EasyManua.ls Logo

Siemens SCALANCE W1780 User Manual

Siemens SCALANCE W1780
368 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #341 background imageLoading...
Page #341 background image
8.3 Instructions for secure network design
Note the information below to protect your network against attacks:
Use a secure connection with HTTPS
In contrast to HTTP, HTTPS allows you secure access for configuring the WLAN clients and
the access points using Web Based Management. For more detailed information, refer to
the section "Load & Save (Page 152)".
Use WPA2/ WPA2-PSK with AES
Use only WPA2/AES to prevent password misuse. WPA2/ WPA2-PSK with AES provides
the greatest security. For more detailed information, refer to the section ""Security" menu
(Page 293)".
Protect your network from man-in-the-middle attacks
To protect your network from man-in-the-middle attacks, a network setup is recommended
that makes it more difficult for the attacker to access the communications path between two
end devices.
You can, for example, protect devices by arranging so that the Agent IP is only
accessible via a single management VLAN. For more detailed information, refer to the
section "Menu "Layer 3 (IPv4)" (Page 283)".
A further option is to install a separate HTTPS certificate on the WLAN client / access
point. The HTTPS certificate checks the identity of the device and controls the encrypted
data exchange. You can install the HTTPS certificate via HTTP. For more detailed
information, refer to the section "HTTP (Page 155)".
Use SNMPv3
SNMPv3 provides you with highest possible security when accessing the devices via
SNMP. For more detailed information, refer to the section "SNMP (Page 181)".
NOTICE
Changing the default password after configuring with STEP 7
If a device in the default status is configured only with STEP 7, it is not possible to change the
default password. This change must be made directly on the device using WBM or CLI.
Otherwise the default password is retained and any user could log in using the default
password.
Troubleshooting/FAQ
8.3 Instructions for secure network design
SCALANCE W1780/W1740 according to IEEE 802.11ac Web Based Management
Configuration Manual, 11/2019, C79000-G8976-C485-03 341

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the Siemens SCALANCE W1780 and is the answer not in the manual?

Siemens SCALANCE W1780 Specifications

General IconGeneral
BrandSiemens
ModelSCALANCE W1780
CategoryWireless Access Point
LanguageEnglish

Summary

Introduction

1.1 Information on the Configuration Manual

Details the scope and orientation of the configuration manual.

Description

2.1 Network structures

Explains different network setups using access points like standalone, wired access, WDS.

2.3 Product characteristics

Details the Ethernet and WLAN interface properties, IEEE standards supported, and security features.

2.4 IEEE 802.11n/ac

Explains the IEEE 802.11ac standard, its differences from 802.11n, and MIMO technology.

Security recommendations

General

Provides general security advice for device operation, plant evaluation, and network isolation.

Software (security functions)

Details firmware updates, advisories, protocol activation, and access control list usage.

Technical basics

4.1 Configuration limits

Lists the maximum number of configurable functions for system, interfaces, layer 2, layer 3, and security.

4.2 Interfaces and system functions

Shows the availability of physical/logical interfaces and system functions across different device models.

4.8 User management

Covers access management through user settings, authentication methods (local/RADIUS), and roles.

IP addresses

5.1 IPv4 / IPv6

Compares essential differences between IPv4 and IPv6 addressing, including configuration and format.

5.2 IPv4 address

Explains the structure of an IPv4 address, subnet masks, CIDR notation, and network gateways.

Configuring with Web Based Management

6.1 Web Based Management

Describes how Web Based Management (WBM) works, including browser requirements and secure connections.

6.2 Login

Details the process of establishing a connection and logging into the Web Based Management interface.

6.3 "Wizard" menu

Introduces the wizard for guided configuration of important parameters, including basic settings.

Upkeep and maintenance

7.1 Firmware update - via WBM

Explains how to update device firmware using HTTP, TFTP, and SFTP protocols via WBM.

7.3 Device configuration with PRESET-PLUG

Covers installing device configurations and firmware using a PRESET-PLUG for multiple devices.

7.4 Restoring the factory settings

Details methods for resetting device parameters to factory defaults using the reset button or Primary Setup Tool.

Troubleshooting/FAQ

8.1 Firmware update via WBM or CLI not possible

Addresses issues with firmware updates and provides solutions using TFTP and Primary Setup Tool.

8.2 Disrupted data transmission due to the received power being too high

Explains causes of disrupted communication due to excessive received power and offers solutions.

Appendix A

A.1 Supported MIB files

Lists available MIB files for SCALANCE W devices, including Root OID and Reference.

Appendix D

D.1 Messages in the event log

Provides a catalog of alarm and message types recorded in the event log during system startup and status changes.

D.2 Messages in the WLAN Authentication Log

Lists messages related to WLAN authentication, including successful logins and failures in access point and client modes.

Appendix E

E.1 Format of the syslog messages

Describes the structure and components of Syslog messages according to RFC 5424.

E.2 Parameters in Syslog messages

Details the parameters that can be included in Syslog messages, such as IP address, MAC address, and protocol.

E.3 Syslog messages

Provides examples of selected Syslog messages for identification, user account management, and failed login attempts.

Related product manuals