n Reject
– The corresponding connection is rejected.
– The sender receives a response to the corresponding request.
n Continue
– The rule is not executed.
– This can be used e.g., to skip a rule in the ‘Basic Configuration’
and instead
create a rule in the ‘User Configuration’ and enable it there.
‘ICMP Configurations’
n ‘Incoming ICMP requests accepted’
– enabled: Incoming ICMP echo requests are accepted. The CPU can be reached
with a ping request.
– disabled: Incoming ICMP echo requests are blocked. The CPU can not be
reached with a ping request.
n ‘Outgoing ICMP requests accepted’
– enabled: Outgoing ICMP echo requests are accepted. Ping requests from the
CPU are transmitted.
– disabled: Outgoing ICMP echo requests are blocked. Ping requests from the CPU
are blocked.
‘Basic Rules’
n Here you will find predefined firewall rules for the corresponding incoming connec-
tions. You can control their use accordingly via ‘Action’ .
n The settings are valid for all Ethernet interfaces. For individual customization, you can
instead create a rule in the ‘User Configuration’
and enable it there.
Blocking the WBM access
– On the CPU the WBM is accessed via TCP port 443.
– By blocking this port with permanently enabled firewall, you have no
more access to the WBM of the CPU even after a reboot.
– Resetting to the factory settings also resets the firewall to its default
settings, among others. This way you get access to the WBM of the
CPU again with the original access data.
Deployment as PROFINET controller (optional)
– Connections to PROFINET devices can only be established if you
select the rule ‘PROFINET unicast / multicast ports’ (UDP ports
34962 - 34964) ‘Accept’ .
n In addition or as an alternative to the ‘Basic Rules’ , you can define and enable your
own user-specific firewall rules for different filter categories.
n You create firewall rules for the output in the ‘Output Rules’
tab.
n You create firewall rules for the input in the ‘Input Rules’ tab.
n With the order of firewall rules in the table, you define the priority for applying them.
n You can create new rules, delete rules or change the order of the rules by using the
following buttons at the end of the table:
–
: New rule - adds a new firewall rule.
– : Delete rule - deletes the selected firewall rule.
– : Rule up - moves the rule up.
– : Rule down - moves the rule down.
n The firewall settings are applied and enabled with the [Apply] button. An existing con-
figuration will be overwritten.
Tab: Basic Configuration
Tab: User Configuration
iC9200 Series
Deployment
Web-based management - WBM > Security
HB700 | CPU | PMC921xEx | en | 23-06 98
To Next Page
Loading...
