97
4.8 Web-Based Management - WBM
• Here you will find predefined firewall rules for the corresponding incoming connections. You can control their
use accordingly via [Action].
• The settings are valid for all Ethernet interfaces. For individual customization, you can instead create a
rule in the[User Configuration] and enable it there.
Blocking the WBM access
• On the CPU the WBM is accessed via TCP port 443.
• By blocking this port with permanently enabled firewall, you have no more access to the WBM of the CPU
even after a reboot.
• Resetting to the factory settings also resets the firewall to its default settings, among others. This way you get
access to the WBM of the CPU again with the original access data.
Deployment as PROFINET controller (optional)
Connections to PROFINET devices can only be established if you select the rule [PROFINET unicast / multicast
ports] (UDP ports 34962 - 34964) [Accept].
8. Tab: User Configuration
• In addition or as an alternative to the [Basic Rules], you can define and enable your own user-specific
firewall rules for different filter categories.
• You create firewall rules for the output in the [Output Rules] tab.
• You create firewall rules for the input in the [Input Rules] tab.
• With the order of firewall rules in the table, you define the priority for applying them.
• You can create new rules, delete rules or change the order of the rules by using the following buttons at
the end of the table:
– : New rule - adds a new firewall rule.
– : Delete rule - deletes the selected firewall rule.
– : Rule up - moves the rule up.
– : Rule down - moves the rule down.
• The firewall settings are applied and enabled with the [Apply] button. An existing configuration
will be overwritten.
In addition to [Action], there are the following parameters for specifying a firewall rule:
• [Seq.]
– Numbers the order for the priority according to which the firewall rules are applied.
– The rules are applied in ascending order from 1.
– With
and
you can move the firewall rules accordingly.
• [Interface]
– In the [Input Rules] tab you can select a single interface from a selection list for which the rule is to be
applied.
– You have no choice in the [Output Rules] tab. Here the rule applies to all interfaces.
• [From IP]
– Enter the IP address for connections that are received from this address.
4
Deployment
To Next Page
Loading...
