Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 62811920, Entry date: 08/06/2012

Why does the VPN LED of the SCALANCE M875 and MD741-1 continue to light although the secure IPsec tunnel connection is disconnected?

  • Entry
  • Associated product(s)

The VPN LED of the SCALANCE M875 indicates whether or not a VPN connection is established.

If the SOFTNET Security Client (SSC) establishes a secure IPsec tunnel connection to the SCALANCE M875, the VPN LED of the M875 lights. The IPsec tunnel connection is monitored by the Dead Peer Detection (DPD). The SSC does not support the DPD. In this way the VPN LED of the M875 does not go out when the IPsec tunnel connection of the SSC is disconnected, but only when the certificate lifetime has expired.

Note on security
The functions and solutions described in this article confine themselves predominantly to the realization of the automation task. Furthermore, please take into account that corresponding protective measures have to be taken in the context of Industrial Security when connecting your equipment to other parts of the plant, the enterprise network or the internet. More information is available in Entry ID: 50203404.

Additional information

  • More information about SCALANCE M875 is available in the manual "SIMATIC NET Telecontrol SCALANCE M875 Operating Instructions" in Entry ID 58122394.
  • More information about configuring secure IPsec tunnel connections between the security modules is available in the manual "SIMATIC NET Industrial Ethernet Security Basics and Applications Configuration Manual" in Entry ID: 56577508.

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit