base bridge mode 802 1Q VLAN Bridge is set The VLANs have been created Access point mode The VAP interface is enabled Client mode In MAC mode Layer 2 Tunn...

Страница 66: ...and material handling engineering represent possible applications for this function Button Regardless of the frames sent cyclically a user can also send a message by pressing a button LED This provides information on the operating status of the tag Note For more detailed information please refer to the AeroScout documentation www aeroscout com How it works The tag sends its data as AeroScout frame...

Страница 67: ...ment Configuration Manual 08 2018 C79000 G8976 C267 13 67 Accuracy of localization To achieve optimum precision in the localization of AeroScout Tags we recommend the use of antennas with omnidirectional characteristics if the signals should be received by at least three access points ...

Страница 68: ...ranslated into the same external source IPv4 address To identify the individual source nodes the port of the source device is also stored in the translation list of the NAT gateway and translated for the external address If several local clients send a query to the same external destination IPv4 address via the NAT gateway the gateway enters its own external source IPv4 address in the header of th...

Страница 69: ...If the community string is correct the SNMP agent responds and sends the requested data If the community string is not correct the SNMP agent discards the query Define different community strings for read and write permissions The community strings are transferred in plain text Standard values of the community strings public has only read permissions private has read and write permissions Note Bec...

Страница 70: ...ncrypted user authentication Encryption of the entire data traffic Access control of the MIB objects at the user group level With the introduction of SNMPv3 you can no longer transfer user configurations to other devices without taking special action e g by loading a configuration file or replacing the C PLUG According to the standard the SNMPv3 protocol uses a unique SNMP engine ID as an internal...

Страница 71: ...ion Manual 08 2018 C79000 G8976 C267 13 71 Compatibility with predecessor products You can only transfer SNMPv3 users to a different device if you have created the users as migratable users To create a migratable user the SNMPv3 User Migration function must be activated when you create the user ...

Страница 72: ...selection of the root bridge The computer with the lowest value set for this parameter automatically becomes the root bridge If two computers have the same priority value the computer with the lower MAC address becomes the root bridge Response to changes in the network topology If nodes are added to a network or drop out of the network this may affect the optimum path selection for data packets To...

Страница 73: ...U is received after a certain time has elapsed 3 x hello time the port returns to the edge port status Point to point direct communication between two neighboring devices By directly linking the devices a status change reconfiguration of the ports can be made without any delays Alternate port substitute for the root port A substitute for the root port is configured If the connection to the root br...

Страница 74: ...740 to IEEE 802 11n Web Based Management 74 Configuration Manual 08 2018 C79000 G8976 C267 13 Common and Internal Spanning Tree CIST CIST identifies the internal instance used by the switch that is comparable in principle with an internal RSTP instance ...

Страница 75: ...ation Dial In User Service is a protocol for authenticating and authorizing users by servers on which user data can be stored centrally Depending on the RADIUS authorization mode you have selected on the Security AAA RADIUS Client page the device evaluates different information of the RADIUS server RADIUS authorization mode Standard If you have set the authorization mode conventional the authentic...

Страница 76: ...device and the user is not entered in the table External User Accounts The user is logged in with the rights of the assigned group The group is known on the device and the user is entered in the table External User Accounts The user is assigned the role with the higher rights and logged in with these rights The group is not known on the device and the user is entered in the table External User Acc...

Страница 77: ...tatus dependent Available IP addresses 32 bit 4 29 109 ad dresses 128 bit 3 4 1038 addresses Address format Decimal 192 168 1 1 with port 192 168 1 1 20 Hexadecimal 2a00 ad80 0123 with port 2a00 ad80 0123 20 Loopback 127 0 0 1 1 IP addresses of the interface 4 IP addresses Multiple IP addresses LLA A link local address formed automatically fe80 128 per interface ULA Several unique local unicast ad...

Страница 78: ...which the IPv6 address and the configuration settings are transferred Four DHVPv6 messages are exchanged between client and server 1 SOLICIT Sent by the DHCPv6 client to localize DHCPv6 servers 2 ADVERTISE The available DHCPv6 servers reply to this 3 REQUEST The DHCPv6 client requests an IPv6 address and the configuration settings from the DHCPv6 server 4 REPLY The DHCPv6 server sends the IPv6 add...

Страница 79: ...ose used for the host ID the IP address can be assigned to a specific address class Subnet mask The bits of the host ID can be used to create subnets The leading bits represent the address of the subnet and the remaining bits the address of the host in the subnet A subnet is defined by the subnet mask The structure of the subnet mask corresponds to that of an IP address If a 1 is used at a bit pos...

Страница 80: ...assign an IP address to an unconfigured device currently without an IP address DHCP default Primary Setup Tool STEP 7 NCM PC Note When the product ships and following Restore Memory Defaults and Restart DHCP is enabled If a DHCP server is available in the local area network and this responds to the DHCP request of a SCALANCE W700 the IP address subnet mask and gateway are assigned automatically wh...

Страница 81: ...ess DHCP option 66 Assignment of a dynamic TFTP server name DHCP option 67 Assignment of a dynamic boot file name Note DHCP uses a mechanism with which the IP address is assigned for only a short time lease time If the device does not reach the DHCP server with a new request on expiry of the lease time the assigned IP address the subnet mask and the gateway continue to be used The device therefore...

Страница 82: ...gured device to the controller the controller assigns the configured device name and the IP address to the device automatically STEP 7 V5 x and earlier For further information on the assignment of the IP address using STEP 7 V5 x and earlier refer to the documentation Configuring Hardware and Communication Connections STEP 7 in the section Steps for Configuring a PROFINET IO System STEP 7 as of V1...

Страница 83: ...e located on the same link IPv6 interface Physical or logical interface on which IPv6 is activated Path MTU Maximum permitted packet size on a path from a sender to a recipient Path MTU discovery Mechanism for determining the maximum permitted packet size along the entire path from a sender to a recipient LLA Link local address FE80 10 As soon as IPv6 is activated on the interface a link local add...

Страница 84: ...resses consist of 8 fields each with four character hexadecimal numbers 128 bits in total The fields are separated by a colon Example fd00 0000 0000 ffff 02d1 7d01 0000 8f21 Rules simplifications If one or more fields have the value 0 a shortened notation is possible The address fd00 0000 0000 ffff 02d1 7d01 0000 8f21 can also be shortened and written as follows fd00 ffff 02d1 7d01 0000 8f21 To en...

Страница 85: ...r subnet Unique assignment of the host in the net work The ID is generated from the MAC ad dress The prefix for the link local address is always fe80 0000 0000 0000 The prefix is shortened and noted as follows fe80 IPv6 prefix Specified in RFC 4291 The IPv6 prefix represents the subnet identifier Prefixes and IPv6 addresses are specified in the same way as with the CIDR notation Classless Inter Do...

Страница 86: ...IP addresses 5 3 IPv6 address SCALANCE W780 W740 to IEEE 802 11n Web Based Management 86 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 87: ...e connection via HTTPS Use HTTPS for protected data transmission If you wish to access WBM only via a secure connection activate the option HTTPS Server only in System Configuration Requirements WBM display The device has an IP address There is a connection between the device and the client device With the Windows ping command you can check whether or not a connection exists Access via HTTPS is en...

Страница 88: ... Display of the WBM on mobile devices For mobile devices the following minimum requirements must be met Resolution Operating system Internet browser 960 x 640 pixels Android as of version 4 2 1 iOS as of version 6 0 2 Chrome as of version 18 on Android Safari as of version 6 on iOS Tested with the following Internet browsers for mobile devices Safari as of version 8 on iOS as of V8 1 3 iPad Mini M...

Страница 89: ...w the steps below to establish a connection to a device using an Internet browser 1 There is a connection between the device and the client PC With the ping command you can check whether or not a connection exists 2 In the address box of the Internet browser enter the IP address or the URL of the device If there is a problem free connection to the device the logon page of Web Based Management WBM ...

Страница 90: ...n list at the top right select the language version of the WBM pages 2 Click the Go button to change to the selected language Note Available languages As of version 5 2 English and German are available Other languages will follow in a later version Logon with HTTP There are two ways in which you can log on via HTTP You either use the logon option in the center of the browser window or the logon op...

Страница 91: ... Click the Login button or confirm your input with Enter When you log in with the default user admin for the first time or following a Restore Memory Defaults and Restart you will be prompted to change the password You need to repeat the password as confirmation The password entries must match Click the Set Values button to complete the action and activate the new password Once you have logged in ...

Страница 92: ...he admin user has been changed for devices with the US version Specialist personnel for professional WLAN installations can obtain the password from Siemens support 5 Click the Login button or confirm your input with Enter When you log in with the default user admin for the first time or following a Restore Memory Defaults and Restart you will be prompted to change the password You need to repeat ...

Страница 93: ...the device For more detailed information refer to the section IP addresses Page 77 You are logged on in WBM as the admin user For more detailed information refer to the section Login Page 89 Starting the Basic Wizard Click on Wizard Basic Wizard in the navigation area to start the Basic Wizard If you log on the first time or log on after a Restore Memory Defaults and Restart the Basic wizard is al...

Страница 94: ...ic Wizard page you specify the mode of the device After changing the mode a message is displayed If you confirm the message with OK the device restarts with the factory set configuration settings Log in again and start the Basic Wizard to continue the configuration of the device for the selected mode Note Because only access points can work in client mode as well the mode can only be selected for ...

Страница 95: ...restored with the exception of the parameters below followed by a restart IP address Subnet mask IP address of the default gateway DHCP client ID DHCP System name System location System contact User names and passwords Mode of the device After restarting the device you will need to log in again and start the Basic wizard again to configure the device Device Mode Select the mode of the device This ...

Страница 96: ...ata for the specific country the channel division and output power are set by the device according to the country you select Note Locale setting The correct country setting is mandatory for operation complying with the approvals Selecting a country different from the country of use can lead to legal prosecution System Name You can enter the name of the device If you configure this box this configu...

Страница 97: ...page contains the following boxes DHCP Client Specify how the IP address will be assigned There are two methods of assigning IP addresses Enabled The device obtains a dynamic IP address from a DHCP server Disabled You enter the IP settings in the input boxes IP Address and Subnet Mask IP Address Enter an IP address that is unique within your network Subnet Mask Enter the subnet mask of the device ...

Страница 98: ...hich the device can be accessed With some services there are further configuration pages on which more detailed settings can be made Configure these services after completing the Basic Wizard Description The page contains the following boxes Telnet Server enable or disable the Telnet Server service for unencrypted access to the CLI SSH Server Enable or disable the SSH Server service for encrypted ...

Страница 99: ...ut cannot be modified SNMP Select the protocol from the drop down list The following settings are possible SNMP disabled Access to device parameters via SNMP is not possible SNMPv1 v2c v3 Access to device parameters is possible with SNMP versions 1 2c or 3 You can configure other settings in System SNMP General SNMPv3 Access to device parameters is possible with SNMP version 3 You can configure ot...

Страница 100: ...ntenna Type Select the type of external antenna connected to the device If the type of your antenna is not available select the entry User defined Connectors that are not used must have a 50 Ω terminating resistor fitted Select the entry Not used Connect 50 Ohm Termination Note 50 Ω terminating resistor Each WLAN interface has three antenna connectors The antennas R1A1 and R2A1 must be always be c...

Страница 101: ...frequency band Cable length m Enter the length of the flexible antenna connecting cable in meters between the device and the external antenna Additional Attenuation dB Here specify the additional attenuation caused for example by an additional splitter Note If you use other WLAN interfaces make sure that you have adequate channel spacing 6 3 1 6 Radio Settings Introduction On this Basic Wizard pag...

Страница 102: ...or the 2 4 GHz frequency band The selection depends on the country setting WLAN Mode 5 GHz Specify the transmission standard for the 5 GHz frequency band The selection depends on the country setting DFS 802 11h Enabled If the access point discovers a disruption on the current channel for example due to a primary user it automatically switches to an alternative channel You specify the alternative c...

Страница 103: ... points with two WLAN interfaces are operated in the same frequency range this may cause wireless interference on one or both interfaces at a transmit power higher than 15 dBm Tx power check Indicates whether the settings that have been made will violate the permitted transmit power restrictions of the selected country The following parameters influence this calculation max Tx Power Antenna Gain A...

Страница 104: ...40 to IEEE 802 11n Web Based Management 104 Configuration Manual 08 2018 C79000 G8976 C267 13 6 3 1 7 Access Point Einstellungen Introduction On this Basic Wizard page you specify the configuration for the Access Point Note This page is available only in access point mode ...

Страница 105: ... for a free channel itself use Auto If you want to use a fixed channel select the required channel from the drop down list HT Channel Width MHz You can specify the channel bandwidth with the IEEE 802 11n transmission standard The following settings are possible 20 Channel bandwidth 20 MHz 40 up Channel bandwidth 40 MHz The configured channel and the neighboring channel above it are used 40 down Ch...

Страница 106: ... Manual 08 2018 C79000 G8976 C267 13 6 3 1 8 Client Settings Introduction On this Basic Wizard page you specify the configuration for clients for example the assignment of the MAC address Note This page is only available in client mode Description Table 1 contains the following columns Radio Shows the available WLAN interfaces ...

Страница 107: ...Up to eight MAC addresses can be used MAC Address Enter the MAC address of the client The input box can only be edited if you have set Manual for the MAC Mode Any SSID Enabled In client mode the device attempts to connect to the network with the best transmission quality and that has suitable security settings Disabled The client attempts to connect to the network from the SSID list that has the b...

Страница 108: ...is selected automatically Note This page is only available in client mode Description Table 1 contains the following columns Radio Shows the available WLAN interfaces Use Allowed Channels only If you enable the option you restrict the selection of channels via which the client is allowed to establish the connection In the following tables you define the channels on which the client searches for an...

Страница 109: ...irst valid channel of the frequency band remains enabled The tables of the frequency bands have the following columns Radio Shows the available WLAN interfaces Radio Mode Shows the operating mode of the device Channel number To specify the valid channels for the required frequency band select the appropriate check box for the channel number The table displays the permitted channels of the country ...

Страница 110: ... a password WPA2 RADIUS WPA2 PSK with AES provides the greatest security You will find further information on security in the configuration manual under Instructions for secure network design The security settings on both devices must match to allow a client to communicate with an access point Note This page has different columns in access point and in client mode Description This table contains t...

Страница 111: ...2 key in WPA 2 Pass Phrase WPA2 RADIUS WPA2 authentication with RADIUS server You configure the access data on the next Basic Wizard page iPCF authentication This authentication type is shown when iPCF iPCF HT or iPCF MC mode is enabled at the corresponding WLAN interface You can enable iPCF authentication in the iFeatures Page 404 menu Cipher Select the encryption method AUTO AES or TKIP is used ...

Страница 112: ...and the access point and is entered by the user at both ends Note The WPA 2 key can be 8 to 63 ASCII characters or exactly 64 hexadecimal characters long It should be selected so that is complex for example consisting of random numbers letters upper lowercase have few repetitions and special characters Do not use known names words or terms that could be guessed If a device is lost or if the key be...

Страница 113: ...igure them after completing the Basic Wizard with Security WLAN Client Radius Supplicant Note This page is only available in client mode Description Table 1 contains the following columns Security Context Shows the available security contexts Dot1x User Name Enter the user name with which the client will log on with the RADIUS server Dot1x User Password Enter the password for the user name selecte...

Страница 114: ... other settings for example the number of logon attempts with Security WLAN AP Radius Authenticator Note This page is available only in access point mode Description This table contains the following columns Server Role Shows the role of the server Server IP Address Enter the IP address of the RADIUS server The use of the computer name name resolution using DNS instead of the IP address is not sup...

Страница 115: ...ction The settings are summarized on this page The content of the page depends on the set parameters and the mode of the device Check the settings before you exit the Basic Wizard with the Set Values button If settings are incorrect go back using the Prev button and change the settings to the required ones Set Values Click the Set Values button to exit the Basic Wizard The WLAN settings are adopte...

Страница 116: ...E 802 11n Web Based Management 116 Configuration Manual 08 2018 C79000 G8976 C267 13 6 4 Information menu 6 4 1 Startseite View of the Start page When you enter the IP address of the device the start page is displayed after a successful login You cannot configure anything on this page ...

Страница 117: ... 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 117 General layout of the WBM pages The following areas are generally available on every WBM page Selection area 1 Top area Display area 2 Top area Navigation area 3 Left hand area Content area 4 Middle area ...

Страница 118: ...er the time server can be reached If necessary adapt your configuration If the system time is set and or can be synchronized the status is Display area 2 In the upper part of the display area you can see name of the currently logged in user and the full title of the currently selected menu item In the lower part of the display area you will find Logout You can log out from any WBM page by clicking...

Страница 119: ...urrently open tab is marked as favorite Once you have enabled the button once the navigation area is divided into two tabs The first tab Menu contains all the available menus as previously The second tab Favorites contains all the pages tabs that you selected as favorites On the Favorites tab the pages tabs are arranged according to the structure in the Menu tab If you disable all the favorites yo...

Страница 120: ...ne There is a connection to a PROFINET controller The PROFINET controller has downloaded its configuration data to the device The device can send status data to the PROFINET controller In this status the parameters set by the PROFINET controller cannot be configured on the device Offline There is no connection to a PROFINET controller Power Line 1 Power Line 2 Power over Ethernet Status of the pow...

Страница 121: ...ch you can make new entries have a Create button at the lower edge Click this button to create a new entry Delete entries with Delete Pages in which you can delete entries have a Delete button at the lower edge Click this button to delete the previously selected entries from the device memory Deleting also results in an update of the page in the WBM Cancel with Cancel The Basic Wizard pages have t...

Страница 122: ...tomatic Save mode and you change a parameter the following message appears in the display area Changes will be saved automatically in x seconds Press Write Startup Config to save the changes immediately Note Interrupting the save Saving starts only after the timer in the message has elapsed How long saving takes depends on the device During the save the message Saving configuration data in progres...

Страница 123: ...cle number Shows the article number of the device or described module Table 2 has the following columns Software Firmware Shows the current firmware version If a new firmware file was downloaded and the device has not yet restarted the firmware version of the downloaded firmware file is displayed here After the next restart the downloaded firmware is activated and used Bootloader Shows the version...

Страница 124: ...l number version numbers etc You cannot configure anything on this page Description of the displayed values The table has the following rows Manufacturer ID Shows the manufacturer ID Article number Shows the article number Serial Number Shows the serial number Hardware Revision Shows the hardware version Software Revision Shows the software version Revision Counter As of firmware version 4 0 the v...

Страница 125: ...ws the date created during configuration of the device with HW Config of STEP 7 Descriptor Shows the description created during configuration of the device with HW Config of STEP 7 6 4 4 ARP neighbors 6 4 4 1 ARP Tabelle Assignment of MAC address and IPv4 address With the Address Resolution Protocol ARP there is a unique assignment of MAC address to IPv4 address This assignment is kept by each net...

Страница 126: ...automatically Static The addresses were entered as static addresses 6 4 4 2 IPv6 Neighbor Table Assignment of MAC address and IPv6 address Via the IPv6 neighbor table there is a unique assignment of MAC address to IPv6 address This assignment is kept by each network node in its own separate neighbor table Description of the displayed values The table has the following columns Interface Displays th...

Страница 127: ...he address data automatically Static The addresses were entered as static addresses 6 4 5 Log Tables 6 4 5 1 Event log Logging events The device allows you to log occurring events some of which you can specify on the page of the System Events menu This for example allows you to record when an authentication attempt failed or when the connection status of a port has changed The content of the event...

Страница 128: ...rning Warnings When this parameter is enabled all entries of the category Warning are displayed Critical Critical When this parameter is enabled all entries of the category Critical are displayed The table has the following columns Restart Counts the number of restarts since you last reset to factory settings and shows the device restart after which the corresponding event occurred System Up Time ...

Страница 129: ...the table according to severity To display all the entries enable or disable all parameters Note For each severity a maximum of 400 entries in the table are possible If the maximum number of entries is reached for a severity the oldest entries of this severity are overwritten in the table The table remains permanently in the memory Info Information When this parameter is enabled all entries of the...

Страница 130: ...cribed event occurred Severity Shows the severity of the message Log Message Displays a brief description of the event that has occurred You will find the list of possible messages in Appendix D Page 447 of the configuration manual If the system time is set the time is also displayed at which the event occurred 6 4 6 Faults Error status If a fault occurs it is shown on this page On the device faul...

Страница 131: ...g columns Fault Time Shows the time the device has been running since the last restart when the described fault occurred Fault Description Displays a brief description of the error fault that has occurred Clear Fault State Some faults can be acknowledged and thus removed from the fault list e g a fault of the event Cold Warm Start You can acknowledge these faults or remove them from the fault list...

Страница 132: ...t 132 Configuration Manual 08 2018 C79000 G8976 C267 13 If Spanning Tree is turned on the information about the status of the instance selected in the Instance ID drop down list is displayed and the information about the configured ports is shown in the table The information shown depends on the Spanning Tree mode ...

Страница 133: ...ss has the lowest numeric value will become the root bridge Both parameters bridge priority and MAC address together form the bridge identifier Since the root bridge manages all path changes it should be located as centrally as possible due to the delay of the frames The value for the bridge priority is a whole multiple of 4096 with a range of values from 0 to 32768 Bridge Address Root Address The...

Страница 134: ...port The values are only displayed The parameter depends on the configured protocol The following statuses are possible Discarding The port receives BPDU frames Other incoming or outgoing frames are discarded Listening The port receives and sends BPDU frames The port is involved in the spanning tree algorithm Other outgoing and incoming frames are discarded Learning The port actively learns the to...

Страница 135: ... transmission speed The higher the achievable transmission speed is the lower the value of the path costs Typical values for path costs with rapid spanning tree 10 000 Mbps 2 000 1000 Mbps 20 000 100 Mbps 200 000 10 Mbps 2 000 000 Edge Type Shows the type of the connection The following values are possible Edge Port An edge port is connected to this port No Edge Port There is a spanning tree or ra...

Страница 136: ...nt Information Base MIB Displayed values The table has the following columns In Octet Shows the number of received bytes Out Octet Shows the number of sent bytes In Unicast Shows the number of received unicast frames In Non Unicast Shows the number of received frames that are not of the type unicast Out Unicast Shows the number of sent unicast frames Out Non Unicast Shows the number of sent frames...

Страница 137: ... how many frames of which size were received at each port You cannot configure anything on this page Description The table has the following columns Port Shows the available ports Frame lengths The other columns after the port number contain the absolute numbers of incoming frames according to their frame length The following frame lengths are distinguished 64 bytes 65 127 bytes 128 255 bytes 256 ...

Страница 138: ...st and BroadcastBroadcast were received at each port You cannot configure anything on this page Description The table has the following columns Port Shows the available ports Unicast Multicast Broadcast The other columns after the port number contain the absolute numbers of the incoming frames according to their frame type Unicast Multicast and Broadcast 6 4 8 4 Packet Error Bad received frames Th...

Страница 139: ...r types CRC Cyclic Redundancy Code The packet length is between 64 and 1518 bytes The CRC of the packet is invalid Undersize The packet length is less than 64 bytes The CRC of the packet is valid Oversize The packet length is more than 1518 bytes The CRC of the packet is valid Fragments The packet length is less than 64 bytes The CRC of the packet is invalid Jabbers The frame length is more than 1...

Страница 140: ...fied address was learned by receiving a frame from this node and will be deleted when the aging time expires if no further packets are received from this node Invalid These values are not evaluated Port Shows the port via which the node with the specified address can be reached Frames received by the device whose destination address matches this address will be forwarded to this port 6 4 10 IPv6 r...

Страница 141: ...ol from which the entry in the routing table originates The following entries are possible Connected Connected routes Static Static routes RIPng Routes via RIPng OSPFv3 Routes via OSPFv3 Other Other routes 6 4 11 DHCP Server This page shows which IPv4 addresses were assigned to the devices by the DHCP server Description IP Address Shows the IPv4 address assigned to the DHCP client Pool ID Shows th...

Страница 142: ...he assignment is used Not used The assignment is not used Probing The assignment is being checked Unknown The status of the assignment is unknown Expire Time Shows until when the assigned IPv4 address is still valid Up to this time the DHCP client must either request a new IPv4 address or extend the lease time of the assigned IPv4 address 6 4 12 SNMP This page displays the created SNMPv3 groups Yo...

Страница 143: ...740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 143 6 4 13 Security 6 4 13 1 Overview Note The values displayed depend on the rights of the logged on user This page shows the security settings and the local and external user accounts ...

Страница 144: ...h HTTP and HTTPS HTTPS Access to the WBM is now only possible with HTTPS SNMP You can configure setting in System SNMP General SNMP disabled Access to device parameters via SNMP is not possible SNMPv1 v2c v3 Access to device parameters is possible with SNMP versions 1 2c or 3 SNMPv3 Access to device parameters is possible only with SNMP version 3 Management ACL You configure the setting in Securit...

Страница 145: ...d Local and external user accounts You configure local user accounts and roles in Security User Accounts When you create a local user account an external user account is generated automatically Local user accounts involve users each with a password for logging in on the device In the table External User Accounts a user is linked to a role In this example the user Observer is linked to the user rol...

Страница 146: ...e role in Information Security Roles 6 4 13 2 Supported Function Rights Note The values displayed depend on the role of the logged on user The page shows the function rights available locally on the device Description of the displayed values Function Right Shows the number of the function right Different rights relating to the device parameters are assigned to the numbers Description Shows the des...

Страница 147: ... 1 Users with this role can read device parameters but cannot change them 15 Users with this role can both read and change device parameters 0 This is a role that the device assigns internally when a user could not be authenticated The user is denied access to the device Description Shows a description of the role 6 4 13 4 Groups Note The values displayed depend on the role of the logged on user T...

Страница 148: ...rver Role Shows the name of the role Users who are authenticated with the linked group on the RADIUS server receive the rights of this role locally on the device Description Shows a a description for the link 6 4 13 5 Inter AP blocking Note This WBM page is only available in access point mode This WBM page is enabled with the following KEY PLUGs W780 iFeatures MLFB 6GK5 907 8PA00 W700 Security MLF...

Страница 149: ...ce to which the settings relate MAC Address Shows the MAC address of the SCALANCE W device with which the client may communicate IP Address Shows the IPv4 address of the SCALANCE W device with which the client may communicate Resolver IP Address Shows the IPv4 address with which the permitted IPv4 address is resolved 6 4 14 WLAN 6 4 14 1 Overview AP Overview of the configuration This page shows th...

Страница 150: ...LAN Mode Shows the transmission standard If DFS is activated the transmission standard 802 11h is not shown additionally but only the configured transmission standard 802 11a Configured Channel Shows the configured channel If Auto is displayed the access point searches for a free channel itself Alternative DFS Channel If the DFS function is enabled the configured alternative channel of the access ...

Страница 151: ... up Channel bandwidth 40 MHz The configured channel and the neighboring channel above it are used 40 down Channel bandwidth 40 MHz The configured channel and the neighboring channel below it are used Note Channel bandwidth 40 MHz and frequency band 2 4 GHz If the access point detects another access point on the configured channel or on neighboring channels the access point changes the channel band...

Страница 152: ...System Encryption or Shared Key is used the Encrypted WEP AES is displayed for both authentication methods If iPCF iPCF HT or iPCF MC mode is enabled on a WLAN interface the following is displayed depending on the encryption status iPCF Encrypted AES Encryption is enabled iPCF authentication Encryption is disabled State Shows the status of the WLAN interface enabled The WLAN interface is enabled d...

Страница 153: ...t different VAP interfaces both clients can receive the same ID Radio Shows the available WLAN interfaces Port Shows the VAP interface Type Shows the client type for example Sta stands for IEEE 802 11 standard client MAC Address Shows the MAC address of the client System Name Shows the system name of the client if the client communicates this to the access point Not all clients support this parame...

Страница 154: ... 802 11a Max Data Rate Mbps Shows the maximum data transmission speed in megabits per second State Shows the current status of the connection for example connected means that the client is connected to the access point and is ready to communicate with the AP 6 4 14 3 WDS List Communication between access points In normal operation the access point is used as an interface to a network and communica...

Страница 155: ... signal strength of the connected access point in bBm Signal strength Shows the signal strength of the connected access point as a percentage Security Shows which authentication method is used If the authentication method Open System Encryption or Shared Key is used the Encrypted WEP AES is displayed for both authentication methods If iPCF iPCF HT or iPCF MC mode is enabled on a WLAN interface the...

Страница 156: ... should therefore make sure that there is adequate channel spacing to neighboring access points This WBM page shows all access points that are visible on the set or adjacent channels at 2 4 GHz If entries exist here the maximum data throughput of the access point and the availability of the communication link to the access point is potentially impaired Description Table 1 has the following columns...

Страница 157: ...ss point Signal Strength dBm Shows the signal strength of the client in bBm Signal strength Shows the signal strength of the client as a percentage Age s Shows the time that has elapsed since the last access point activity Security Shows which authentication method is used If the authentication method Open System Encryption or Shared Key is used the Encrypted WEP AES is displayed for both authenti...

Страница 158: ...000 G8976 C267 13 6 4 14 5 Force roaming In access point mode In client mode This WBM page shows the current status of the connection It also shows whether there is roaming The device monitors the connection to certain addresses cyclically To achieve this the device sends echo messages pings to the configured destination addresses at regular intervals ...

Страница 159: ...igured No destination address is configured idle The configuration is incomplete up The destination address is reachable down The destination address is unreachable Force Roaming on IP down Indicates whether roaming is currently being performed Inactive No roaming is being performed No change to the WLAN interface Active None of the destination addresses is reachable To force the logged on clients...

Страница 160: ...gned to the interface Automatic The client automatically adopts the source MAC address of the first frame that it receives over the Ethernet interface Manual The address was entered manually Own The client uses the MAC address of the Ethernet interface for the WLAN interface Layer 2 Tunnel The client uses the MAC address of the Ethernet interface for the WLAN interface The network is also informed...

Страница 161: ...ccess point detects another access point on the configured channel or on neighboring channels the access point changes the channel bandwidth from 40 MHz to 20 MHz If you set a free channel on the access point the access point uses the channel bandwidth 40 MHz Connected BSSID Shows the MAC address of the access point to which the client is connected Connected SSID Shows the SSID of the access point...

Страница 162: ...he WLAN interface is disabled 6 4 14 7 Available APs Available access points Note This page is only available for clients or access points in client mode This page shows all the access points visible to the client The list also includes the access points to which the client cannot connect due to its configuration Note Display when iPCF mode is activated If the iPCF mode is active with a SCALANCE W...

Страница 163: ...he access point in bBm Signal strength Shows the signal strength of the access point as a percentage Type Shows the mode of the WLAN interface Security Shows which authentication method is used If the authentication method Open System Encryption or Shared Key is used the Encrypted WEP AES is displayed for both authentication methods If iPCF iPCF HT or iPCF MC mode is enabled on a WLAN interface th...

Страница 164: ...es are addressed only by IP frames Communication at MAC address level ISO OSI layer 2 can be established with one component whose MAC address is configured on the client be established with a maximum of eight components if the Layer 2 Tunnel function is selected The Layer 2 Tunnel setting meets the requirements of industrial applications in which MAC address based communication takes place with se...

Страница 165: ... the WLAN client MAC mode Frames sent by the client to the access point always have the MAC address of the WLAN client as the source MAC address In the learning table of the access point there is therefore only the MAC address of the WLAN client If there are further SCALANCE W700 devices downstream from the client the Automatic option should not be enabled In this case the MAC address would be ass...

Страница 166: ...ation Manual 08 2018 C79000 G8976 C267 13 6 4 14 9 Background noise The page displays the background noise of the channel Description Connector Shows the name of the relevant antenna connector Channel dBm Shows the background noise of the set channel Extended Channel dBm Shows the background noise of the extended channel HT 40 ...

Страница 167: ... following columns Interface Shows the WLAN interface to which the entries apply Error types The other columns after the WLAN interface contain the absolute numbers of the frames sent according to their error type The columns of the table distinguish the following error types Transmission Errors Shows the number and percentage of bad frames that were sent Dropped Frames Shows the number and percen...

Страница 168: ...mns after the WLAN interface contain the absolute numbers of the frames received according to their error type The columns of the table distinguish the following error types Received Errors Shows the number and percentage of bad frames that were received Duplicated Frames Shows the number and percentage of frames that were received twice Decryption Errors Shows the number and percentage of incorre...

Страница 169: ...the entries apply Frame Management Frames Shows the number of management frames Association Requests Shows the number of requesting association frames relevant for a logon Association Responses Shows the number of responding association frames relevant for a logon Disassociation Requests Shows the number of requesting disassociation frames relevant for a logoff Authentication Requests Shows the nu...

Страница 170: ...h the entries apply Frame Management Frames Shows the number of management frames Association Requests Shows the number of requesting association frames relevant for a logon Association Responses Shows the number of responding association frames relevant for a logon Disassociation Requests Shows the number of requesting disassociation frames relevant for a logoff Authentication Requests Shows the ...

Страница 171: ...ny frames were sent per VAP interface Description The table has the following columns Interface Shows the VAP interface to which the entries apply Frame types The other columns after the VAP interface contain the absolute numbers of the sent frames according to the frame types In the columns of the table a distinction is made according to the following frame types Data Frames Shows the number of s...

Страница 172: ...nual 08 2018 C79000 G8976 C267 13 Multicast Broadcast Frames Shows the number of sent multicast and broadcast frames Unicast Frames Shows the number of sent unicast frames Average Data Rate Shows the average data rate of the last data frames sent 6 4 15 5 Data Received The WBM page shows how many frames were received per VAP interface ...

Страница 173: ...e types Data Frames Shows the number of sent data frames Multicast Broadcast Frames Shows the number of sent multicast and broadcast frames Unicast Frames Shows the number of sent unicast frames Average Data Rate Shows the average data rate of the last data frames sent 6 4 16 WLAN iFeatures 6 4 16 1 iREF Client List The WBM page shows the antenna connector via which the clients logged on to the ac...

Страница 174: ...nection ID is unique within a VAP interface If two clients log on at different VAP interfaces both clients can receive the same ID Radio Shows the available WLAN interfaces Port Shows the VAP interface MAC Address Shows the MAC address of the client System Name Shows the system name of the client if the client communicates this to the access point Not all clients support this parameter Tx Chain Sh...

Страница 175: ...M page is only available in access point mode This WBM page can only be configured with the following KEY PLUG Access point W780 iFeatures MLFB 6GK5 907 8PA00 Description The page contains the following box Connected WDS partners Shows the number of access points logged on to the access point The table has the following columns Radio Shows the available WLAN interfaces Port Shows the WDS interface...

Страница 176: ...age 6 4 16 3 AeroScout This page shows information on forwarding AeroScout frames Note This WBM page is only available in access point mode This WBM page can only be configured with the following KEY PLUG Access point W780 iFeatures MLFB 6GK5 907 8PA00 Note The AeroScout function cannot be combined with other iFeatures iPCF iPCF MC iREF AeroScout can only be used in the 2 4 GHz band according to I...

Страница 177: ...IP The IP address of the computer on which the management program for evaluation of the AeroScout frames is running Multicast address The tag sends frames as multicast This multicast address is configured in the management program and displayed here Sent confirmations The number of confirmations sent by the SCALANCE W700 device to the management program as a result of cyclic queries or manual conf...

Страница 178: ...on which the iPRP clients are logged on iPRP Client Shows the MAC address of the iPRP client ActivationState Shows whether or not iPRP is enabled Partner Client Shows the MAC address of the partner client Partner BSS Shows the MAC address of the access point to which the partner client is connected Delete Frames Sent Shows the number of iPRP delete frames that the device access point client has se...

Страница 179: ...e only So that both clients do not search for an access point and change to the scan mode at he same time they synchronize with each other Synchronization can have the following statuses idle Idling No scanning requested Query to the partner client whether scanning is possible pending Scanning is possible Waits for the start of scanning and then changes to the status foreground or background backg...

Страница 180: ... access options of the device Specify the services that access the device With some services there are further configuration pages on which more detailed settings can be made Description of the displayed boxes The page contains the following boxes Telnet Server Enable or disable the Telnet Server service for unencrypted access to the CLI SSH Server Enable or disable the SSH Server service for encr...

Страница 181: ...e Select the setting from the drop down list The following settings are possible Manual The system time is set manually You can configure other settings in System System Time Manual Setting SIMATIC Time The system time is set using a SIMATIC time transmitter You can configure other settings in System System Time SIMATIC Time Client SNTP Client The system time is set via an SNTP server You can conf...

Страница 182: ...d In addition to this the following message appears in the display area Changes will be saved automatically in x seconds Press Write Startup Config to save immediately Note Interrupting the save Saving starts only after the timer in the message has elapsed How long saving takes depends on the device During the save the message Saving configuration data in progress Please do not switch off the devi...

Страница 183: ...al device information The boxes Current System Time System Up Time and Device Type cannot be changed Description The page contains the following boxes Current System Time Shows the current system time The system time is either set by the user or by a time of day frame either SINEC H1 time of day frame NTP or SNTP readonly System Up Time Shows the operating time of the device since the last restart...

Страница 184: ...ter the contact person responsible for the device in the System Contact input box 2 Enter the identifier for the location at which the device is installed in the System Location input box 3 Enter the name of the device in the System Name input box 4 Click the Set Values button 6 5 2 2 Coordinates Information on geographic coordinates In the Geographic Coordinates window you can enter information o...

Страница 185: ... N Longitude input box Geographic longitude Here you enter the value of the eastern or western longitude of the location of the device The value 8 20 58 73 means that the device is located at 8 degrees 20 minutes and 58 73 seconds east A western longitude is indicated by a preceding minus sign You can also add the letter E easterly longitude or W westerly longitude to the numeric information 8 20 ...

Страница 186: ...s a dynamic IPv4 address from a DHCP server IP Address Enter the IPv4 address of the device After clicking the Set Values button this IPv4 address is also displayed in the address bar of the Web browser If this does not take place automatically you will need to enter the IPv4 address in the address bar of the Web browser manually Subnet Mask Enter the subnet mask of the device Default Gateway Ente...

Страница 187: ...MAC Address Shows the MAC address of the device The MAC address is linked to the hardware and cannot be modified Procedure 1 In the input boxes enter the IP address subnet mask and the default gateway 2 Select the assigned VLAN ID from the Agent VLAN ID drop down list If the drop down list cannot be enabled check whether the Base Bridge Mode parameter is set to 802 1 Q VLAN Bridge You configure th...

Страница 188: ...s is only valid on the link Address Configuration Specify the mechanism for the address configuration Automatic default The IPv6 address is created using a stateless mechanism or a stateful mechanism DHCPv6 Status dependent Obtains the IPv6 address and the configuration file from the DHCPv6 server SLAAC Stateless Address Auto Configuration Stateless autoconfiguration using NDP Neighbor Discovery P...

Страница 189: ...l IPv6 address is displayed Assigning link local address 1 Enable IPv6 2 In IPv6 Address enter the link local address e g FE80 21B 1BFF FE40 9155 3 Enter 128 in Prefix Length 4 For IPv6 Address Type select the entry Link Local 5 For Address Configuration select the entry Static 6 Click the Create button In the table an entry with the interface is created and the IPv6 address is displayed The autom...

Страница 190: ...packets will be sent Administrative Distance Enter the metric for the route The metric corresponds to the quality of a connection based for example on speed or costs If there are several equal routes the route with the lowest metric value is used Range of values 1 254 Interface Specify the interface via which the network address of the destination is reached This table contains the following colum...

Страница 191: ... Click the Set Values button 6 5 5 DNS On this page you can manually configure up to 3 DNS servers with IPv4 or IPv6 addresses Manually configured DNS servers are each assigned an index from 1 to 3 Using DHCP the device can learn 2 DNS servers with IPv4 addresses An index from 4 to 7 is automatically assigned to learned DNS servers If there is more than one DNS server the order in the table specif...

Страница 192: ...vice uses only the DNS servers assigned by DHCP manual only The device uses only the manually configured DNS servers The DNS servers must be connected to the Internet A maximum of three DNS servers can be configured all The device uses all available DNS servers DNS Server Address Enter the IP address of the DNS server The table for the DNS servers with the following columns Select Select the check...

Страница 193: ...ck the Delete button The entry is deleted 6 5 6 Restart Resetting to the defaults In this screen there is a button with which you can restart the device and various options for resetting to the device defaults Note Note the following points about restarting a device You can only restart the device with administrator privileges A device should only be restarted with the buttons of this menu or with...

Страница 194: ...d Restart Click this button to restore the factory configuration settings with the exception of the following parameters and to restart IP addresses Subnet mask IP address of the default gateway DHCP client ID DHCP System name System location System contact User names and passwords Mode of the device DHCPv6 Rapid Commit Restore Factory Defaults and Restart Click this button to restore the factory ...

Страница 195: ...nfirm the changes with the Commit Changes button Note If you configure the SCALANCE W device via the WLAN interface we recommend that you use the Manual Commit setting Check the parameters again before you confirm the changes with the Commit Changes button Description The page contains the following boxes Commit Mode Select the required setting from the drop down list Automatic Commit Each change ...

Страница 196: ...ion rights The passwords are stored in the Users file X X ConfigPack Detailed configuration information for example start configuration users certificates favorites firmware of the device if saved as well For more detailed information on creating and us ing the ConfigPack incl firmware refer to the sec tion Maintenance Page 421 X X CountryList The zip file contains the country list as a csv and as...

Страница 197: ...ile and upload it to other devices X X X WLANAuthlo g File with entries from the WLAN Authentication Log information on successful or failed authentication attempts X WLANCert in client mode only User certificate You can specify a password for the user certificate on the WBM page Load Save Password Maximum file size 8192 bits X X X WLANServC ert in client mode only Server certificate Maximum file ...

Страница 198: ...e X Firmware The firmware is signed and encrypted This ensures that only firmware created by Siemens can be down loaded to the device X X GSDML Information on the device properties PROFINET X HTTPS Cert Preset HTTPS certificates including key The preset and automatically created HTTPS certifi cates are self signed We strongly recommend that you create your own HTTPS certificates and make them avai...

Страница 199: ...es from the WLAN Authentication Log information on successful or failed authentication attempts X WLANCert in client mode only User certificate You can specify a password for the user certificate on the WBM page Load Save Password Maximum file size 8192 bits X X WLANServerCert in client mode only Server certificate Maximum file size 8192 bits X X WLANSigRec in client mode only The zip file contain...

Страница 200: ...ity with previous versions with PLUG inserted During the installation of a previous version the configuration data and log files can be lost In this case the device starts up with the factory settings after the firmware has been installed In this situation if a PLUG is inserted in the device following the restart this has the status Not Accepted since the PLUG still has the configuration data of t...

Страница 201: ...ations RunningCLI and upload your own CLI scripts Script Note The downloadable CLI script RunningCLI is not intended to be uploaded again unchanged Description The table has the following columns File type Shows the name of the file Note Size of certificate files With certificate files only certificates with a maximum of 8192 bits are supported Description Shows the short description of the file t...

Страница 202: ...nt to load 3 Click the Open button in the dialog The file is now loaded Whether or not a restart is necessary depends on the loaded file If a restart is necessary a message to this effect will be output Other files are executed immediately for example the CLI script file and new settings are applied without a restart Saving files using HTTP 1 Start the save function by clicking the one of the Save...

Страница 203: ...e from a file located on your client PC Firmware The firmware is signed and encrypted This ensures that only firmware created by Siemens can be downloaded to the device Note Incompatibility with predecessor versions During the installation of a previous version the configuration data and log files can be lost In this case the device starts up with the factory settings after the firmware has been i...

Страница 204: ...before the configuration files ConfigPack and Config are transferred In Trial mode although the changes are adopted they are not saved in the configuration files ConfigPack and Config Use the Write Startup Config button on the System Configuration WBM page to save changes in the configuration files CLI script file You can download existing CLI configurations RunningCLI and upload your own CLI scri...

Страница 205: ...ly certificates with a maximum of 8192 bits are supported Description Shows the short description of the file type Filename Enter a file name Actions Select the action from the drop down list The selection depends on the selected file type for example the log file can only be saved The following actions are possible Save file With this selection you save a file on the TFTP server Load file With th...

Страница 206: ...t is saved This means that you cannot edit the files with a text editor 6 5 8 3 SFTP Loading and saving data via a SFTP server SFTP SSH File Transfer Protocol transfers the files encrypted On this page you configure the access data for the SFTP server The WBM also allows you to store device data in an external file on your client PC or to load such data from an external file from the PC to the dev...

Страница 207: ...tion The page contains the following boxes SFTP Server Address Enter the IP address or the FQDN of the SFTP server with which you exchange data SFTP Server Port Enter the port of the SFTP server via which data exchange will be handled If necessary you can change the default value 22 to your own requirements SFTP User Enter the user for access to the SFTP server This assumes that a user with the co...

Страница 208: ...erver Load file With this selection you load a file from the SFTP server Procedure Loading or saving data using SFTP 1 Enter the address of the SFTP server in SFTP Server Address 2 Enter the port of the SFTP server to be used in SFTP Server Port 3 Enter the user data user name and password required for access to the SFTP server 4 If applicable enter the name of a file in which you want to save the...

Страница 209: ...ces you want to configure in this way 3 If individual settings are necessary for specific devices these must be made online on the relevant device Note Configuration data has a checksum If you change the data you can no longer upload it to the IE switch 6 5 8 4 Passwords Password for certificates With this menu item you can enter a password for encrypted certificates User server or HTTPS certifica...

Страница 210: ...sword you can only use the following readable ASCII characters 0x20 0x7e Password Confirmation Confirm the password State Shows whether the current settings for the file match the device Valid the Enabled check box is selected and the password matches the certificate Invalid the Enabled check box is selected but the password does not match the certificate or no certificate has been loaded yet The ...

Страница 211: ...the relevant check boxes of the columns Description With Table 1 you can enable or disable all check boxes of a column of Table 2 at once Table 1 has the following columns All Events Shows that the settings are valid for all events of table 2 E mail Trap Log Table Syslog Faults Enable or disable the required type of notification for all events If No Change is selected the entries of the correspond...

Страница 212: ...ing the response of the signaling contact or the power supply monitoring Overlap AP Detection only in access point mode This event is triggered when there is an entry in the Overlap AP list WDS Only in access point mode The connection status of a WDS link has changed DFS Only in access point mode This event occurs if a radar signal was received or the DFS scan was started or stopped WLAN Authentic...

Страница 213: ...The device writes an entry in the event log table Syslog The device writes an entry to the system log server This is only possible if the system log server is set up and the Syslog client function is enabled Faults The device triggers an error The error LED lights up Procedure Follow the steps below to change entries 1 Select the check box in the row of the required event Select the event in the c...

Страница 214: ...f the severity level Warning Info System events are processed as of the severity level Info Procedure Follow the steps below to configure the required level 1 Select the required values from the drop down lists of the second table column after the client types 2 Click the Set Values button 6 5 10 SMTP Client Network monitoring with e mails The device provides the option of automatically sending an...

Страница 215: ... Client Enable or disable the SMTP client Sender Email Address Enter the name of the sender to be included in the e mail for example the device name This setting applies to all configured SMTP servers Send Test Mail Send a test e mail to check your configuration SMTP Port Enter the port via which your SMTP server can be reached Factory settings 25 This setting applies to all configured SMTP server...

Страница 216: ...ss to which the device sends an e mail if a fault occurs Procedure 1 Enable the SMTP Client option 2 Enter the IP address the FQDN or the host name of the SMTP server in the SMTP Server Address input box 3 Click the Create button A new entry is generated in the table 4 In the Receiver Email Address input box enter the e mail address to which the device sends an e mail if a fault occurs 5 Click the...

Страница 217: ...he same IPv4 address in response to its request Description The page contains the following boxes DHCP client configuration file request opt 66 67 Select this option if you want the DHCP client to use options 66 and 67 to download and then enable a configuration file DHCP Mode Select the DHCP mode from the drop down list The following modes are possible via MAC Address Identification is based on t...

Страница 218: ...e If a configuration file is downloaded this can trigger a system restart If the currently running configuration and the configuration in the downloaded configuration file differ the system is restarted Make sure that the option DHCP Client Configuration Request Opt 66 67 is no longer set 6 5 11 2 DHCP Server You can operate the device as a DHCP server This allows IPv4 addresses to be assigned aut...

Страница 219: ...08 2018 C79000 G8976 C267 13 219 Requirements for the DHCP server In access point mode The connected devices are configured so that they obtain the IPv4 address from a DHCP server In client mode The connected devices are configured so that they obtain the IPv4 address from a DHCP server NAT is enabled You enable NAT in Layer 3 NAT ...

Страница 220: ...ver sends ICMP echo messages ping to the IPv4 address If no reply is received the DHCP server can assign the IPv4 address Note If there are devices in your network on which the echo service is disabled as default there may be conflicts with the IPv4 addresses To avoid this assign these devices an IPv4 address outside the IPv4 address band The table has the following columns Select Select the check...

Страница 221: ... start of the dynamic IPv4 address band The IPv4 address must be within the network address range you configured for Subnet Upper IP address Enter the IPv4 address that specifies the end of the dynamic IPv4 address band The IPv4 address must be within the network address range you configured for Subnet Lease Time sec Specify for how many seconds the assigned IPv4 address remains valid When half th...

Страница 222: ...us DHCP options are defined in RFC 2132 The DHCP options 1 3 6 12 66 and 67 are created automatically when the IPv4 address band is created With the exception of option 1 the options can be deleted With the DHCP option 3 the internal IPv4 address of the device is automatically set as a DHCP parameter Note DHCP options not supported The DHCP options 50 60 and 255 are not supported The table has the...

Страница 223: ...ot file in the string format DHCP options 3 Router and 6 DNS Enter the DHCP parameter as an IPv4 address e g 192 168 100 2 With DHCP option 6 you can specify several IPv4 addresses separated by commas DHCP option 12 host name Enter the host name in the string format DHCP option 66 TFTP Server Enter the TFTP server as an IPv4 address e g 192 168 100 2 or the FQDN name All other DHCP options Enter t...

Страница 224: ... a freely defined DHCP client ID The client ID can be up to a maximum of 254 characters long Value Enter the MAC address or the client ID and click the Create button to create the entry Note A maximum of 20 entries are possible The table has the following columns Select Select the check box in the row to be deleted Pool ID Shows the number of the IPv4 address band Note Only Pool ID 1 is supported ...

Страница 225: ...780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 225 6 5 12 SNMP 6 5 12 1 General Configuration of SNMP On this page you make the basic settings for SNMP Enable the check boxes according to the function you want to use ...

Страница 226: ...lues public or private Change the community strings following the initial installation The recommended minimum length for community strings is 6 characters For security reasons only limited access to objects of the SNMPCommunityMIB is possible with the SNMPv1 v2c Read Community String With the SNMPv1 v2c Read Write Community String you have full access to the SNMPCommunityMIB SNMPv1 v2c Read Commu...

Страница 227: ...ated To generate the ID the agent MAC address of the device is used You cannot transfer this SNMP user configuration to other devices If you load the configuration of the device on another device all configured SNMPv3 users are deleted SNMP Engine ID Shows the SNMP engine ID Procedure 1 Select the required option from the SNMP drop down list disabled SNMPv1 v2c v3 SNMPv3 2 Enable the SNMPv1 v2c Re...

Страница 228: ...iguration Description Trap Receiver Address Enter the IP address or the FQDN Fully Qualified Domain Name of the station to which the device sends SNMP traps You can specify up to ten different recipients servers The table has the following columns Select Select the row you want to delete Trap Receiver Address If necessary change the IP address or the FQDN Fully Qualified Domain Name of the station...

Страница 229: ...missions to be assigned authentication and encryption at protocol level The security level and read write permissions are assigned according to groups The settings automatically apply to every member of a group Description The page contains the following boxes Group Name Enter the name of the group The maximum length is 32 characters Security Level Select the security level authentication encrypti...

Страница 230: ...also need to enable read access Persistence Shows whether or not the group is assigned to an SNMPv3 user If the group is not assigned to an SNMPv3 user no automatic saving is triggered and the configured group is deleted after restarting the device Yes The group is assigned to an SNMPv3 user No The group is not assigned to an SNMPv3 user Procedure Creating a new group 1 Enter the required group na...

Страница 231: ...for the group in Write 3 Click the Set Values button Note Once a group name and the security level have been specified they can no longer be modified after the group is created If you want to change the group name or the security level you will need to delete the group and recreate it and reconfigure it with the new name Deleting a group 1 Enable Select in the row to be deleted Repeat this for all...

Страница 232: ...users The user based security model works with the concept of the user name in other words a user ID is added to every frame This user name and the applicable security settings are checked by both the sender and recipient Description The page contains the following boxes User Name Enter a freely selectable user name After you have entered the data you can no longer modify the name The table has th...

Страница 233: ...ter the authentication password in the first input box This password must have at least 1 character the maximum length is 32 characters Note Length of the password As an important measure to maximize security we recommend that the password has a minimum length of 6 characters and that it contains special characters uppercase lowercase letters numbers Authentication Password Confirmation Confirm th...

Страница 234: ...ct the group to which the new user will belong If the group has not yet been created change to the v3 Groups page and make the settings for this group 4 If an authentication is necessary for the selected group select the authentication algorithm in Authentication Protocol In the relevant input boxes enter the authentication password and its confirmation 5 If encryption was specified for the group ...

Страница 235: ...nually Description The page contains the following boxes Time Manually Enable the manual time setting If you enable the option the System Time input box can be edited System Time Enter the date and time in the format MM DD YYYY HH MM SS After a restart the time of day begins at 01 01 2000 00 00 00 Use PC Time Click the button to use the time setting of the PC Last Synchronization Time Shows when t...

Страница 236: ...over is active active offset 1 h The system time was changed to daylight saving time in other words an hour was added You can see the current system time at the top right in the selection area of the WBM The current time including daylight saving time is displayed in the System Time box inactive offset 0 h The current system time is not changed Procedure 1 Enable the Time Manually option 2 In the ...

Страница 237: ... new line with a unique number is created Name Shows the name of the entry Year Shows the year for which the entry was created Start Date Shows the month day and time for the start of daylight saving time End Date Shows the month day and time for the end of daylight saving time Recurring Date With an entry of the type Rule the period in which daylight saving time is active is displayed consisting ...

Страница 238: ...geover Procedure Creating an entry 1 Click the Create button A new entry is created in the table 2 Click on the required entry in the DST No column You change to the DST Configuration page 3 Select the required type in the Type drop down list Depending on the selected type various settings are available 4 Enter a name name in the Name box 5 If you have selected the type Date fill in the following ...

Страница 239: ...ht saving time changeover or specify a fixed date Settings Note The content of this page depends on the selection in the Type box The boxes DST No Type and Name are always shown DST No Select the type of the entry Type Select how the daylight saving time changeover is made Date You can set a fixed date for the daylight saving time changeover This setting is suitable for regions in which the daylig...

Страница 240: ...rt and end of daylight saving time Year Enter the year for the daylight saving time changeover Start Date Enter the following values for the start of daylight saving time Day Specify the day Hour Specify the hour Month Specify the month End Date Enter the following values for the end of daylight saving time Day Specify the day Hour Specify the hour Month Specify the month Settings with Rule select...

Страница 241: ...Configuring with Web Based Management 6 5 System menu SCALANCE W780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 241 ...

Страница 242: ...rst to fifth or the last week of the month Day Specify the weekday End Date Enter the following values for the end of daylight saving time Hour Specify the hour Month Specify the month Week Specify the week You can select the first to fifth or the last week of the month Day Specify the weekday 6 5 13 4 SNTP Client Time of day synchronization in the network SNTP Simple Network Time Protocol is used...

Страница 243: ...t normal time received by the device If you specify a time zone the time information is adapted accordingly Last Synchronization Time Shows when the last time of day synchronization took place Last Synchronization Mechanism Shows how the last time synchronization was performed The following methods are possible Not set The time was not set Manual Manual time setting SNTP Automatic time of day sync...

Страница 244: ...ode the device is passive and receives SNTP frames that deliver the time of day Settings in the input boxes SNTP Server Address and SNTP Server Port have no effect in this mode In this mode only IPv4 addresses are supported Poll If you select this mode the input box Poll Interval s is displayed to allow further configuration In this mode the settings in the input boxes SNTP Server Address and SNTP...

Страница 245: ...e step 2 Query interval step 4 Time server step 5 Port step 7 Complete the configuration with step 8 Listen For this mode you need to configure the following Time difference to the time sent by the server step 2 Complete the configuration with step 8 4 In the Poll Interval s input box enter the time in seconds after which a new time query is sent to the time server 5 In the SNTP Server Address inp...

Страница 246: ... adapted accordingly Last Synchronization Time Shows when the last time of day synchronization took place Last Synchronization Mechanism Shows how the last time synchronization was performed The following methods are possible Not set The time was not set Manual Manual time setting SNTP Automatic time of day synchronization with SNTP NTP Automatic time of day synchronization with NTP SIMATIC Automa...

Страница 247: ...not changed NTP Server Address Enter the IPv4 address or the FQDN Fully Qualified Domain Name of the NTP server NTP Server Port Enter the port of the NTP server The following ports are possible 123 standard port 1025 to 36564 Poll Interval s Here enter the interval between two time queries In this box you enter the query interval in seconds Possible values are 64 to 1024 seconds Procedure 1 Click ...

Страница 248: ...ast Synchronization Time Shows when the last time of day synchronization took place Last Synchronization Mechanism Shows how the last time synchronization was performed The following methods are possible Not set The time was not set Manual Manual time setting SNTP Automatic time of day synchronization with SNTP NTP Automatic time of day synchronization with NTP SIMATIC Automatic time of day synchr...

Страница 249: ...the interval is shorter than the configured time the connection is kept alive although no user data is transferred You have set for example 300 seconds for the automatic logoff and the Keep alive function is set to 120 seconds In this case a packet is sent every 120 seconds that keeps the connection up Turn off the Keep alive interval time 0 or Set the interval high enough so that the underlying c...

Страница 250: ...erver in your network that receives the log entries Since this is a UDP connection there is no acknowledgment to the sender The IP address or the FQDN Fully Qualified Domain Name of the Syslog server is entered in the device Description The page contains the following boxes Syslog Client Enable or disable the Syslog function Syslog Server Address Enter the IP address the FQDN Fully Qualified Domai...

Страница 251: ... entry 1 Select the check box in the row to be deleted 2 Click the Delete button All selected entries are deleted and the display is refreshed 6 5 16 Fault Monitoring 6 5 16 1 Power Supply Settings for monitoring the power supply Configure whether or not the power supply should be monitored by the messaging system Depending on the hardware variant there are one or two power connectors Supply 1 Sup...

Страница 252: ...on Log Tables Event Log Note This WBM page is not available on the SCALANCE W786 2 SFP Procedure 1 Click the check box in front of the line name you want to monitor to enable or disable the monitoring function 2 Click the Set Values button Monitoring of the redundant power supply by PROFINET With the following devices you can also configure which power supply will be monitored by PROFINET SCALANCE...

Страница 253: ...nge Configuration of fault monitoring of status changes on connections On this page you configure whether or not an error message is triggered if there is a status change on a network connection If connection monitoring is enabled an error is signaled when there should be a link on a port and this is missing or when there should not be a link on a port and a link is detected If a fault occurs the ...

Страница 254: ...ing options Up Error handling is triggered when the port changes to the active status From Link down to Link up Down Error handling is triggered when the port changes to the inactive status From Link up to Link down disabled The error handling is not triggered Procedure 1 From the relevant drop down list select the options of the slots ports whose connection status you want to monitor 2 Click the ...

Страница 255: ...ther words whether the device is connected to a PROFINET controller Online or Offline Here online means that a connection to a PROFINET IO controller exists that this has downloaded its configuration data to the device and that the device can send status data to the PROFINET IO controller In this status known as in data exchange the parameters set via the PROFINET controller cannot be configured P...

Страница 256: ... also be used The WLAN interface cannot be configured with STEP 7 PROFINET for client devices If a client is to be used as a PROFINET device the MAC address of the client must be specified as follows MAC Mode Own In the network beyond the device only IP communication and no PROFINET is possible Layer 2 Tunnel The client and the devices downstream from it can be used as PROFINET devices Note If Aut...

Страница 257: ...78 1 M12 SCALANCE W778 1 M12 EEC SCALANCE W734 1 RJ 45 SCALANCE W738 1 M12 Description The page contains the following boxes EtherNet IP Device Diagnostics Shows whether EtherNet IP is enabled On or disabled Off EtherNet IP Device Diagnostics for next boot Set whether EtherNet IP will be enabled On or disabled Off after the next device restart Note EtherNet IP and PROFINET When EtherNet IP is turn...

Страница 258: ...ailed information about the configuration stored on the C PLUG or KEY PLUG It is also possible to reset the PLUG to factory defaults or to load it with new contents Note The action is only executed after you click the Set Values button The action cannot be undone If you decide against executing the function after making your selection click the Refresh button As a result the data of this page is r...

Страница 259: ...Configuring with Web Based Management 6 5 System menu SCALANCE W780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 259 ...

Страница 260: ...his status is also displayed when the C PLUG was formatted during operation MISSING No C PLUG is inserted Functions are configured on the device for which a license is required Device Group Shows the SIMATIC NET product line that used the C PLUG or KEY PLUG previously Device Type Shows the device type within the product line that used the C PLUG or KEY PLUG previously Configuration Revision The ve...

Страница 261: ...are V6 0 or older When required after the replacement the device can be updated to the current firmware version File System Size bytes Displays the maximum storage capacity of the file system on the PLUG File System Usage bytes Displays the memory utilization of the file system of the PLUG Info String Shows additional information about the device that used the PLUG previously for example article n...

Страница 262: ...ved there is a restart If a valid KEY PLUG was inserted in the device the device changes to a defined error state following the restart With SCALANCE W the available wireless interfaces are deactivated in this case If the device was configured at some time with a PLUG the device can no longer be used without this PLUG To be able to use the device again reset the device to the factory settings Note...

Страница 263: ...the KEY PLUG The following are possible ACCEPTED There is a KEY PLUG with a valid and suitable configuration in the device NOT ACCEPTED Invalid or incompatible configuration on the inserted KEY PLUG NOT PRESENT No KEY PLUG is inserted in the device MISSING A KEY PLUG is inserted Functions are configured on the device for which a license is required WRONG The inserted KEY PLUG is not suitable for t...

Страница 264: ...version corresponds to the version in which the configuration was last changed With the NOT ACCEPTED status further information on the cause of the problem is displayed Note When you save the configuration the information about whether or not a KEY PLUG was inserted in the device at the time is also saved This configuration can then only work if a KEY PLUG with the same article number license is i...

Страница 265: ...uests DNS Resolution Select the IP address type in which an entered FQDN will be resolved Auto In this mode the IP address type is selected automatically IPv4 The entered FQDN will be resolved in an IPv4 address IPv6 The entered FQDN will be resolved in an IPv6 address Out Interface for IPv6 This selection is only required when the destination address is a multicast or a link local address factory...

Страница 266: ...llowing columns Port Shows the configurable ports If you click on the link the corresponding configuration page is opened Port name Shows the name of the port State Shows whether the port is on or off Data traffic is possible only over an enabled port OperState Displays the current operational status The operational status depends on the configured Status and the Link The available options are as ...

Страница 267: ...d down The link is down for example because the connected device is turned off Mode Shows the transmission speed and the transmission method of the port MTU Maximum Transmission Unit Shows the packet size Negotiation Shows whether the automatic configuration is enabled or disabled MAC Address Shows the MAC address of the port 6 6 1 2 Configuration Configuring ports With this page you configure the...

Страница 268: ... C267 13 Description The table has the following rows Port Select the port to be configured from the drop down list State Specify whether the port is enabled or disabled enabled The port is enabled Data traffic is possible only over an enabled port disabled The port is disabled Port name Enter a name for the port MAC Address Shows the MAC address of the port ...

Страница 269: ...ad to restrictions in PROFINET communication Always select at least 100 Mbps and full duplex FD or Autonegotiation if you want the device to handle PROFINET communication Mode Shows the transmission speed and the transmission method of the port Negotiation Shows whether the automatic configuration of the connection to the partner port is enabled or disabled MTU Maximum Transmission Unit Enter the ...

Страница 270: ... prevents or reduces the effect on other ports and priority classes Class of Service if a port is overloaded This can mean that frames are discarded even when flow control is enabled Port overload occurs when the device receives more frames than it can send for example as the result of different transmission speeds To change the configuration of a port follow these steps 1 Click the appropriate bo...

Страница 271: ...8 C79000 G8976 C267 13 271 6 6 2 WLAN 6 6 2 1 Basic Basic settings On this page you make several basic settings for the device for example the country setting and mode Note To configure the WLAN interface you must always specify the country code first Some parameters are dependent on the country setting for example the transmission standard ...

Страница 272: ...x devices following operating modes are possible AP Access point mode Client Client mode Note After changing the mode a message is displayed If you confirm the message with OK the device restarts in the changed mode with the factory set configuration settings If you have restarted the device after changing the mode you will need to log on again to be able to continue the configuration The table ha...

Страница 273: ...or the configured frequency band The selection depends on the country setting Auto in client mode only The transmission standard is determined automatically 2 4 GHz 5 GHz and 2 4 GHz 5 GHz 802 11a The transmission standard IEEE 802 11a 5 GHz is set 802 11g The transmission standard IEEE 802 11g 2 4 GHz is set This transmission standard is downwards compatible with IEEE 802 11b 802 11n The transmis...

Страница 274: ...imary users on the channel During this time the access point does not send beacons If signals are found on the channel the access point changes channel and repeats the check Only when no signals from primary users are detected after 60 seconds does the access point send on a channel The access point also searches for primary users during operation Disabled The DFS function is not used Note RCoax 5...

Страница 275: ...nterference on one or both interfaces at a transmit power higher than 15 dBm Tx power check Indicates whether the settings that have been made will violate the permitted transmit power restrictions of the selected country The following parameters influence this calculation max Tx Power Antenna Gain Additional Attenuation The following displays can appear Allowed The channels can be used with the c...

Страница 276: ...e collected packets broadcast unicast multicast to the client If you enter a 1 in this box the access point transmits broadcast unicast and multicast packets directly after each beacon recommended setting for normal network environments If you entered a 5 in this field this would mean that the access point collects the packets and sends them after every fifth beacon Increasing this value allows a ...

Страница 277: ... more difficult to transmit However fragmentation into smaller packets means a poorer throughput Note You can only edit this value if the you have set the transmission standard 802 11g 2 4 GHz or 802 11 a 5 GHz see WLAN Mode in Interfaces WLAN Basic HW Retries Specify the number of hardware retries The hardware repetition is performed by the WLAN chip itself when it tries to repeat an unacknowledg...

Страница 278: ...point detects a signal on a channel it treats this as a valid radar signal Disabled The function is not used When an access point detects a radar signal it changes to another channel The configured channel is no longer taken into account Prefer Configured DFS Channel only in access point mode Enabled This function is only available if you have enabled the DFS function on the Basic page If the conf...

Страница 279: ...E W780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 279 6 6 2 3 Antennas Overview Overview of IWLAN antennas The antenna name provides information about the properties of the antennas listed in the IWLAN antenna overview ...

Страница 280: ...e settings for the connected external antennas Note 50 Ω terminating resistor Each WLAN interface has three antenna connectors Connectors that are not used must have a 50 Ω terminating resistor fitted The antennas R1A1 and R2A1 must be always be connected as soon as the associated WLAN interface is turned on If no antenna is connected the relevant interface must also be disabled for Rx and Tx Othe...

Страница 281: ...ble select the entry User defined If you terminate an antenna connection using a 50 Ω terminating resistor select the entry Not used Connect 50 Ohm Termination Antenna Gain If you select the User defined entry for the Antenna Type enter the antenna gain manually in the dBi unit Antenna Gain 2 4 GHz dBi Here enter the antenna gain the antenna has in the 2 4 GHz frequency band Antenna Gain 5 GHz dBi...

Страница 282: ...x1 R1 A1 R2 A1 Index2 R1 A2 R2 A2 Index3 R1 A3 R2 A3 Index4 R1 A4 R2 A4 Rx Tx Rx Tx Rx Tx Rx Tx Rx Tx Rx Tx Rx Tx Rx Rx Tx Rx Tx Rx Rx Rx Tx Rx Rx Rx Rx Tx Rx Tx Rx Tx Tx Rx Tx Rx Tx Tx Tx Rx Tx Tx Tx Tx Rx Tx Rx Tx Rx Tx 1 Rx Tx Rx Tx Rx 1 Rx Tx Rx Tx Tx 1 Rx Tx Tx Tx 1 Rx Tx Rx Rx 1 Rx Tx Rx Tx 1 1 Rx Tx Tx 1 1 Rx Tx Rx 1 1 Rx Tx 1 1 1 1 Antenna type Not used Connect 50 Ohm Termination Procedure...

Страница 283: ... the Cable Length input box enter the length of the connecting cable you are using in meters 5 Select the use of the antenna from the Antenna Mode drop down list 6 Click the Set Values button 6 6 2 4 Allowed Channels Channel settings For communication a specific channel within a frequency band is used You can either set this channel specifically or configure so that the channel is selected automat...

Страница 284: ...ntennas transmit power etc are used Above the tables for the frequency bands you will find the following check box Select Deselect all Enabled If you enable the check box all channels are selected Disabled If you deselect the check box the first valid channel of the frequency band remains enabled Enable the required channel The tables of the frequency bands have the following columns Radio Shows t...

Страница 285: ...and A MSDU data packets Some of the settings depend on the set transmission standard and the selected channel width Description The table has the following columns Radio Shows the available WLAN interfaces A MPDU Aggregated MAC Protocol Data Unit A MPDU Enables or disables that several MPDUs with the same destination address are sent as a large A MPDU This allows the total throughput to be increas...

Страница 286: ...pt to between two transmitted OFDM symbols The following settings are possible The selection depends on the selected transmission standard 400 short 800 long The setting 400 ns is optional Depending on the signal quality packets can be sent with a send pause of 400 ns or 800 ns 800 long The send pause is 800 ns Procedure Configure 802 11n settings on the access point 1 Enable the A MPDU option 2 E...

Страница 287: ...SCALANCE W780 W740 to IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 287 6 6 2 6 AP Configuration On this WBM page you specify the configuration for the access point Note This WBM page is only available in access point mode ...

Страница 288: ...sic page specify the alternative channel here If you want the access point to search for a free channel itself use Auto If a primary user was detected both on the main and alternative channel the access point automatically searches for a free channel If you want to use a fixed channel select the required channel from the drop down list HT Channel Width MHz You can specify the channel bandwidth onl...

Страница 289: ...le for other devices Only clients that know the SSID of the access point and that are configured with it can connect to the access point The Any SSID option must be disabled on these clients activated The SSID is sent in the Beacon frame of the access point and is visible for other devices This means that clients on which the Any SSID option is enabled can also connect to the access point Note Sin...

Страница 290: ...rt 3 For the relevant WLAN interface and the port select the Enabled check box 4 Click the Set Values button 6 6 2 7 AP WDS Communication In normal operation the access point is used as an interface to a network and communicates with clients There are however situations in which several access points need to communicate with each other for example to extend wireless coverage or to set up a wireles...

Страница 291: ... enter the MAC address of the WDS partner WDS ID The WDS ID is used The Partner MAC input box is grayed out For Partner WDS ID enter the WDS ID od the WDS partner Use this option if you want to replace the access point later using the C PLUG or KEY PLUG Partner MAC Enter the MAC address of the WDS partner Partner WDS ID Enter the WDS ID of the WDS partner For the WDS ID the ASCII characters 0x20 t...

Страница 292: ... the assigned VAP interface Security WLAN Basic You cannot use authentication with a RADIUS server for a WDS connection In the IEEE 802 11h transmission mode it is not practical to select the WDS mode In WDS mode all access points must use the same channel If a signal from a primary user is detected by an access point the channel is changed automatically and the existing connection is then termina...

Страница 293: ... is only available in access point mode The WBM page can only be configured if 802 11a 802 11g or 802 11n is set for WLAN mode The WBM page shows the available data transmission speeds for the WLAN mode 802 11a b g If necessary you can change the data transmission speeds Otherwise we recommend that you retain the default setting for data transmission speeds The access point will then use only the ...

Страница 294: ... is valid for all entries of Table 3 Enabled Basic In the drop down list select the setting for all entries If No Change is selected the entry in table 3 remains unchanged Copy to table If you click the button the setting is adopted for all entries of Table 3 Table 3 Data Rate consists of the following columns Radio Specifies the WLAN interface to which the information relates Data Rate Mbps Shows...

Страница 295: ...column and in the Basic column for the required data transmission speed 4 Click the Set Values button To reset the selection 1 Click the Default Values button The selection is reset to the default setting 6 6 2 9 AP 802 11n data rates Data transmission speeds in IEEE 802 11n Note This WBM page is only available in access point mode The WBM page can only be configured if 802 11n only or 802 11n is ...

Страница 296: ...ing columns Radio Specifies the WLAN interface to which the information relates Use selected data rates only If you enable this option you can specify the data transmission speeds for the required WLAN interface If this option is disabled the default values are used As default this option is disabled Radio drop down list In this drop down list select the WLAN interfaces displayed in Table 3 MCS In...

Страница 297: ...terfaces WLAN Antennas If for example you only use one antenna only the MCS 0 to 7 are displayed Streams Shows the maximum possible number of parallel data streams that can be transmitted with the selected MCS index Data Rate Mbps Shows the supported data transmission speeds in megabits per second The displayed data transmission speeds depend on the settings Guard Interval and HT Channel Width You...

Страница 298: ...Use selected data rates only option in Table 1 2 Click the Set Values button 6 6 2 10 Client Connecting to a network On this WBM page you can specify how the device connects to a network as client Note This WBM page is only available in client mode Note WLAN interface disabled The WLAN interface will be disabled unless at least one SSID is configured or the setting Any SSID is enabled ...

Страница 299: ...is also informed of the MAC addresses connected to the Ethernet interface of the client Up to eight MAC addresses can be used MAC Address If you have selected Manual for MAC Mode enter the MAC address of the client Any SSID Enabled In client mode the SCALANCE W device attempts to connect to the access point that corresponds to the security settings of security context 1 The clients can only connec...

Страница 300: ...he client moving or other disruptive factors To filter out fluctuations of the signal a hysteresis is used to specify a range around this value in which the client does not change access points before this range is undershot If the signal coming from the access point falls below this range the client disconnects from the connected access point and searches for a new access point Roaming Threshold ...

Страница 301: ... scan list is evaluated within the background scan interval If beacons from a better access point are included the client switches to that access point after evaluation without changing the current channel Note iPRP enabled When iPRP is enabled the client sends special roaming advertisement frames to its redundant partner for each roaming operation The redundant partner may not perform roaming its...

Страница 302: ...T IPCF MC enabled If the iPCF iPCF HT or iPCF MC mode is enabled you can only select security context 1 Procedure 1 From the MAC Mode drop down list select the required assignment of the MAC address 2 In table 3 enter an SSID for SSID 3 Select a security context 4 Enable the required SSID The Any SSID function is disabled 5 Click the Set Values button 6 6 2 11 Force Roaming If an interface is no l...

Страница 303: ...onfigured destination addresses at regular intervals Interface monitored using a destination address If no ping response is received from this destination address the access point or the client switches off the corresponding interface Interface monitored using several destination addresses Only when no ping response is received from any of these destination addresses does the access point or clien...

Страница 304: ...r the FQDN Fully Qualified Domain Name of the destination whose reachability will be checked Note Destination address not in the agent IP subnet If the destination address is not in the agent IP subnet a gateway must be entered for Layer 2 Agent IP The Base Bridge mode 802 1Q VLAN Bridge If you have configured the Based Bridge Mode 802 1Q VLAN Bridge in Layer 2 VLAN pings are sent into the managem...

Страница 305: ...ent mode 4 Click the Set Values button Deleting force Roaming 1 Select the check box in the row to be deleted 2 Click the Delete button The entries are deleted and the page is updated 6 6 2 12 Signal recorder Recording the effective user signal The signal recorder is used to record the effective user signal between access point and client Using this data you can locate areas with an inadequate use...

Страница 306: ...surement of the client Access point Displays the measurement of the access point with which the client is currently connected This requires that the setting Bidirectional Recording is enabled and that a firmware version 6 1 is installed on the access point The access point sends its data to a maximum of 3 clients on which signal recorders are running The access point data is not displayed on other...

Страница 307: ...rement in random samples and seconds Measurement data Client The measurement data shows the value of the effective user signal according to the color scheme shown The gray line shows the background noise If the client changes access points during a measurement roaming or reconnects this is displayed by a vertical black line On the line the new AP system name and the BSSID are shown If during a mea...

Страница 308: ...oints during a measurement roaming or reconnects this is displayed by a vertical black line Access point The measurement data shows the transfer attempts according to the color scheme shown The transfer attempts are shown as a bar The data rate of the sent data packets is represented as a line If the client changes access points during a measurement roaming or reconnects this is displayed by a ver...

Страница 309: ...ains the following columns Radio Shows the WLAN interface to which the information applies Since a client has a WLAN interface there is only ever one row for WLAN 1 in this table Interval ms Specify the time interval between acquiring two measured values in milliseconds The first measured value is displayed only after the set time interval has elapsed Samples Specify how many measurements should b...

Страница 310: ...e graphic Notes on usage Note the following tips that will help you to obtain useful measurements with the signal recorder Set a fixed data rate on the access point If you have activated iPCF set as low a cycle time on the access point as possible for the measurements Make sure that there is enough data communication during the measurement because the statistics functions evaluate incoming data fr...

Страница 311: ... the recording Measurement results PDF file The PDF file contains a graphic representation of the course of the effective user data signal in dBm and the course of the data rate in Mbps In terms of color the graphic corresponds to the appearance in the Web Based Management If the client changes the access point roaming during the measurement this is indicated by vertical black bars with a black sq...

Страница 312: ...Web Based Management 6 6 Interfaces menu SCALANCE W780 W740 to IEEE 802 11n Web Based Management 312 Configuration Manual 08 2018 C79000 G8976 C267 13 Below the graphic the configuration data of the client is displayed ...

Страница 313: ... header row shows the IP address of the client and the BSSID and system name of the access point Per measurement the table contains two rows The data of the client is in the first row and the data belonging to the access point in the second Page 2 shows a legend of the abbreviations in the table The data starts on a new page when the client changes access points Note Note the description of the in...

Страница 314: ...rval between acquisition of two measured values Max TX Power Maximum transmit power of the device Begin Recording Start of the recording End Recording End of the recording Recorded Samples The total number of measurements Max TX Rate The maximum data rate of the sent data packets Max RX Rate The maximum data rate of the received data packets Rx Antenna x type The setting of the external antennas T...

Страница 315: ...The transfer repetitions of the client CL access point AP Con Stations Number of clients connected to the access point Operating Ch The current channel or the channel on which the client is connected to the access point HT 40 The channel bandwidth 40 MHz Scan CH The channel on which the client is currently scanning TX Rate The average data rate of the sent data packets RX Rate The average data rat...

Страница 316: ...08 2018 C79000 G8976 C267 13 6 6 2 13 Spectrum analyzer Technical information The frequency range depends on the configuration Parameters Value Amplitude accuracy In 2 4 GHz 3 dBm In 5 GHz 7 dBm Resolution bandwidth 330 KHz Min signal strength 100 dBm Max signal strength 0 dBm Analysis time At 40 MHz 120 ms At 20 MHz 95 ms Update time 1 s ...

Страница 317: ...s WBM page is only available in access point mode The WLAN interface of the device must be enabled otherwise the frequency ranges cannot be scanned Note We recommend that you do not use the spectrum analyzer in the change mode Manual Commit Note When the spectrum analyzer is started all WLAN connections are terminated on both WLAN interfaces The access point then also does not send any beacons Not...

Страница 318: ...ng with Web Based Management 6 6 Interfaces menu SCALANCE W780 W740 to IEEE 802 11n Web Based Management 318 Configuration Manual 08 2018 C79000 G8976 C267 13 Description The page contains the following graphics ...

Страница 319: ... measurements are made The upper x axis shows the frequency range The display of the y axis depends on the selected graphic Realtime The y axis shows the signal strength in dBm The graphic shows the strength of all signals that the access point receives in its environment in the configured frequency range The red line shows the maximum values since the start of the measurement The white line shows...

Страница 320: ...l 08 2018 C79000 G8976 C267 13 The y axis shows the course of the measured values over time from current 0 s to the values received before 500 s The graphic shows the strength of all signals that the access point receives in its environment in the configured frequency range The color depends on the setting for Color Scheme Density Chart ...

Страница 321: ...l strength in dBm The graphic shows how often signals occur with a certain strength in the configured frequency range The color goes from the lowest value 0 in black to the highest value 100 in red The page contains the following buttons Zoom in With this icon you only show one graphic type in large format on the page Zoom out With this icon you return to the view with all three graphic types ...

Страница 322: ...following columns Radio Shows the WLAN interface to which the information applies State Shows the status of the measurement The following values are possible stopped The measurement was stopped running The measurement is running Frequency Band Specify the frequency band Center Frequency Select the center frequency Start Click the button in this column to start the measurement Stop Click the button...

Страница 323: ...he Save Values button 7 The ZIP file contains a CSV file with the results of the measurement Measurement results CSV file The CSV file contains information on the configuration of the device and detailed information on all individual measurements and is divided into two areas The first area contains the configured settings System Name The system name of the access point Device IP The IP address of...

Страница 324: ...l interfaces at the same time When the function is enabled the interface can be linked in Wireshark For a period Wireshark record the data traffic over the interface Afterwards from the recording you can see the content of the frames or filter according to certain contents Description This table contains the following columns Interface The interface to which the entry relates Enable Enable or disa...

Страница 325: ...er System Restart Disabled After a restart the configuration is rest to the default settings Enabled The configuration is saved and retained after a restart Linking in the interface in Wireshark Requirement Wireshark V2 0 0 is installed on the PC The PC and device must be reachable via IP layer 3 Procedure To analyze the data traffic e g of the WLAN interface 1 in Wireshark follow the steps below ...

Страница 326: ... the Remote Interfaces tab the host and the interfaces on which the function Remote Capture was previously enabled are displayed 11 Select the interface and click the OK button 12 To start the recording click Start You can obtain further information about handling the program in Wireshark If you analyze several interfaces you can use a Wireshark instance for each interface ...

Страница 327: ...or not the device forwards frames with VLAN tags transparently IEEE 802 1D VLAN unaware mode or takes VLAN information into account IEEE 802 1Q VLAN aware mode If the device is in the 802 1Q VLAN Bridge mode you can define VLANs and specify the use of the ports Note Changing the agent VLAN ID If the configuration PC is connected directly to the device via Ethernet and you change the agent VLAN ID ...

Страница 328: ...Transparent Bridge Sets the mode VLAN unaware for the device In this mode VLAN tags are not changed but are forwarded transparently The VLAN priority is evaluated for CoS In this mode you cannot create any VLANs Only a management VLAN is available VLAN 1 VLAN ID Enter the VLAN ID in the VLAN ID input box Range of values 1 4094 The table has the following columns Select Select the check box in the ...

Страница 329: ...ember of the VLAN but the VLAN is not configured as a port VLAN Frames sent in this VLAN are forwarded without the VLAN tag F The port is not a member of the specified VLAN You can configure other settings in Layer 2 VLAN Port Based VLAN T This option is only displayed and cannot be selected in the WBM This port is a trunk port making it a member in all VLANs You configure this function in the CLI...

Страница 330: ... there is a further switch at this port the frame should have a tag added trunk port With a trunk port the VLAN assignment is dynamic Static configurations can only be created if in addition to the trunk port property the port is also entered statically as a member in the VLANs involved An example of a static configuration is the assignment of multicast groups in certain VLANs Procedure Requiremen...

Страница 331: ...General page 802 1Q VLAN Bridge is set for Base Bridge Mode Description Table 1 has the following columns Note Table 1 is only available if at least one VLAN is configured Port Shows that the settings are valid for all ports of table 2 Priority Port VID Acceptable Frames Ingress Filtering In the drop down list select the setting for all ports If No Change is selected the entries of the correspondi...

Страница 332: ...ere added to it and is sent according to the rules at the port Acceptable Frames Specify which types of frames will be accepted The following alternatives are possible Tagged Frames Only The device discards all untagged frames Otherwise the forwarding rules apply according to the configuration All The device forwards all frames No Change If No Change is selected the entries of the corresponding co...

Страница 333: ...n a certain time it deletes the learnt address This mechanism is known as Aging Aging prevents frames being forwarded incorrectly for example when an end device for example a programming device is connected to a different port If the check box is not enabled a device does not delete learnt addresses automatically Description The page contains the following boxes Dynamic MAC Aging Enable or disable...

Страница 334: ...mode from the drop down list As default Multiple Spanning Tree is enabled On the configuration pages of these functions you can make detailed settings Depending on the compatibility mode you can configure the corresponding function on the relevant configuration page Note Client device not as root Using the configuration of priorities and path costs make sure that a client device can never become t...

Страница 335: ...Tree Enable or disable MSTP Protocol Compatibility Select the compatibility mode of MSTP For example if you select RSTP MSTP behaves like RSTP The following settings are available STP RSTP MSTP Note If iPCF mode is enabled only the compatibility modes STP and RSTP are supported Procedure 1 Select the MSTP check box 2 Select the compatibility mode from the Protocol Compatibility drop down list 3 Cl...

Страница 336: ...Max Hop Count parameter If the device is a root bridge the information on the left and right matches Description The page contains the following boxes Bridge Priority Root Priority Which device becomes the root bridge is decided based on the bridge priority The bridge with the highest priority becomes the root bridge The lower the value the higher the priority If several devices in a network have ...

Страница 337: ...parameter This ensures that operation is started with the new topology only after all the bridges have the required information The default for this parameter is 15 seconds Bridge Max Age Root Max Age Bridge Max Age defines the maximum age of a received BPDU for it to be accepted as valid by the switch The default for this parameter is 20 Bridge Max Hop Count This parameter specifies how many MSTP...

Страница 338: ...ork will be triggered whenever a link to this port is modified The L2T clients should be interconnected Layer 2 Tunnel Auto Edge Port Only available in access point mode Select this check box if you want to detect automatically whether or not an end device is connected at all layer 2 tunnel ports Procedure 1 Enter the data required for the configuration in the input boxes 2 Click the Set Values bu...

Страница 339: ...e 2 Table 2 has the following columns Port Shows the available ports and interfaces Port X WLAN X VAP X Y WDS X Y Spanning Tree Status Specify whether the port is integrated in the spanning tree or not Note If you disable the Spanning Tree Status option for a port this may cause the formation of loops The topology must be kept in mind Priority Enter the priority of the port The priority is only ev...

Страница 340: ...t be configured The State parameter depends on the configured protocol The following is possible for status Disabled The port only receives and is not involved in STP MSTP and RSTP Discarding In the Discarding mode BPDU frames are received Other incoming or outgoing frames are discarded Listening In this status BPDUs are both received and sent The port is involved in the spanning tree algorithm Le...

Страница 341: ...received despite this setting the port automatically changes to the Disabled setting for switches P t P type Select the required option from the drop down list The selection depends on the port that is set P t P Even with half duplex a point to point link is assumed Shared Media Even with a full duplex connection a point to point link is not assumed Note Point to point link means a direct connecti...

Страница 342: ...ck the Set Values button 6 7 3 4 MST General Multiple Spanning Tree configuration With MSTP in addition to RSTP several VLANs can be managed in a LAN with separate RSTP trees Description The page contains the following box MSTP Instance ID Enter the number of the MSTP instance Permitted values 1 64 You can define up to 16 MSTP instances The table has the following columns Select Select the row you...

Страница 343: ...anges or IDs are separated by Permitted values 1 4094 Procedure Creating a new entry 1 Enter the number of the MSTP instance in the MSTP Instance ID box 2 Click the Create button 3 Enter the identifier of the virtual LAN in the VLAN ID input box 4 Enter the priority of the bridge in the Bridge Priority box 5 Click the Set Values button Deleting entries 1 Use the check box at the beginning of the r...

Страница 344: ...s the following box MSTP Instance ID In the drop down list select the ID of the MSTP instance Table 1 has the following columns Column 1 Shows that the settings are valid for all ports of table 2 MSTP Status In the drop down list select the setting for all ports If No Change is selected the entries of the corresponding column in table 2 remain unchanged Copy to table If you click the button the se...

Страница 345: ... ports of a device have the same value the port with the lowest port number will be selected If the Cost Calc box has the value 0 the automatically calculated value is shown Otherwise the value of the Cost Calc box is displayed The calculation of the path costs is largely based on the transmission speed The higher the achievable transmission rate the lower the value for the path costs will be Typi...

Страница 346: ...rwarding Applications The DCP protocol is used by STEP 7 and the PST Tool for configuration and diagnostics When shipped DCP is enabled on all ports in other words DCP frames are forwarded at all ports With this option you can disable the sending of these frames for individual ports for example to prevent individual parts of the network from being configured with the PST Tool or to divide the full...

Страница 347: ...possible to receive via this port Forward The DCP frames are forwarded via this port Procedure 1 Specify whether the port blocks or forwards the DCP frames 2 Click the Set Values button 6 7 5 LLDP Identifying the network topology LLDP Link Layer Discovery Protocol is defined in the IEEE 802 AB standard LLDP is a method used to discover the network topology Network components exchange information w...

Страница 348: ...s With this function you have the option of enabling or disabling sending and or receiving per port Description The table has the following columns Port Shows the port Setting Specify the LLDP functionality The following options are available Tx This port can only send LLDP frames Rx This port can only receive LLDP frames Rx Tx This port can receive and send LLDP frames Disabled This port can neit...

Страница 349: ...on Manual 08 2018 C79000 G8976 C267 13 349 6 8 Layer 3 IPv4 menu 6 8 1 NAT 6 8 1 1 Basic Note This page is only available in client mode On this page you specify the basic settings for NAT Note You can find an application example for NAT and NAPT at the following address https support industry siemens com cs ww en view 37593580 ...

Страница 350: ...e of values is 1 to 2147483 Default setting 300 seconds Local Interface IP address Enter the local IP address of the Ethernet interface This IP address is the gateway address of the local device Local Interface Subnet Mask Enter the subnet mask for the local Ethernet IPv6 Transparent Mode When enabled IPv6 frames are forwarded unchanged between Ethernet and WLAN This requires that Own is not set f...

Страница 351: ...or these devices PROFINET device name The PROFINET device name determines which PROFINET devices are allowed to communicate with the outside world despite NAT Maximum length 240 characters The box must not be empty The following characters are permitted a z 0 9 and Uppercase letters are not allowed For device names you can replace any number of characters with the wildcard asterisk The asterisk ca...

Страница 352: ...the Ethernet interface 4 Enter the PROFINET device name 5 Click the Set Values button 6 8 1 2 NAPT Note This page is only available in client mode On this WBM page you define the translation list for communication from the global to the local network Per WLAN client NAT gateway 60 entries are possible Description The page contains the following boxes Interface Interface to which the settings relat...

Страница 353: ... the port This is the new destination port to which the incoming frame will be forwarded If the setting is intended to apply to a port range enter the range with start port end port for example 30 40 If the local port and global port are the same the frames will be forwarded without port translation The table has the following columns Select Select the check box in the row to be deleted Activate S...

Страница 354: ...drop down list select the protocol for which the address assignment is valid 2 Enter the number of the global port or a port range in Global Port 3 Enter the IP address of the node in the local network in Local IP Address 4 Enter the number of the local port or a port range in Local Port 5 Click the Create button A new entry is generated in the table 6 Click the Set Values button The device is res...

Страница 355: ... 1 Users 6 9 1 1 Local Users Local users On this page you create local users with the corresponding rights When you create or delete a local user this change is also made automatically in the table External User Accounts If you want to make change explicitly for the internal or external user table use the CLI commands Note The values displayed depend on the rights of the logged in user ...

Страница 356: ... user set in the factory As of firmware version 6 0 the default user set in the factory user is no longer available when the product ships If you update a device to the firmware V6 0 the default user set in the factory user is initially still available If you reset the device to the factory settings Restore Factory Defaults and Restart the default user set in the factory user is deleted You can cr...

Страница 357: ...deleted Note The preset users as well as logged in users cannot be deleted or changed User Account Shows the user name Role Shows the role of the user Description Displays a description of the user account The description text can be up to 100 characters long Procedure Note Changes in Trial mode Even if the device is in Trial mode changes that you carry out on this page are saved immediately Creat...

Страница 358: ...Roles On this page you create roles that are valid locally on the device Note The values displayed depend on the rights of the logged in user Description The page contains the following Role Name Enter the name for the role The name must meet the following conditions It must be unique It must be between 1 and 64 characters long Note Role name cannot be changed After creating a role the name of the...

Страница 359: ...e device parameters Note Function right cannot be changed If you have assigned a role you can no longer change the function right of the role If you want to change the function right of a role follow the steps outlined below 1 Delete all assigned users 2 Change the function right of the role 3 Assign the role again Description Enter a description for the role With predefined roles a description is...

Страница 360: ... device When a RADIUS server authenticates a user and assigns the user to the Administrators group this user is given rights of the admin role Note The values displayed depend on the rights of the logged in user Description The page contains the following Group Name Enter the name of the group The name must match the group on the RADIUS server The name must meet the following conditions It must be...

Страница 361: ... long Procedure Linking a group to a role 1 Enter the name of a group 2 Click the Create button 3 Select a role 4 Enter a description for the link of a group to a role 5 Click the Set Values button Deleting the link between a group and a role 1 Select the check box in the row to be deleted 2 Click the Delete button The entries are deleted and the page is updated 6 9 2 Passwords Configuration of th...

Страница 362: ...Checking the password policy of existing users Up to now there was no special password policy As of version V6 0 you can now assign passwords that correspond to the password policy high The set password policy is used when assigning new passwords Existing passwords are not checked If you change the password policy from Low to High the previously used passwords remain valid As an important measure ...

Страница 363: ...want to change 3 Enter the new password for the selected user in the New Password input box 4 Repeat the new password in the Password Confirmation input box 5 Click the Set Values button Note The factory settings for the passwords when the devices ship are as follows admin admin When you log in for the first time or following a Restore Factory Defaults and Restart with the preset user aadmin you w...

Страница 364: ...wn list High Password length at least 8 characters maximum 128 characters At least 1 uppercase letter At least 1 special character At least 1 number Low Password length at least 6 characters maximum 128 characters 6 9 3 AAA 6 9 3 1 General Login of network nodes The designation AAA stands for Authentication Authorization Accounting This feature is used to identify and allow network nodes to make t...

Страница 365: ...n is possible both with the users that exist on the device user name and password and via a RADIUS server The user is first searched for in the local database If the user does not exist there a RADIUS request is sent RADIUS and fallback Local The authentication must be handled via a RADIUS server A local authentication is performed only when the RADIUS server cannot be reached in the network 6 9 3...

Страница 366: ...or the user in the table External User Accounts The table has the following columns Select Select the row you want to delete RADIUS Server Address Enter the IPv4 address or the FQDN Fully Qualified Domain Name of the RADIUS server Server Port Here enter the input port on the RADIUS server As default input port 1812 is set The range of values is 1 to 65535 Shared Secret Enter your access ID here Th...

Страница 367: ...s is reachable the RADIUS server does not however accept the shared secret Reachable key accepted The IP address is reachable the RADIUS server accepts the specified shared secret Steps in configuration Entering a new server 1 Click the Create button A new entry is generated in the table The following default values are entered in the table RADIUS Server Address 0 0 0 0 Server Port 1812 Max Retran...

Страница 368: ...red Secret Shared Secret Conf Max Retrans Primary Server 2 If necessary check the reachability of the RADIUS server 3 Click the Set Values button Repeat this procedure for every server whose entry you want to modify Deleting servers 1 Click the check box in the first column before the row you want to delete to select the entry for deletion Repeat this for all entries you want to delete 2 Click the...

Страница 369: ...make the network secure authentication and encryption are used On this page you specify the security settings Note WLAN mode IEEE 802 11 n With devices operated in WLAN mode IEEE8002 11n only WPA2 WPA2 PSK and WPA2 Radius encryption is possible iPCF iPCF HT or iPCF MC mode activated If iPCF iPCF HT or iPCF MC mode is enabled only iPCF authentication with or without the AES encryption is supported ...

Страница 370: ...1x The dynamic exchange of keys at each data frame introduces further security WPA PSK WPA Pre Shared Key WPA PSK is a weakened form of WPA In this method authentication is not established by a server but is based on a password This password is configured manually on the client and server WPA2 RADIUS WPA2 Wi Fi Protected Access 2 is a further development of WPA and implements the functions of the ...

Страница 371: ...P WEP Wired Equivalent Privacy A symmetrical stream encryption method with only 40 or 104 bit long keys based on the RC4 algorithm Ron s Code 4 TKIP Temporal Key Integrity Protocol A symmetrical encryption method with the RC4 algorithm Ron s Code 4 In contrast to the weak WEP encryption TKIP uses changing keys derived from a main key TKIP can also recognize corrupted data frames AES Advanced Encry...

Страница 372: ...isabled Open System Enabled WEP Default Key Shared Key Enabled WEP Default Key WPA RADIUS Enabled Auto TKIP AES RADIUS Server WPA PSK Enabled Auto TKIP AES WPA 2 Pass Phrase WPA2 RADIUS Enabled Auto TKIP AES RADIUS Server WPA2 PSK Enabled Auto TKIP AES WPA 2 Pass Phrase WPA WPA2 AutoPSK Enabled Auto TKIP AES WPA 2 Pass Phrase WPA WPA2 Auto RADIUS Enabled Auto TKIP AES RADIUS Server iPCF authentica...

Страница 373: ...PA2 PSK and WPA2 Radius encryption is possible iPCF iPCF HT or iPCF MC mode activated If iPCF iPCF HT or iPCF MC mode is enabled only iPCF authentication with or without the AES encryption is supported with security context 1 Description The table has the following columns Select Select the row you want to delete Select a check box in this column and click the Delete button to delete an entry in t...

Страница 374: ...red Key WPA PSK is a weakened form of WPA In this method authentication is not established by a server but is based on a password This password is configured manually on the client and server WPA2 RADIUS WPA2 Wi Fi Protected Access 2 is a further development of WPA and implements the functions of the IEEE 802 11i security standard WPA authentication works however without the RADIUS server Note Mak...

Страница 375: ... Equivalent Privacy A symmetrical stream encryption method with only 40 or 104 bit long keys based on the RC4 algorithm Ron s Code 4 TKIP Temporal Key Integrity Protocol A symmetrical encryption method with the RC4 algorithm Ron s Code 4 In contrast to the weak WEP encryption TKIP uses changing keys derived from a main key TKIP can also recognize corrupted data frames AES Advanced Encryption Stand...

Страница 376: ... Select the required security settings The settings that are possible depend on the Authentication Type you have selected When iPCF iPCF HT or iPCF MC mode is enabled it is not possible to select the Authentication Type 3 Click the Set Values button 6 9 4 3 AP communication Communications options On this WBM page you specify the type of communication allowed by the access point Note This WBM page ...

Страница 377: ...able WLAN interfaces Port Shows the VAP interface within own VAP Enabled Clients logged on to the same VAP interface of an access point can communicate with each other Disabled Option is disabled with other VAPs Enabled Clients logged on to different VAP interfaces of an access point can communicate with each other Note For an access point with other VAPs needs to be enabled on all WLAN interfaces...

Страница 378: ...umber of WLAN clients that can be logged on simultaneously is limited Disabled Option is disabled Max clients Set the maximum number of clients that can connect to this interface at the same time If the number is exceeded additional clients are rejected 6 9 4 4 AP RADIUS Authenticator Configuration of the RADIUS server On this WBM page you define the RADIUS servers and the RADIUS authentication of...

Страница 379: ...period of validity of the authentication in seconds The minimum time is 1 minute enter 60 the maximum time is 12 hours enter 43200 The default is one hour 3 600 seconds The table has the following columns Server IP Address Here enter the IP address or the FQDN name of the RADIUS server Server Port Here enter the input port on the RADIUS server Shared Secret Enter the password of the RADIUS server ...

Страница 380: ...n the input boxes Server IP address Port number of the input port Password Confirmation of the password Maximum number of transmission retries Primary server 2 Click the Set Values button Repeat this procedure for every server whose entry you want to modify 6 9 4 5 Client RADIUS Supplicant Client Supplicant On this WBM page you configure the settings for the RADIUS authorization of the client Note...

Страница 381: ... assignment ASCII code 0x20 to 0x7e is used Dot1x User Password Confirmation Confirm the password Dot1X Server Certificate Specify whether or not the RADIUS server identifies itself to the client using a certificate Dot1x EAP Types Specify the authentication methods The following methods exist Auto Client offers RADIUS server all methods EAP TLS Extensible Authentication Protocol Transport Layer S...

Страница 382: ...wing columns Key 1 4 Enter the WEP key or the AES key For the WEP key characters of the ASCII code from 0x20 to 0x7E or hexadecimal characters from 0x00 to 0xFF are permitted If iPCF or iPCF MC mode is enabled only the encryption method AES with 1 28 bit key length is supported You can choose between the following key lengths 5 or 13 ASCII or 10 or 26 hexadecimal characters 40 104 bits 16 ASCII or...

Страница 383: ...forwarded or discarded Description The table has the following columns Select Select the row you want to delete If this entry is used this is grayed out and you cannot delete it Rule Number Shows the number of the ACL rule If you create a new entry a new line with a unique number is created Source MAC Address Enter the MAC address of the source Dest MAC Address Enter the MAC address of the destina...

Страница 384: ...n Activating loop detection can prevent rules for Multicast MAC addresses from being applied Note No ACL rules for locally supported protocols ACL rules are not applied to packets from locally supported protocols This restriction applies to the following protocols DCP LLDP RSTP MRP Make the specifications for receiving and sending packets for these protocols directly on the configuration page of t...

Страница 385: ...e filtered at interfaces You specify the ACL rules in the Rules Configuration tab Description of the displayed boxes The page contains the following boxes Interface Select the required interface from the drop down list The available interfaces Page 49 depend on your device Add Rule In the drop down list select the ACL rule to be assigned to the interface Add To assign the ACL rule to the interface...

Страница 386: ...the ACL rule the frame is forwarded Discard If the frame complies with the ACL rule the frame is not forwarded Configuration procedure Follow the steps below to assign an ACL rule to an interface 1 Select the interface from the Interface drop down list 2 Select the ACL rule in the Add Rule drop down list 3 Click the Add button A new entry is generated in the table Follow the steps below to remove ...

Страница 387: ...s the following boxes Interface Select the required interface from the drop down list The available interfaces Page 49 depend on your device Add Rule In the drop down list select the ACL rule to be assigned to the interface Add To assign the ACL rule to the interface click the Add button The configuration is shown in the table Remove Rule From the Remove rule drop down list select the ACL rule to ...

Страница 388: ...es with the ACL rule the frame is not forwarded Configuration procedure Follow the steps below to assign an ACL rule to an interface 1 Select the interface from the Interface drop down list 2 Select the ACL rule in the Add Rule drop down list 3 Click the Add button A new entry is generated in the table Follow the steps below to remove an ACL rule from an interface Note active rules You cannot dele...

Страница 389: ... Select Select the row you want to delete If this entry is used this is grayed out and you cannot delete it Rule Number Shows the number of the ACL rule If you create a new entry a new line with a unique number is created Source IP Enter the IPv4 address of the source Source Subnet Mask Enter the subnet mask of the source Dest IP Enter the IPv4 address of the destination Dest Subnet Mask Enter the...

Страница 390: ... mask 255 255 255 255 Steps in configuration 1 Click the Create button A new row with a unique number rule number is created in the table 2 Enter the data of the source in Source IP and in Source Subnet Mask 3 Enter the data of the destination in Dest IP and in Dest Subnet Mask 4 In the Action drop down list select whether the frame is forwarded or rejected when the frame corresponds to the ACL ru...

Страница 391: ...or UDP for the protocol Source Port Max Enter the highest possible port number of the source port This box can only be edited if you have set TCP or UDP for the protocol Dest Port Min Enter the lowest possible port number of the destination port This box can only be edited if you have set TCP or UDP for the protocol Dest Port Max Enter the highest possible port number of the destination port This ...

Страница 392: ...es Configuration tab IP ACL ingress rules first part of the table IP ACL ingress rules second part of the table Description of the displayed boxes The page contains the following boxes Interface Select the required interface from the drop down list The available interfaces Page 49 depend on your device To select a VLAN interface an IP interface must be configured Note If you use a VLAN interface t...

Страница 393: ...is rule is valid Protocol Number Shows the protocol number Source IP Shows the IPv4 address of the source Source Subnet Mask Shows the subnet mask of the source Dest IP Shows the IP address of the destination Dest Subnet Mask Shows the subnet mask of the destination Action Select whether the frame is forwarded or rejected when it corresponds to the ACL rule Forward If the frame complies with the A...

Страница 394: ... priority Steps in configuration Follow the steps below to assign an ACL rule to an interface 1 Select the interface from the Interface drop down list 2 Select the ACL rule in the Add Rule drop down list 3 Click the Add button A new entry is generated in the table Follow the steps below to assign an ACL rule to an interface Note active rules You cannot delete active rules 1 Select the interface fr...

Страница 395: ... IEEE 802 11n Web Based Management Configuration Manual 08 2018 C79000 G8976 C267 13 395 6 9 6 4 Egress Rules Introduction On this page you specify the ACL rules according to which outgoing frames are handled by interfaces You specify the ACL rules in the Rules Configuration tab ...

Страница 396: ...nterface Add To assign the ACL rule to the interface click the Add button The configuration is shown in the table Note An ACL rule with the content deny any any must not be applied to outgoing frames Remove Rule From the Remove rule drop down list select the ACL rule to be deleted Remove To remove the ACL rule from the interface click the Remove button The table has the following columns Rule Orde...

Страница 397: ...ort Dest Port Max Shows the highest possible port number of the destination port Message Type Shows a message type to decide the format of the message Message Code Shows a message code to specify the function of the message DSCP Shows a value for classifying the priority Configuration procedure Follow the steps below to assign an ACL rule to an interface 1 Select the interface from the Interface d...

Страница 398: ...he device You define the VLAN in which the station may be located This ensures that only certain stations within a VLAN have access to the device Note If you enable this function note the following A bad configuration on the Management Access Control List page can result in you being unable to access the device You should therefore configure an access rule that allows access to the management befo...

Страница 399: ...n a new row with a unique number is created IP Address Shows the IP address Subnet Mask Prefix Length Shows the subnet mask or the prefix length VLANs Allowed Only available if 802 1Q VLAN Bridge is set for Layer 2 VLAN General Enter the number of the VLAN in which the device is located The station can only access the device if it is located in this configured VLAN If this input box remains empty ...

Страница 400: ...y 2 Click the Set Values button to transfer the changes to the device Creating new entry 1 In the IP Address input box enter the IP address of the device and in the Subnet Mask Prefix Length input box the corresponding subnet mask 2 Click the Create button to create a new row in the table 3 Configure the entries of the new row 4 Click the Set Values button to transfer the new entry to the device D...

Страница 401: ...s connected to the access point can be restricted Only the SCALANCE W700 devices whose IP addresses are configured in Allowed Addresses on the access point are accessible to the clients Communication with other nodes in the network is therefore prevented Description The page contains the following box Update interval s Enter the update interval for the ARP table The table has the following columns...

Страница 402: ...en enabled gratuitous ARP packets are not forwarded Block Non IP Frames When enabled there is no exchange of non IP packets for example layer 2 packets between the client and the devices configured on the access point as permitted communications partners 6 9 8 2 Allowed Addresses Note This WBM page is only available in access point mode This WBM page can only be configured with the following KEY P...

Страница 403: ...to which the settings relate IP Address The IP Address of the devices accessible to the client If necessary you can change the IP address Resolver IP Address The IP address with which the allowed IP address is resolved The entry is necessary when the management IP address is located in a different subnet If the IP address 0 0 0 0 is configured for Resolver IP Address the management IP address is u...

Страница 404: ...ed Note Use of iPCF with other iFeatures iPCF and other iFeatures e g iPCF MC iPCF HT iPRP are not compatible with each other and cannot be used at the same time on one device The use of iPCF is advisable particularly if you have a large number of nodes and want to implement highly deterministic operation This is necessary for example with PROFINET or other cyclic protocols You will find a more de...

Страница 405: ... table has the following columns Radio Specifies the WLAN interface to which the settings relate Enable iPCF Enable or disable the iPCF mode For PROFINET communication we recommend that you enable the iPCF mode By enabling iPCF the data rates provided by the access point are adapted We strongly recommend that you retain the default setting for the data rates 802 11 a b g 12 Mbps and 802 11n MCS 2 ...

Страница 406: ...re must be no scanner downstream from the client Disabled The function is disabled iPCF Cycle Time ms Select the required cycle time from the drop down list The following points need to be taken into account when setting the cycle time Otherwise it may not be possible to establish stable communication There is only one access point in the system in other words the clients move only in one wireless...

Страница 407: ...alue indicates how strong the arriving signal is and is displayed in the signal recorder The following threshold values apply to the signal strength Range Signal quality in Signal quality in RSSI 1 40 20 2 50 25 3 60 30 4 70 35 5 80 40 Procedure In access point mode 1 Select the Enable iPCF option for the required WLAN interface 2 Enable the option Legacy Free iPCF LF if desired 3 Select the requi...

Страница 408: ...te Use of iPCF HT The function iPCF HT and other iFeatures e g iPCF iPCF MC iPRP are not compatible with each other and cannot be used at the same time on a device Can only be used in the frequency band 5 GHz and with WLAN mode only IEEE 802 11n Is available only on the WLAN interface 1 It is advisable only to use and MCS index The use of iPCF HT is particularly advisable when a higher data throug...

Страница 409: ...000 G8976 C267 13 409 Description In both modes the table has the following columns Radio Specifies the WLAN interface to which the settings relate Enable iPCF HT Enable or disable iPCF HT When enabled the data rates provided by the access point are adapted We strongly recommend that you retain the default setting for the data rates 802 11n MCS 2 ...

Страница 410: ... correspond the cycle time of PROFINET or EtherNet IP There is only one access point in the system in other words the clients move only in one wireless cell In this case update times 16 ms are supported There are several access points in the system that communicate over different channels The clients roam between the access points In this case select update times 32 ms In addition to the guide val...

Страница 411: ...ngth Indicator of received packets The RSSI value indicates how strong the arriving signal is and is displayed in the signal recorder The following threshold values apply to the signal strength Range Signal quality in RSSI Signal quality in 1 20 40 2 25 50 3 30 60 4 35 70 5 40 80 Procedure In access point mode 1 Select the Enable iPCF HT option for the required WLAN interface 2 For iPCF HT Cycle T...

Страница 412: ...d data interface must be operated in the same frequency band and mode and must match in terms of their wireless coverage iPCF MC will not work if both wireless interfaces are equipped with directional antennas that cover different areas The management interfaces of all access points to which a client can change must use the same channel A client scans only this one channel to find accessible acces...

Страница 413: ...67 13 413 When should iPCF MC be used iPCF was developed to achieve short handover times when roaming between cells The iPCF MC technique allows short handover times even for freely mobile clients and when a lot of cells are involved or a large number of channels is being used The possible settings differ for access point and client Both are described below ...

Страница 414: ... establish a connection to this device Enabled Only the devices that communicate with the IEEE 802 11n standard and have the Legacy Free iPCF MC LF setting enabled are accepted WLAN mode IEEE 802 11n need not be enabled for this however This setting prevents performance from being slowed down by the IEEE 802 11 a b g device generation Disabled All device generations IEEE 802 11 a b g n are accepte...

Страница 415: ...an be achieved A higher value should be selected for a high data throughput Roaming Filter in client mode only With this setting you specify the number of RSSI single measurements from which the median is determined With 5 the last 5 measured RSSI values are considered Median with an odd number of measurements The values are arranged in ascending order The value exactly in the middle is the median...

Страница 416: ...To be able to use oversize frames oversize frames jumbo frames must be configured for all devices in the network Agent VLAN management VLAN with iPRP The iPRP VLAN can be used as the agent VLAN This depends where the device is located If the device is located in the PRP network A or PRP network B as the agent VLAN use the VLAN that PRPA or PRPB is assigned to If the access points are located in bo...

Страница 417: ...8 2018 C79000 G8976 C267 13 417 Description The page contains the following PRP A Select the VLAN assignment for PRP from the drop down list PRP B Select the VLAN assignment for PRP B from the drop down list This table contains the following columns Port Shows the available ports Enable iPRP Enable or disable iPRP for the required port ...

Страница 418: ...to whether there is another access point whose signal strength is 10 dB worse than that of the best access point In this case the client connects to this access point otherwise it connects to the same best access point as the partner client Device Prevents the two clients of a client pair from connecting to the same access point no matter which interface is used Procedure 1 Select the VLAN assignm...

Страница 419: ...utually compatible and cannot be used at the same time with one device With iREF the data can be sent with the highest possible transmit power In particular in applications in which MIMO cannot be used or brings no advantage this allows data to be transmitted at the highest possible data transmission rate Description The table has the following columns Radio Specifies the WLAN interface to which t...

Страница 420: ...ther iFeatures e g iREF iPCF iPCF HT iPCF MC iPRP are not mutually compatible and cannot be used at the same time with one device AeroScout can only be used in the 2 4 GHz band according to IEEE 802 11g IEEE 802 11n and IEEE 802 11n only For more detailed information please refer to the documentation of the AeroScout company www aeroscout com Description The table has the following columns Radio S...

Страница 421: ... the navigation area Click the TFTP tab 2 Enter the IP address of the TFTP server in the TFTP Server Address input box 3 Enter the port of the TFTP server in the TFTP Server Port input box 4 Click the Load file button in the Firmware table row 5 Go to the storage location of the firmware file 6 Click the Open button in the dialog The file is uploaded Firmware update via SFTP 1 Click System Load Sa...

Страница 422: ...76 C267 13 Result The firmware is has been transferred completely to the device On the Information Versions there are the entries Firmware and Firmware Running Firmware Runningshows the version of the current firmware Firmware shows the firmware version stored after loading the firmware To activate this firmware restart the device with System Restart ...

Страница 423: ... PLUG You create the PRESET PLUG using the Command Line Interface CLI You can create a PRESET PLUG from any PLUG To do this follow the steps outlined below Note Using configurations with DHCP Create a PRESET PLUG only from device configurations that use DHCP Otherwise disruptions will occur in network operation due to multiple identical IP addresses You assign fixed IP addresses extra following th...

Страница 424: ...this by the red F LED flashing flashing interval 2 sec on 0 2 sec off Afterwards the device is restarted and the device configuration incl users and certificates on the PRESET PLUG is transferred to the device 5 Wait until the device has fully started up the red F LED is off 6 Turn off the power to the device after the installation 7 Remove the PRESET PLUG 8 Start the device either with a new PLUG...

Страница 425: ...erface CLI to reset the preset function To do this follow the steps outlined below 1 Start the remote configuration using Telnet CLI and log on with a user with the admin role 2 Change to the Global configuration mode with the command configure terminal 3 You change to the PLUG configuration mode with the plug command 4 Enter the command factoryclean The PRESET PLUG is formatted and the preset fun...

Страница 426: ... network operation due to multiple identical IP addresses You assign fixed IP addresses extra following the basic installation 1 Start the remote configuration using Telnet CLI and log on with a user with the admin role 2 Change to the global configuration mode with the command configure terminal 3 You change to the loadsave configuration mode with the loadsave command 4 Enter the firmware in conf...

Страница 427: ... ConfigPack you want to install 5 Restart the device with System Restart If there is a different firmware version on the device to be installed compared with that in the ConfigPack an upgrade downgrade of the firmware is performed You can recognize this by the red F LED flashing flashing interval 2 sec on 0 2 sec off Afterwards the device is restarted and the device configuration incl users and ce...

Страница 428: ...ns Follow the steps below to reset the device parameters to the factory settings 1 Turn off the power to the device 2 Loosen the screws of the cover 3 Remove the cover 4 Now press the Reset button and reconnect the power to the device while holding down the button 5 Hold down the button until the red fault LED F stops flashing after approximately 10 seconds and is permanently lit 6 Now release the...

Страница 429: ...ased Management Configuration Manual 08 2018 C79000 G8976 C267 13 429 Via the configuration You will find detailed information on resetting the device parameters using the WBM and CLI in the configuration manuals Web Based Management section Restart Command Line Interface section Reset and Defaults ...

Страница 430: ...Upkeep and maintenance 7 4 Restoring the factory settings SCALANCE W780 W740 to IEEE 802 11n Web Based Management 430 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 431: ... the power to the device while holding down the button 3 Hold down the button until the red fault LED F starts to flash after approximately 2 seconds 4 Now release the button The bootloader waits in this state for a new firmware file that you can download by TFTP 5 Connect a PC to the SCALANCE W over the Ethernet interface 6 Assign an IP address to the SCALANCE W with the Primary Setup Tool 7 Open...

Страница 432: ... Configuration Manual 08 2018 C79000 G8976 C267 13 Result The firmware is transferred to the device Note Please note that the transfer of the firmware can take several minutes During the transmission the red error LED F flashes Once the firmware has been transferred completely to the device the device is restarted automatically ...

Страница 433: ...tion about the signal strength in dBm is displayed in WBM in the following tabs Access point mode Information WLAN Client List Client mode Information WLAN Available AP Interfaces WLAN Signal recorder The power of the input signal on the SCALANCE W device is influenced by the following factors Distance between the WLAN partners Reflections of the electromagnetic waves by parts of the building Sett...

Страница 434: ...e setting 802 11n or 802 11n only only supports WPA2 WPA2 PSK with AES in the security settings SSID For SSID use only the characters that were supported by the previous products Management only over wired Ethernet interface In the previous products there was a function Management only over wired Ethernet interface In the new devices this function is covered by the Management ACL function iPCF iPC...

Страница 435: ...e difficult for the attacker to access the communications path between two end devices You can for example protect devices by arranging so that the Agent IP is only accessible via a single management VLAN For more detailed information refer to the section Agent IPv4 Page 186 A further option is to install a separate HTTPS certificate on the WLAN client access point The HTTPS certificate checks the...

Страница 436: ...reated in the project The hardware configuration of the network component matches the hardware configuration of the device If this is not case the download will be aborted due to errors The firmware version of the network component matches the firmware version of the device The IP address has been set up The device is connected to the configuration PC The required properties and parameters have be...

Страница 437: ... results is displayed 6 If the loading is completed error free select Save configuration in Action 7 Click the Finish button Result After successful loading the project can be run on the network component Updating the SCALANCE configuration of the network component To update the SCALANCE configuration of the network component follow these steps 1 Open the Devices Networks editor and set the networ...

Страница 438: ... STEP 7 project in STEP 7 Basic Professional 2 Open the project view 3 Select the device in the project tree 4 Select the Go to network view command in the shortcut menu 5 Select the device in the network view 6 In the shortcut menu of the selected device select the command SCALANCE configuration Save as start configuration Result The configuration is saved on the device The message is no longer v...

Страница 439: ... and searches for reachable access points It logs on to the best reachable access point The value of the MIB variable is reset to 0 Trigger handover Using the private MIB variable snMspsWlanForceHandover you can force a handover Note With Web Based Management WBM or using the Command Line Interface CLI you cannot configure this function OID of the private MIB variable snMspsWlanForceHandover iso 1...

Страница 440: ...Troubleshooting FAQ 8 6 WLAN client Trigger handover via SNMP SCALANCE W780 W740 to IEEE 802 11n Web Based Management 440 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 441: ... IF MIB 1 3 6 1 2 1 2 RFC2233 P BRIDGE MIB 1 3 6 1 2 1 17 4 5 Q BRIDGE MIB 1 3 6 1 2 1 17 7 RADIUS ACC CLIENT MIB 1 3 6 1 2 1 67 2 2 RADIUS AUTH CLIENT MIB 1 3 6 1 2 1 67 1 2 RFC1213 MIB 1 3 6 1 2 1 4 RMON MIB 1 3 6 1 2 1 16 SNMP COMMUNITY MIB 1 3 6 1 6 3 18 SNMP FRAMEWORK MIB 1 3 6 1 6 3 10 2 1 RFC2571 SNMP NOTIFICATION MIB 1 3 6 1 6 3 13 RFC2573 SNMP PROXY MIB 1 3 6 1 6 3 14 SNMP TARGET MIB 1 3 ...

Страница 442: ...RT MIB Siemens 2 1 3 6 1 4 1 4329 20 1 1 1 1 28 Vendor specific SN MSPS RMON MIB Siemens 2 1 3 6 1 4 1 4329 20 1 1 1 1 12 Vendor specific SN MSPS SINEMA MIB Siemens 2 1 3 6 1 4 1 4329 20 1 1 1 1 25 Vendor specific SN MSPS SNMP MIB Siemens 2 1 3 6 1 4 1 4329 20 1 1 1 1 4 Vendor specific SN MSPS SNTP CLIENT MIB Siemens 2 1 3 6 1 4 1 4329 20 1 1 1 1 19 1 Vendor specific SN MSPS STP L2T MIB Siemens 1 ...

Страница 443: ...W in WBM under System Load Save HTTP MIB using the Save button OID The private MIB variables of the SCALANCE W have the following object identifier iso 1 org 3 dod 6 internet 1 private 4 enterprises 1 siemens 4329 industrialComProducts 20 iComPlatforms 1 simaticNet 1 snMsps 1 snMspsCommon 1 WLAN specific MIB variables The WLAN specific MIB variables can be found in snMspsWlan You will find further...

Страница 444: ...Appendix B B 1 Private MIB variables of the SCALANCE W700 SCALANCE W780 W740 to IEEE 802 11n Web Based Management 444 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 445: ...al Bridged LANs VLAN Tagging Port Based VLANs IEEE 802 1W 2004 Rapid Spanning Tree Protocol RSTP IEEE 802 1X Port Based Network Access Control IEEE 802 3 2002 Ethernet IEEE 802 3af Power over Ethernet PoE IEEE 802 11 Wireless Local Area Network IEEE 802 11a Wireless standard for use of the 5 GHz frequency band IEEE 802 11at PoE IEEE 802 11b g Wireless standard for use of the 2 4 GHz frequency band...

Страница 446: ...Appendix C C 1 Underlying standards SCALANCE W780 W740 to IEEE 802 11n Web Based Management 446 Configuration Manual 08 2018 C79000 G8976 C267 13 ...

Страница 447: ...ter startup Fault state following system start Status of the power supply You enable or disable the Power Change event in System Events Alarm Description Power up on line 1 2 PoE Power supply exists on line 1 line 2 or PoE Power down on line 1 2 PoE Power supply interrupted on line 1 line 2 or PoE Status of the Ethernet interface You enable or disable the Link Change event in System Events Alarm D...

Страница 448: ...erence detected on WLAN X at channel channel number frequency frequency MHz No more free channels to use A primary user was found on all available channels There is no free channel available the WLAN interface X will be deactivated until one of the channels becomes available Status of the WLAN interface in client mode only Messages Description Link up on WLAN X The WLAN interface X is enabled Link...

Страница 449: ...not be reached or the settings are incorrect Messages error status Messages Description You configure the events in System Events You configure the monitoring of the power supply and the link on the Ethernet port in System Fault Monitoring New Fault state fault description fault description Warm start performed Cold start performed Link down on P1 Link up on P1 Power down on line L1 L2 DFS No chan...

Страница 450: ...er cannot be reached e g net work connection interrupted Unable to send e mail s because of SMTP au thentication failure Sending of e mail s failed Authentication of the client on the SMTP server incorrect Unable to send e mail s because SMTP mes sage transfer failed Sending of e mail s failed SMTP server can be reached configuration incomplete or contains errors e g receiver e mail address wrong ...

Страница 451: ...Configuration accepted The internal configuration was written successfully to an empty C PLUG Startup configuration PLUG storage PLUG Configuration accepted PLUG License accepted The configuration was loaded successfully from the KEY PLUG Startup configuration PLUG storage PLUG Configuration accepted The configuration was loaded successfully from the C PLUG Messages about PLUG Messages Description...

Страница 452: ...ated The rea son is displayed as text VAP Num Client MAC associated successfully The client has connected successfully to the VAP or the client has logged on successfully to the VAP RADIUS Access rejected for client MAC The RADIUS server denies the client access RADIUS Access accepted for client MAC The RADIUS server allows the client access WDS Connection is established to AP MAC The WDS connecti...

Страница 453: ...ility with predecessor products 434 Configuration manuals 429 Configuration mode 182 C PLUG 33 258 Formatting 262 Saving the configuration 261 CRC 139 D Data transmission speed 293 295 802 11a b g 293 802 11n 295 DCP server 99 181 346 Default routes IPv6 routes 190 DHCP Client 217 DST Daylight saving time 237 239 E E Mail function 214 Alarm events 214 Line monitoring 214 Error status 130 Ethernet ...

Страница 454: ...ation 408 How it works 57 iPCF MC PROFINET communication 57 iPRP Configuration 416 Information 178 IPv6 Notation 84 IPv6 routing Default routes 190 Routing table 140 iREF 61 Client list 174 Configuration 419 WDS list 175 J Jabbers 139 K KEY PLUG 33 Formatting 262 iFeatures 263 L Line monitoring 214 LLDP 347 Local users 355 Location 184 Log tables WLAN authentication log 129 Logging on via HTTP 90 ...

Страница 455: ...gress 385 389 IP ACL 389 MAC ACL 383 S Scope of the manual 9 Security settings 229 Serial number 124 SFTP Load save 206 SHA algorithm 229 Signal recorder 305 SIMATIC NET glossary 13 SMTP Client 181 SNMP 69 99 181 225 229 Groups 229 Overview 142 SNMPv1 69 SNMPv2c 69 SNMPv3 69 Trap 228 Users 232 Software version 124 Spanning Tree Information 131 Rapid Spanning Tree 73 Spectrum analyzer 317 SSH Serve...

Страница 456: ...tion Manual 08 2018 C79000 G8976 C267 13 U Undersize 139 User Groups 360 V Vendor 124 Vendor ID 124 VLAN 55 Port VID 332 Priority 332 Tag 332 W WDS 290 Web Based Management 87 Requirement 87 Wireless access 19 WLAN statistics Bad frames 167 Received frames 171 Sent frames 172 ...

Отзывы:

Нет отзывов

Похожие инструкции для SIMATIC NET SCALANCE W740 Series

Бренд: H3C Страницы: 1057

Бренд: IBM Страницы: 32

Бренд: Vanguard Страницы: 4

Бренд: ZyXEL Communications Страницы: 125

Бренд: NA Страницы: 22

Бренд: VCS Страницы: 118

Бренд: Juniper Страницы: 7

Бренд: TP-Link Страницы: 57

Бренд: ZyXEL Communications Страницы: 8

Бренд: Alcatel-Lucent Страницы: 12

Бренд: Airvana Страницы: 90

Бренд: ADTRAN Страницы: 2

Бренд: Extreme Networks Страницы: 51

Бренд: Camozzi Страницы: 22

Бренд: Gemtek Страницы: 29

Бренд: QNAP Страницы: 68

Бренд: ICP DAS USA Страницы: 8

Бренд: Gigabyte Страницы: 10

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды