manualshive.com logo in svg

Vimar 0072031B45CB, Руководство по установке, Страница: 10 / 32

Поделиться
Скачать
Vimar 0072031B45CB Скачать руководство пользователя страница 10

   10

2. KNXnet/IP

The presence of the Internet Protocol (IP) has led to the definition of the KNXnet/IP protocol . As documented in the KNXnet/IP protocol specifications, KNX telegrams can 
be transmitted encapsulated in IP packets . Ethernet networks can be used to route and tunnel KNX telegrams .

KNX IP routers are highly similar to TP line couplers . Only difference is they use the IP communication medium instead of TP and the KNXnet/IP communication protocol . 
According to this, IP interfaces and IP routers are an excellent alternative to USB data interfaces and TP line/area couplers . A TP backbone can be completely be replaced 
by a fast Ethernet based IP Backbone line . KNX end devices can be integrated directly via IP . This makes the Ethernet a real KNX medium .

2.1 IP (Secure) Tunneling

KNXnet/IP offers the possibility for point-to-point connections for the ETS (IP Tunneling connections) or, for example, between supervisory system and KNX installation . 
On activation of “Secure Tunneling”, these connections become IP Secure Tunneling connections . They are protected by encryption and usage of extra passwords .

2.2 IP (Secure) Routing

IP Routing is the KNXnet/IP protocol for interconnecting KNX lines and areas by IP networks . Hereby, the KNXnet/IP protocol defines the KNX IP communication . Using 
IP Secure Routing means runtime communication on KNX IP is entirely encrypted according to the KNX IP Secure mechanism .

2.3 IP Firmware Update

The IP bootloader function makes it possible to remotely carry out Firmware Updates and rewrite the flash memory content via an IP connection . This is not just a simple 
application download . Both communication stack and application software are downloaded .
The Firmware Update procedure via IP can be executed by 01548´s web front-end, which is independent from ETS, and makes use of special messages to speed up 
the process . To be protected, this process makes use of a special encryption .

3. KNX Secure

The KNX Secure technology adds extra security to a KNX installation, during commissioning as well as for KNX installations at runtime . Difference between normal KNX 
devices and KNX Secure devices is KNX Secure devices have the ability to encrypt and decrypt telegrams .

Every KNX Secure device supports a secure mode . Only when this secure mode is activated, the KNX Secure device will be able to encrypt/decrypt telegrams . For activation, 
device certificates are necessary (see chapter 1 .5 Secure Commissioning) .

KNX telegrams encrypted by KNX Secure devices are called KNX Secure telegrams . Regarding both KNX Security mechanisms, KNX IP Secure and KNX Data Secure, two 
types of encryption can be distinguished:

• KNX IP Secure can only be applied upon the KNX IP medium . KNX telegrams are sent as encrypted IP Secure frames, also called entirely encrypted telegrams (no matter 

if KNX Data Secure is used or not) .

• KNX Data Secure can be applied on any KNX communication medium . End-to-end communication between end devices is encrypted . Due to an individual security key, 

end devices encrypt/decrypt parts of their telegrams . Then, only devices having identical Group Addresses can encrypt/decrypt the telegrams .

For programming a KNX Secure device, ETS must know both its factory key (FDSK) and its serial number . But it is not necessary entering factory key or serial number . The 
ETS generates this information from the Device Certificate .

A Device Certificate is a device-specific 32-character code which contains serial number and FDSK (Factory Default Setup Key) . Serial number and FDSK cannot be modified . 
ETS retrieves the FDSK via the device certificate (see chapter 1 .5 Secure Commissioning) .

After a KNX Secure device has been added to an ETS project and after its Device Certificate has been added too, ETS automatically sets the Tool Key for the project . This 
Tool Key cannot be modified . It can only be reset to its FDSK by a Factory Reset (see chapter 4 .6 .2 Factory Reset) .

 

 Mixing unsecure and secure communication on the same Group Address is impossible .

 

 A mix of KNX IP Secure couplers in secure mode with KNX IP Secure devices in plain mode, or simply plain KNX IP devices, does not work .

KNXnet/IP - KNX Secure

Содержание 0072031B45CB

Страница 1: ...BUILDING AUTOMATION WELL CONTACT PLUS Installer manual 01548 KNX IP media coupler...

Страница 2: ...2...

Страница 3: ...11 4 3 KNX Network Installation 12 4 4 Adding Device Certificate 13 4 5 Programming 14 4 5 1 Programming of Individual Address and Application 14 4 5 2 IP Configuration 15 4 6 Special Functions 16 4...

Страница 4: ...or troubleshooting The device is for KNXnet IP Secure Routing and Tunnelling and it is equipped with a dedicated QR code to be used with ETS version 5 5 and later during configuration The Secure Tunn...

Страница 5: ...No telegram traffic 4 Telegram Traffic KNX TP Subline blinking green Telegram traffic extent indicated by blinking blinking red Transmission error BUSY NACK missing IACK off No telegram traffic 5 Grou...

Страница 6: ...outing Table 4 LED Status Display for Factory Reset after first Function Button Press Number LED Color Comment 1 State IP orange Lights red if not connected 01548 Traffic Function IP TP ROUTER IP KNX...

Страница 7: ...1548 X Serial number 0044270 MAC address 0072031B45CB D0 76 50 00 57 EC Art 01548 0072031B45CB Device certificate ABZAGG 2BZKDF 54SHGN OIPIXZ RRPF6Z A5GESR 01548 State Traffic Function IP TP GA PA ROU...

Страница 8: ...the necessary knowledge and skills also required for troubleshooting by practical exercises Please read this chapter carefully before first use and installation 1 6 1 Installation and Commissioning I...

Страница 9: ...KNX Data Secure format Activation of IP Backbone Security for protection of IP routing When additional protection becomes necessary for example the subline is located outside the building configuring...

Страница 10: ...extra security to a KNX installation during commissioning as well as for KNX installations at runtime Difference between normal KNX devices and KNX Secure devices is KNX Secure devices have the abili...

Страница 11: ...s compliant to IEEE802 3 The AutoSensing function sets the baud rate 10 Mbit or 100 Mbit automatically IP address can be received from a DHCP server For this the automatic assignment setting of the IP...

Страница 12: ...2 Bus State Traffic Function LINE COUPLER Main Sub GA PA Sub Main 1 1 0 01504 2 Bus State Traffic Function LINE COUPLER Main Sub GA PA Sub Main 1 2 0 01548 State Traffic Function IP TP GA PA ROUTER I...

Страница 13: ...ate can be found printed on a side label on the housing Device Certificates can be entered manually and by taking a QR code webcam picture After opening the project the Device Certificate list can be...

Страница 14: ...For downloading an interface connection to the KNX bus system is required To program devices of a line different to which the device used as ETS Current Interface is connected a correct topology is ma...

Страница 15: ...work administrator Figure 9 Automatic IP Address Assignment When the Use a static IP address option is chosen IP address Subnet Mask and Default Gateway can be set manually Figure 10 Manual IP Address...

Страница 16: ...utton has to be pressed The status of an active special function is indicated by the LED display see chapter 1 3 LED Indication of Special Functions 4 6 1 Manual Function During normal operation a rat...

Страница 17: ...on display again Table 7 Activation of Factory Reset Step Factory Reset 1 Hold Function button for 15 seconds 2 LEDs 1 2 now are orange 3 Hold Function button for 3 seconds 4 Device restarts 4 6 3 IP...

Страница 18: ...ion setting for telegram routing when the Manual Fun ction is active Switch off time for Manual Function 10 min 1 hour 4 hours 8 hours 1 hour After expiry of this time period the Manual Function is sw...

Страница 19: ...legrams are transmitted To set parameters different as available here use configure Group telegrams Main group 0 13 transmit all not recommended block filter filter Filtering of Group telegrams with m...

Страница 20: ...31 transmit all not recommended block filter filter Filtering of Group telegrams with main groups 14 31 can be configured to route all telegrams no telegrams or only telegrams entered in the filter t...

Страница 21: ...Tunneling Cannels To use IP Secure Tunneling both Secure Commissioning and Secure Tunneling must be activated in the Properties window of 01548 Then also the password protec tion option for each Tunn...

Страница 22: ...en the web front end is set to only status info display remote control functions Program Mode activation Set Tunneling and the update function are off Only the informational readout is available To en...

Страница 23: ...s factory default setting This means HTTP port is 8080 and DHCP is active The DHCP server assigned the IP address 192 168 1 201 Then in the browser s URL bar has to be entered http 192 168 1 201 8080...

Страница 24: ...age busload on TP Figure 22 KNX Tab For showing the busload diagram the web browser must support SVG graphics For IP Tunneling four Individual Addresses can be set Setting a different Individual Addre...

Страница 25: ...he boot mode it is necessary to enter the Update tab of the web front end Then either the firmware update has to be completed like shown by steps 1 to 5 or the firmware update process has to be stoppe...

Страница 26: ...ile and enter boot mode Figure 26 Request Update Step 5 The update file can be selected and uploaded After that the device exits boot mode and restarts Clicking on the Abort button cancels the firmwar...

Страница 27: ...r short an Object Group Telegram Group oriented telegrams are named Group Telegrams Filtering of Group Telegrams is accomplished according to the built in filter tables for group communication IACK se...

Страница 28: ...oup 0 13 DHCP AutoIP Group telegrams main group 14 31 224 0 23 12 Physical telegrams filter KNX TP KNX TP Subline to IP Main line Group telegrams main group 0 13 filter filter table is empty Group tel...

Страница 29: ...to IEC60529 Pollution degree 2 according to IEC60664 1 Protection class III according to IEC61140 Overvoltage category II according to IEC60664 1 Approbation KNX certified according to ISO IEC14543 3...

Страница 30: ...successful What can I do Make sure the web front end is not deactivated and the URL bar entry matches the correct IP address together with the right HTTP port or use the MAC address in exactly the way...

Страница 31: ...31...

Страница 32: ...Viale Vicenza 14 36063 Marostica VI Italy www vimar com 01548 EN 01 2010...

Отзывы:

Нет отзывов