Use Cases
400 SICAM RTUs, User Manual SICAM CMIC
DC8-001-2.09, Edition 08.2016
F.5 SICAM CMIC with IPSec VPN
Features:
• Communication with the control system via IEC 60870-104
(Ethernet-Interface X1 or X4 can be set by parameter)
• 1 or 2 IP addresses
• 1 subnet-mask
• 1 default router
• Network settings | Security | IP Security enabled = YES
Afterwards, the parameters which are required for the configuration of the IPSec connec-
tion, are available under Network settings | Security | IP Security .
─ IP security
− ICMP ping reply
− IPSec VPN tunnel 1 enabled
− IPSec VPN tunnel 2 enabled
─ Local site
− Identifier (Local ID)
− VPN client IP-address
− VPN client default gateway
− VPN client subnet mask
─ Remote site 1
− Identifier (Remote ID)
− IP-Address
− Subnet IP-Address
− Subnet mask
─ IKE security associations 1
− Internet key exchange (IKE) Version
− SA lifetime (timeout)
− Auto-selection of authentication & encryption
─ IPSec authentication
− Pre-shared Key
─ IPSec security associations 1
− SA lifetime (timeout)
− SA lifetime (data size limit)
− Auto-selection of authentication & encryption
─ IPSec tunnel supervision by ping 1
− Ping enabled
− Ping cycle time
− Ping peer IP-address
Note for network configuration
• SICAM CMIC and the remote station must be configured in different networks when IPSec VPN is used
• The parameters Remote site |Subnet IP-address und Remote site |Subnet IP-Address
are necessary for the SICAM CMIC internal router function
• The certificate SHA256 must be used (obsolete: SHA1).
• In Google Chrome ® the cache must be deleted before the logon with SICAM WEB via https.
• For routing in two channels it is necessary to define both remote stations (Remote site 1 and remote
site 2)
To Next Page
Loading...
Need help?
General
