Configuration and operation
6.10 Security
CP 443-1 Advanced
72 Equipment Manual, 03/2023, C79000-G8976-C256-07
6.10.2 Using VPN - effects on communication
Communication via VPN tunnel
Communication via a VPN tunnel reduces speed compared with communication outside a
VPN tunnel.
In mixed operation with S7 communication and connections of the open communications
services (SEND/RECEIVE interface), remember that the CP handles the open communications
services with higher priority.
6.10.3 Reloading firewall rules
Behavior with an active tunnel connection
Reloading firewall rules using the "Reload firewall rules online" (in STEP 7 / HW Config in "CP
properties", "Security" tab) can lead to communication on an active tunnel connection being
aborted.
6.10.4 Activating IP access protection
Dynamically expanding the IP access protection list with the firewall deactivated
If security is activated while the firewall is deactivated, there is no IP access protection. In
other words IP access in this device status is not restricted to the IP addresses entered in the
IP access protection list.
Nevertheless, even in this device status, it is possible to expand the list for IP access
protection dynamically if you have suitable user rights. As result of this action, the added
entries are displayed in STEP 7 special diagnostics. Access protection is, however, only
effective when the firewall is activated.
Solution:
Activate the firewall in the configuration. With this, the blocking of access for IP addresses
not entered in the list becomes effective.
6.10.5 Importing certificates for SMTP with STARTTLS or FTPS
Certificate for authentication
To import a certificate you need to enable the security functions of the CP in STEP 7.
To Next Page
Loading...
