EasyManua.ls Logo

Siemens CP-8021

Siemens CP-8021
614 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Use Cases
SICAM A8000 / CP-8000 • CP-8021 • CP-8022 Manual Unrestricted 595
DC8-037-2.02, Edition 10.2017
E.6 Usage with IPSec VPN
Features
Communication with the control system via IEC 60870-5-104 (Ethernet interface X1 or X4
can be set by parameter)
1 or 2 IP addresses
1 subnet mask
1 default router
Network settings | Security | IP security enabled = YES
Afterwards, the parameters which are required for the configuration of the IPSec connec-
tion, are available under Network settings | Security | IP security :
ICMP ping reply
IPSec VPN tunnel 1 enabled
IPSec VPN tunnel 2 enabled
Local site | Identifier (local ID)
Local site | VPN client IP address
Local site | VPN client default gateway
Local site | VPN client subnet mask
Remote site 1 | Identifier (remote ID)
Remote site 1 | IP-Address
Remote site 1 | Subnet IP address
Remote site 1 | Subnet mask
IKE security associations 1 | Internet key exchange (IKE) version
IKE security associations 1 | SA lifetime (timeout)
IKE security associations 1 | Auto-selection of authentication & en-
cryption
*)
IPSec authentication | Pre-shared Key
IPSec security associations 1 | SA lifetime (timeout)
IPSec security associations 1 | SA lifetime (data size limit)
IPSec security associations 1 | Auto-selection of authentication & en-
cryption
*)
IPSec tunnel supervision by ping 1 | Ping enabled
IPSec tunnel supervision by ping 1 | Ping cycle time
IPSec tunnel supervision by ping 1 | Ping peer IP address
___
*)
if NO:
Encryption algorithm
Authentication algorithm
Diffie Hellman group
Note
CP-8000, CP-8021, CP-8022 and the remote station must be configured in different networks when IPSec
VPN is used.
The parameters Remote site <x> |Subnet IP address and Remote site <x> |Subnet mask
are necessary for the SICAM A8000 internal router function.
The certificate SHA256 must be used (obsolete: SHA1).
In Google Chrome ® the cache must be deleted before the logon with SICAM WEB via https.
For routing in 2 tunnels it is necessary to define both remote stations (Remote site 1 and Remote site 2).

Table of Contents

Related product manuals