Communication
11.2 PROFINET
S7-1200 Programmable controller
810 System Manual, V4.2, 09/2016, A5E02486680-AK
Assigning Internet Protocol (IP) addresses
11.2.3.1
Assigning IP addresses to programming and network devices
If your programming device is using an on-board adapter card connected to your plant LAN
(and possibly the world-wide web), both the programming device and the CPU must exist on
the same subnet. You assign the subnet as a combination of the IP address and subnet
mask for the device. Please see your local network administrator for help.
The Network ID is the first part of the IP address (first three octets) (for example,
.16) that determines what IP network you are on. The subnet mask normally has
a value of
; however, since your computer is on a plant LAN, the subnet mask
may have various values (for example,
) in order to set up unique subnets.
The subnet mask, when combined with the device IP address in a logical AND operation,
defines the boundaries of an IP subnet.
Note
In a World Wide Web scenario, where your programming devices, network devices, and IP
routers communicate with the world, you must assign unique IP addresses to avoid conflict
with other network users. Contact your company IT depart
ment personnel, who are familiar
with your plant networks, for assignment of your IP addresses.
Unauthorized access to the CPU through the Web server
Unauthorized access to the CPU or changing PLC variables to invalid values could disrupt
process operation and could result in death, severe personal injury and/or property
damage.
Enabling the Web server allows authorized users to perform operating mode changes,
writes to PLC data, and firmware updates, Siemens recommends that you observe the
following security practices:
• Enable access to the Web server only with the HTTPS protocol.
• Password-protect Web server user IDs (Page 1005) with a strong password. Strong
passwords are at least ten characters in length, mix letters, numbers, and special
characters, are not words that can be found in a dictionary, and are not names or
identifiers that can be derived from personal information. Keep the password secret and
change it frequently.
• Do not extend the default minimum privileges of the "Everybody" user.
• Perform error-checking and range-checking on your variables in your program logic
because Web page users can change PLC variables to invalid values.
Note
A secondary network adapter card is useful when you do not want your CPU on your
company LAN. During initial testing or commissioning tests, this arrangement is particularly
useful.
To Next Page
Loading...
