×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 48711436, Entry date: 03/13/2013
(2)
Rate

Which TCP ports must be enabled in a router (or firewall) to permit access to a SIMOTION controller or SINAMICS drive via Ethernet?

  • Entry
  • Associated product(s)
TCP ports required for access to SIMOTION / SINAMICS

The following TCP ports must be enabled (open) for all routers and firewalls in the transmission link to permit the use of the following services: 1)

Access to a SIMOTION controller/SINAMICS drive

  • via engineering software SCOUT (or STARTER):
    • Port 102 (ISO-TSAP (Transport Service Access Point))
    • Port 5188 (only for SIMOTION)
    • Ping Request (ICMP) 2)
  • via web browser to the integrated web server:
    • Port 80 or 8080 (HTTP or HTTP alternate)
    • Port 443 (HTTPS)
  • via FTP (only for SIMOTION):
    • Port 20, 21 (data communication, check)
  • via TCP or UDP to the user program (only for SIMOTION):
    • Possible configurable port numbers are 1024 to 65535
  • via OPC XML-DA (only for SIMOTION):
    • Port 80 or 8080 (HTTP or HTTP alternate)
    • Port 443 (HTTPS)

1) An open port can be verified with the following test, for example:
Under Windows, open the DOS window and enter the command
"telnet <SIMOTION_IP_address> <Port>" (e.g. "telnet 192.168.214.1 102").
The space between <SIMOTION_IP_address> and the port number to be queried is important.
If the screen in the DOS window turns black or if another window opens, you query has received an answer via the port, i.e. the port is open.
If this does not happen or if the query is canceled after some time with an error message, then SIMOTION does not respond via this port.
A SIMOTION controller only responds via Port 5188 if you were online via SCOUT (Port 102) prior to that.

2) As of SCOUT / STARTER V4.3, ping-based connection monitoring can be deactivated. Therefore, the Ping Request (ICMP) may not have to be enabled. For this purpose, open the settings in SCOUT / STARTER under the menu command "Tools" and remove the checkmark at "Use S7-TCP connection monitoring" in the "CPU Download" tab (see figure below).


Security information
Siemens provides products and solutions with industrial security functions that support the secure operation of plants, solutions, machines, equipment and/or networks. They are important components in a holistic industrial security concept. With this in mind, Siemens’ products and solutions undergo continuous development. Siemens recommends strongly that you regularly check for product updates.
For the secure operation of Siemens products and solutions, it is necessary to take suitable preventive action (e.g. cell protection concept) and integrate each component into a holistic, state-of-the-art industrial security concept. Third-party products that may be in use should also be considered. For more information about industrial security, visit 
https://www.siemens.com/industrialsecurity.

To stay informed about product updates as they occur, sign up for a product-specific newsletter. For more information, visit 
https://support.industry.siemens.com

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.