NFH100. Quick start-up guide EN (V ) HW01 THE FIREWALL FOR THE AUTOMATION USER

Similar documents
Quick start-up guide EN (from firmware V 1.7.0) June 19th, HW01

MDH800 MDH859 - HW02. Quick start-up guide EN (V )

Quick Start Guide WALL IE. Version. 7 en. as of FW

Technical Data. MDH800 - MDH859 (from HW 02) - V DE

Operating instructions IO-Link master CabinetLine AL19xx

Installation Manual TH LINK PROFINET. Version: EN Copyright 2014 Softing Industrial Automation GmbH

PKP Prozessmesstechnik GmbH. Borsigstrasse 24. D Wiesbaden-Nordenstadt. Tel: / Fax: / Operating manual PSA06

FIRMWARE V 5.0. The main changes EN MDH800 MDH859

Quick Installation Guide

Setting up a secure VPN connection between two SCALANCE S Modules Using a static IP Address

Quick Startup Guide. datafeed uagate SI. Version: EN Copyright 2016 Softing Industrial Automation GmbH

IV-30 Operating Manual for Pulse Distributor Cassette with potential separation

Operating Manual UMB ISO Converter ISOCON Order Number: 8160.UISO

CAN-Bridge. CAN Communications Module for CAN 2.0 A/B, CAN Layer AA01. Manual. Version 1/ from HW 1 & FW 1.00

Operating instructions RFID evaluation unit DTE / / 2016

Setting up a secure VPN Connection between the TS Adapter IE Advanced and Windows 7

Register new account. Version: EN

Setting up a secure VPN Connection between SCALANCE S and CP x43-1 Adv. Using a static IP Address. SCALANCE S, CP Advanced, CP Advanced

SIMATIC NET. Industrial Ethernet Security SCALANCE S615 Getting Started. Preface. Connecting SCALANCE S615 to the WAN 1

DALI Professional Controller-4. Control unit Operating instructions

Quick Start Guide REX 100 WAN WiFi

Ethernet/SIOX Gateway Applicable to firmware ver 1.0

Multi Battery Charger MBC-08. Manual

User Manual Gateway component for EtherNet/IP

Operating Instructions

C.M.I. Control and Monitoring Interface. Quick Guide: Mounting and connection Commissioning. Software Version

RAD-DO8-IFS. I/O extension module, eight digital transistor outputs. Data sheet. 1 Description

English. Operating Manual. Conductive point level switch MLR120. Retain for later reference. Companies / brands of GHM

PTB 01 ATEX 2064 U, IECEx PTB U. Example / Beispiel / Exemple: Type Operating Instructions

PTB 01 ATEX Example / Beispiel / Exemple. Type Operating Instructions

Setting up a secure VPN Connection between SCALANCE S and SSC Using a static IP Address. SCALANCE S, SOFTNET Security Client

Operating Manual -ENGLISH- Page 1 KWG-ISO

I/O ETHERNET CONTROLLER ELAN1

Power Supply Systems KNX PS640 and KNX PS640 USB

GSM-X. Communication module. Quick installation guide. Full manual is available on Firmware version 1.02 gsm-x_sii_en 08/18

Operating instructions AS-i SmartLine module AC3200 AC /00 06/2016

SEVIO User Guide. Document ID: sv_user_guide_en_v17_05

Quick Start Guide REX 100 WAN WiFi. Version. 4 en. as of FW

RAD-DI8-IFS. I/O extension module with 8 digital inputs or 2 pulse inputs. INTERFACE Data sheet. 1 Description

crio PN Installation Instructions V0.2/ COMSOFT

BNI USB A501. User s Guide

PHOENIX CONTACT - 07/2006

QUICKSTART Smart EnOcean Gateway DC-GW/EO-IP

Operating Instructions

Metro-Optical Transport Access Nodes

Date Revision Change(s) 29/07/ First version

INSTRUCTION MANUAL WCS-Interface Module, DeviceNet

Short Instructions CG-S / IP-Router

AS-i Safety Relay Output Module with Diagnostic Slave

Power Supply System KNX PS640-IP

DuoFern Multiple Wall Controller

USER MANUAL VIBRATION CONTROL RMA-POWER-BOX 107/230

MSI-RM2 Safety Relays

CPCI-PS24 24V-Power Supply

Siemens Spares. Setting up security in STEP 7. Professional SIMATIC NET. Industrial Ethernet Security Setting up security in STEP 7 Professional

ekey home OPERATING INSTRUCTIONS

QUINT-BUFFER/24DC/24DC/40

Setting up a secure VPN Connection between CP x43-1 Adv. and SOFTNET Security Client Using a static IP Address

Operating Manual FPGA-based High-Speed Micro-PLC

Quick Start Guide REX 100 WAN WiFi. Version. 2 en. from FW

Operating and Installation Manual. EASYLAB Expansion modules Type EM-TRF for 230 V AC mains voltage

TEW-211BRP. Wireless AP Router. User s Manual

SIMPLY PRECISE USER MANUAL. ADJUSTMENT TOOL For NUMERIK JENA Encoders with Online Compensation

Operation and installation manual KNX IP LineMaster 762 (Art. # 5212) KNX Power supply with integrated KNX IP Router and diagnosis functions

SCHMIDT Sensor interface PROFIBUS Instructions for use

/

connecdim Gateway G1 Ethernet TCP/IP to DALI

SC Programming Board USB MC Adapter Board USB Instruction Manual WE CREATE MOTION

GREENBOX EV. User Guide. Revision 1.3

CU-DIN USB KNX EC

Accessories for Sunny Central COMMUNICATION CABINET (COM-C)

OPERATING INSTRUCTIONS

SINAMICS G130. Terminal Module 150 (TM150) Operating Instructions 03/2013 SINAMICS

PacketBand TDM-4 Quickstart Guide V3.2

FIELDBUS TECHNOLOGY ETHERNET- PROFIBUS- INTERFACE PB-XEPI F1144/ 03 INSTALLATION MANUAL

UTM Content Security Gateway CS-2001

Operating Instructions Webmodule ZB-S

Setting up securityglobal FW Rulesets SIMATIC NET. Industrial Ethernet Security Setting up security. Preface. Firewall in standard mode

English. Operating manual. Universal transmitter UT125. Save for later reference. Companies / brands of GHM

MINI MCR-SL-PT100-UI. Active resistance thermometer measuring transducer. Data sheet. 1 Description

1 Safety instructions. 2 Device components. 3 Function. Smart Control IP. Art. No. SC 1000 IP. Operating instructions

Quick Start Guide PROFINET Switch 4/8-port. Version. 1en.

CEM M-RS485 INSTRUCTION MANUAL (M014B A)

Elo-1145-MSS-Zentraleinheit 471 M41 H31.book Page 1 Tuesday, September 6, :10 PM, Datum:

ADAMCZEWSKI. Ordering data AD-STVEX 710 GVD Option: Factory-software configuration as per customer specifications.

Anybus Wireless Bridge II

MANUAL VAA-2E2A-G12-SAJ/EA2L Original Instructions Version 1.0

LCI User Manual mantracourt.com

Operating Instructions (Compact) SIMATIC. Industrial PC SIMATIC Microbox PC 420. Siemens. Release 11/2006 A5E

Cube LAN Gateway. Operating manual BC-LGW-O-TW

_A_EN i Doc:

Manual. WALL IE - Industrial NAT Gateway and Firewall. Version 2 1/17/2019 as of firmware V Manual order number: WAL01

multisys User manual Technical parameters D2-MSMT-1 Gateway from Modbus TCP to Modbus RTU, serial RS _EDEBDA _EN

Manual ServiceGate. Remote Engineer B.V. De Parse 11, 8491 PJ, Akkrum The Netherlands

Instruction Manual FB-606 FB-606 TF. Infrared Manual Remote Control. LJU Automatisierungstechnik GmbH

Operating instructions Safe AS-i input module ASIM-C-M About this document. Content

EX2 Ethernet/SIOX Controller p 2. General Description Block Diagram

BEC 8920AC Ultimum The Ultimate Residential Gateway with ac VDSL2/ADSL2+/Bonded/FTTH Quick Start Guide

Englisch. Operating Manual. Operating Software GHMware Retain for further references. Unternehmen / Marken der GHM

General Operating, Maintenance and Installation Manual

Transcription:

NFH100 Quick start-up guide EN (V 1.0.0 18.01.2018) THE FIREWALL FOR THE AUTOMATION USER 5.920.000.01.00 - HW01

Table of contents 1 Safety instructions... 3 2 Using Open Source Software... 4 2.1 General Information... 4 2.2 Special Liability Regulations... 5 2.3 Used Open-Source Software... 5 3 Brief description... 6 4 Performance characteristics... 6 5 Include in delivery... 7 6 Displays, controls and connections... 8 7 Getting started... 10 8 Using the mbnetfix in bridge mode... 13 9 Using the mbnetfix in gateway mode... 14 10 Configuration of the mbnetfix... 15 11 Factory settings on delivery... 15 12 Load factory settings (Factory Reset)... 15 13 Technical data... 16 14 Technical support... 16 This document is valid for the device mbnetfix NFH100; Item No.: 5.100.200.01.00 in hardware version HW01. This Quick Start Guide provides a quick overview of selected operating procedures and functions of the industrial firewall mbnetfix NFH100. However, the detailed manual with the important Notes and safety instructions can NOT be replaced by this document. Read the following instructions carefully and keep them in a safe. Latest information, updates and the complete Manual, visit our website at www.mbconnectline.com. - 2 -

1 Safety instructions Only qualified specialist personnel may install, start up, and operate the router. The national safety and accident prevention regulations must be observed. The device is built to the latest technological standards and recognized safety standards (see Declaration of Conformity). The device is only intended for operation in the control cabinet and with SELV according to IEC 60950/EN 60950/VDE 0805. The router may only be connected to devices, which meet the requirements of EN 60950. The router is for indoor use only. Never open the router chassis. Unauthorized opening and improper repair can pose a danger to the user. Unauthorized modifications are not covered by the manufacturer s warranty. Opening up the device voids the warranty! NOTE: Electrostatic Discharge! Observe the necessary safety precautions when handling components that are vulnerable to electrostatic discharge (EN 61340-5-1 and IEC 61340-5-1)! The mbnetfix Industrial Firewalls are maintenance-free units. If a mbnetfix have damage or malfunction, the device must be immediately taken out of service and secured against inadvertent operation. The complete manual of the router as well as the conformity declaration can be found in the download area on our website www.mbconnectline.com - 3 -

2 Using Open Source Software 2.1 General Information Our products contain, amongst others, so-called open-source software that is provided by third parties and has been published for free public use. The open-source software is subject to special open-source software licenses and the copyright of third parties. Basically, each customer can use the open-source soft-ware freely in compliance with the licensing terms of the respective producers. The rights of the customer to use the open-source software beyond the purpose of our products are regulated in detail by the respective concerned open-source software licenses. The customer use the open-source software freely, as provided in the respective effective license, beyond the purpose that the open-source software gets in our products. In case there is a contradiction between the licensing terms for one of our products and the respective open-source software license, the respective relevant open-source software license takes priority over our licensing terms, as far as the respective open-source software is concerned by this. The use of the used open-source software is possible free of charge. We do not demand usage fees or any comparable fees for the use of the open-source software contained in our products. The use of the open-source software in our products by the customer is not part of the earnings we achieve with the contractual compensation. All open-source software programs contained in our products can be taken from the available list. The most important open-source software licenses are listed in the Licenses section at the end of this publication. As far as programs contained in our products are subject to the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), the Berkeley Software Distribution (BSD), the Massachusetts Institute of Technology (MIT) or another open-source software license, which regulates that the source code must be made available, and if this software is not already delivered in source code on a data carrier with our product, we will send you this at any time upon request. If it is required to send this on a data carrier, the sending will be made against pay-ment of a cost compensation of 35,00. Our offer to send the source code upon request ceases automatically three years after delivery of our product to the customer. - 4 -

Requests must be directed to the following address, if possible under specification of the serial number: MB connect line GmbH Tel. +49 (0) 98 51 / 58 25 29 0 Fernwartungssysteme Fax +49 (0) 98 51 / 58 25 29 99 Winnettener Str. 6 info@mbconnectline.com 91550 Dinkelsbühl GERMANY 2.2 Special Liability Regulations We do not assume any warranty or liability, if the open-source software programs contained in our product are used by the customer in a manner that does not com-ply any more with the purpose of the contract, which is the basis of the acquisition of our product. This concerns in particular any use of the open-source software programs outside of our product. The warranty and liability regulations that are pro-vided by the respective effective open-source software license for the respective open-source software as listed in the following are effective for the use of the open-source software beyond the purpose of the contract. In particular, we are not liable, if the open-source software in our product or the complete software configu-ration in our product is changed. The warranty granted with the contract, which is the basis of the acquisition of our product, is only effective for the unchanged open-source software and the unchanged software configuration in our product. 2.3 Used Open-Source Software For a list of the open-source software used in this product see https://www.mbconnectline.com/downloads/open-source-software-licenses.txt - 5 -

3 Brief description The mbnetfix is a self-learning easy-to-confi gure industrial fi rewall. It can be used in both bridge mode and gateway mode. Network A Bridge mode Network A Network A Gateway mode Network B WAN 1 0 0 1 0 WAN LAN 0 0 LAN 192.168.0x/24 192.168.0x/24 192.168.0x/24 172.16.0x/24 The confi guration is made via the USB interface using the software mbnetfix Manager (not included in delivery). Request your free copy of the mbnetfix Manager here: sales@mbconnectline.com (subject: mbnetfix Manager) 4 Performance characteristics Protects the machines in the network from attacks from the Internet. Easy network segmentation with controlled routing and NAT. Convenient learning mode makes creation of fi lter tables simple & easy. Integration into existing networks. Bridge or Gateway mode. IP, port, and protocol fi lters to monitor and restrict traffic. Confi guration with secure software. Less attack vectors by avoiding a web interface. Versatile NAT functionalities, eg 1: 1 NAT, SimpleNAT and port forwarding. - 6 -

5 Include in delivery Please check that your delivery is complete: 1 x Plug-in bridge Art.-No.: 5.910.010.01.00 1 x mbnetfix NFH100 Art.-No.:5.100.200.01.00 1 x cabel USB A - USB-mini B Art.-No.: 5.910.000.01.00 1 x Quick start-up quide Art.-No.: 5.920.000.01.00 Should any of these parts are missing or damaged, please contact the following address: MB connect line GmbH Fernwartungssysteme Winnettener Str. 6 91550 Dinkelsbühl GERMANY Tel.: +49 (0)9851/582529-0 Fax: +49 (0)9851/582529-99 www.mbconnectline.com Please keep the original box and the original packaging in case you need to send the device for repair at a later date. - 7 -

6 Displays, controls and connections 1 x WAN interface 3 x LAN interface 1 x USB slave 2.0 mini WAN 0V DC connection LAN 3 + Power source connection 10-30 V DC FE Functional earth I1* Digital input (10-30 V DC) (Low 0 3,2 V DC, High 8 30 V DC) I2 Digital input (10-30V DC) (Low 0 3,2 V DC, High 8 30 V DC) - Function in preparation - Prog Functionn Reset 10...30 VDC Pwr Stat Usr LAN 2 LAN 1 * Input 1 can be used during initial startup to activate the Bridge mode with the packet filter switched off. The input is only evaluated until the mbnetfix has been configured once, then the state of input 1 is ignored. Designation Status Description Prog (Programming) USB interface mini-b for connecting to the configuration PC. Function Button - function in preparation. Reset Button - performing a device restart (cold start). - 8 -

Designation Status Description Pwr (Power) (Ready) Stat (Status) Usr (User) LED off LED on LED flashing LED on LED on LED off LED flashing LED on LED off Device power source is switched off or device is not connected to power source / power pack. Power source is connected to terminal block and switched on. After the system has been checked and started, the LED flashes for the duration of the starting up process. The device is ready for operation. The packet filter is active in both directions (WAN > LAN, LAN > WAN). The packet filter is INACTIVE in both directions (WAN > LAN, LAN > WAN). The packet filter is INACTIVE in at least one direction (WAN > LAN, LAN > WAN). The device is not configured. The device was configured by the software mbnetfix Manager. WAN - WAN connection (customer network, DSL router). orange LED flashing Network data transfer active. WAN LED green LED on green LED off Transfer rate = 100 MBit/s Transfer rate = 10 MBit/s LAN 1 3 - LAN connection (machine network). LAN LED 1 3 orange LED flashing green LED on green LED off Network data transfer active. Transfer rate = 100 MBit/s Transfer rate = 10 MBit/s - 9 -

7 Getting started Before connecting the device to a network or PC, first ensure that it is properly connected to a power supply, otherwise it may cause damage to other equipment. The mbnetfix can be operated in two modes (see chapter 3). During the initial commissioning and after each factory reset, the mbnetfix is always set in Bridge mode, with active packet filter in both directions (Security By Default). The packet filter can be switched INACTIVE by means of activating input 1 (High 8 30 V DC). You should choose this preference on input 1 if any of these apply to you: If you want to operate the mbnetfix as a bridge and want to make the configuration at a later time and want to do the installation now and do not want to influence the existing network OR Activate the learning function of the mbnetfix in order to be able to read the learned network traffic later during the configuration. - 10 -

a. Bridge mode: After booting, the packet filter is INACTIVE. 10...30 10...30 VDC VDC 1. Connect equipotential bonding to the functional earth (FE). That is, the WAN > LAN and LAN > WAN transitions are open. All pending connection attempts / connections are detected. This mode is only active until the device has been configured for the first time. + FE 2. Connect the device to a power supply (DC 10 30 V). Make sure the polarity is correct! WAN WAN 3. Connect the terminals I1 and + (I1 = high). b. Bridge mode with active packet filter (Security by default): After booting, both the packet filter and the learning mode are active. That is, the WAN > LAN and LAN > WAN transitions are blocked. All pending connection attempts are detected. ADVICE Input 1 is only evaluated until the mbnetfix has been configured once, then the state of input 1 is ignored. Prog Prog Function Pwr Function Pwr Reset Reset Stat 10...30 Stat Usr 10...30 VDC 1. Connect equipotential bonding Usr VDC to the functional earth (FE). VDC + FE LAN LAN 3 3 LAN LAN 2 2 LAN LAN 1 1 2. Connect the device to a power supply (DC 10 30 V). Make sure the polarity is correct! - 11 -

After switching on the power supply the Prog LED Pwr lights up. Function As soon as the system has Reset been checked and starts, Prog the LED flashes 10...30 for the Function VDC duration of the boot process Reset (about 90 seconds). 10...30 n VDC If the mbnetfix is ready, the LED Pwr + will light up. Pwr Stat Pwr Usr Stat Pwr Usr LAN LAN 2 3 Light code in bridge mode - packet filter active - LED Stat on => the firewall is active LED Usr on => the device has not yet been configured. LAN LAN 1 2 Light code in bridge mode - packet filter INACTIVE - LAN 1 LED Stat flashes => the packet filter is inactive LED Usr on => the device has not yet been configured. n n Pwr Stat Usr Pwr Stat Usr - 12 -

8 Using the mbnetfix in bridge mode Network A Network A WAN 1 0 0 1 0 LAN 0 0 192.168.0x/24 192.168.0x/24 If you use the mbnetfix in bridge mode and install it unconfigured in your network environment, start the device in bridge mode with packet filter INACTIVE (input 1 = HIGH). After booting, the packet filter is inactive and the learning mode is active. That is, the WAN > LAN and LAN > WAN transitions are open. All pending connection attempts / connections are detected. Input 1 is only evaluated until the mbnetfix has been configured once, then the state of input 1 is ignored. Use bridge mode if your network is on the LAN and WAN side of mbnetfix in the same network segment (see graphic above for example IP addresses). - 13 -

9 Using the mbnetfix in gateway mode Network A Network B WAN LAN 192.168.0x/24 172.16.0x/24 If you use the mbnetfix in gateway mode, start the device in Bridge mode with active packet filter. After booting, both the packet filter and the learning mode are active. That is, the WAN > LAN and LAN > WAN transitions are blocked. All pending connection attempts are detected. Use gateway mode if your network is on the LAN and WAN side of the NETFIX in different network segments (see graphic above with the IP example addresses). - 14 -

10 Configuration of the mbnetfix The configuration of the firewall is made via the USB interface using the software mbnetfix Manager (not included in delivery). In addition to a convenient graphical user interface (GUI) and public-key authentication, the mbnetfix Manager offers all the functions that an automation engineer knows from his PLC programming environment (eg export, import, duplicate, online comparison, online functions, etc.). Request your free copy of the mbnetfix Manager here: sales@mbconnectline.com (subject: mbnetfix Manager) After the installation, you can configure the mbnetfix for the respective purpose using a wizard. 11 Factory settings on delivery Default settings mbnetfix: IP address (USB port): 169.254.0.1 Subnet Mask: 255.255.0.0 User 1: admin User 2: Password: factoryreset The device password can be found on the device nameplate and is valid for both users. 12 Load factory settings (Factory Reset) Log into the mbnetfix Manager on the device with the user factoryreset. Connect to the mbnetfix ( Go online ). In the Device menu select the menu item Factoryreset. The mbnetfix will now be reset to its original factory settings and must be reconfigured. - 15 -

13 Technical data Voltage V (DC) Power consumption 10-30 V DC (SELV and Limited Energy circuit) max. 250 ma @ 24 V Operating temperature -40 75 C Dimensions 69 mm x 33,5 mm x 92,5 mm (W x D x H) Mounting DIN rail mounting (based on DIN EN 50022) Extract from the technical data sheet. Find the complete technical data in our download portal at www.mbconnectline.com 14 Technical support For technical support (FAQ, troubleshooting, most recent information, etc.) see our website www.mbconnectline.com. For support enquiries, always give the serial number of your mbnetfix. E-mail: support@mbconnectline.com Tel.: (EU) +49 (0) 98 51 / 58 25 29 900 / (US) +1-630-797-6067 MB connect line GmbH Fernwartungssysteme Winnettener Str. 6 91550 Dinkelsbühl Germany Hereby MB connect line acknowledges that the device mbnetfix NFH100 is in complies with the essential requirements and other relevant provisions of directive 2014/30/EU. The declaration of conformity can be found at: www.mbconnectline.com + 49 (0) 700 / MBCONNECT + 49 (0) 700 / 62 26 66 32 www.mbconnectline.com MB CONNECT LINE 2017-16 -

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback