5 Firewall configuration using the example of a SCALANCE SC632-2C
Service Bridge – Setup and Configuration
Entry ID: 109747975, V1.4, 05/2019
Siemens AG 2019 All rights reserved
29. Go to the "Firewall" tab of the SCALANCE SC632-2C to start the configuration
(1).
30. Switch to the IP Rules tab (2) and click the Create button (3) to create a new IP
rule.
31. Configure the rule as follows:
This rule allows access to the WBM of the service bridge.
(1) Action "Accept"
Message frames corresponding to the rule are permitted.
(2) "From": "vlan1 (INT)" ("Internal")
"To": "vlan2(EXT)" ("External")
Access from the system bus in the direction of the fieldbus.
(3) "Source IP address" ("Source (Range)"): IP address of the separate
network card in the ES for accessing the WBM of the service bridge.
(4) "Destination IP address" ("Destination (Range)"): IP address of the Service
Bridge
32. Repeat steps 2 and 3 and define another rule for each PROFINET network and
IP address of the ES:
(1) Action "Accept"
Message frames corresponding to the rule are permitted.
(2) From Internal
To: External
Access from the system bus in the direction of the fieldbus.
(3) "Source IP address" ("Source (Range)"): IP address of the separate
network card in the ES for accessing the PROFINET network.
(4) "Destination IP address" ("Destination (Range)"): IP address range of the
PROFINET network
[IP address]/[number of bits to be included]
e.g. 192.168.11.0 (255.255.255.0) = 192.168.11.0/24
To Next Page
Loading...
Need help?
General