Secure Remote Access to SIMATIC Stations via Internet and UMTS
Due to the increasing networking through the Ethernet, remote diagnostic and/or remote maintenance also takes on a high priority in modern automation systems. Today’s internet access mechanisms (radio, broadband) united with the security components by Siemens are a successful combination. The task is now to connect several SIMATIC remote stations with devices (S7-CPUs, HMI devices, Ethernet CPs, etc.) via a wireless transmission medium with a service center via the industrial Ethernet. A PG/PC in the service center or in any place is to carry out all the service and diagnostic functions.
Siemens offers a large selection of components with security functionality to secure access to and from production plants: With these modules a secured connection can be established by means of an IPSec VPN tunnel. The following picture shows the entire constellation.
The first document shows the use of the UMTS router SCALANCE M875, the security module SCALANCE S612 V3 and the security CP 343-1 Advanced V3
The focus of the second document here is in the use of dynamic IP addresses and access via dynamic DNS. This is demonstrated by a VPN connection between the security module UMTS router SCALANCE M875 and the SOFTNET Security Client, which is installed on the Remote Service PG
Both documents show you all configuration steps in detail that are required to establish the VPN tunnels between the security components.
Diagnostic scenarios of the documents:
- STEP 7 standard diagnostic
- STEP 7 program upload and download
- HTML access to webpages of the modules
- Secure FTP data communication (FTPES) (document 1)
- Time synchronization with NTP (secure) (document 1)
|Getting Started with Industrial Remote Communication||Entry-ID: 64721753|
|Protection of an Automation Cell Using the SCALANCE S602 V3 and SCALANCE S623 Security Modules via a Firewall||Entry-ID: 22376747|
|Industrial Security with SCALANCE S Modules Over IPSec VPN Tunnels (Configuration 4)||Entry-ID: 22056713|
|Security with SIMATIC NET||Entry-ID: 27043887|
Complete revision of scenarios
Additional documentation Remote Access with dynamic DNS
CPx43-1 Advanced, SCALANCE S612 V3, SOFTNET Security Client, SCALANCE M875, DynDNS, dynamic DNS, VPN, FTPES, FTPS, NTP (secure), Roadwarrior