Configuration
4.9 Security
CP 1243-1
Operating Instructions, 04/2017, C79000-G8976-C365-03
69
7.
In the table, insert a new IP rule for the previously created global services as follows:
–
Action: Allow; "From external -> To station " with the globally created "Echo request"
service
–
Action: Allow; "From station -> to external" with the globally created "Echo reply"
service
8.
For the IP rule for the Echo Request, enter the IP address of the engineering station in
"Source IP address". This ensures that only ICMP frames (ping) from your engineering
station can pass through the firewall.
4.9.5
E-mail configuration
Configuring e-mails in STEP 7
With special events, e.g. CPU STOP, the CP can send e-mails. It does not depend on
whether telecontrol communication is used.
When using telecontrol communication, additionally configured events in the process image
of the CPU can trigger the sending of e-mails. Along with the e-mail process data can also
be sent.
You configure the individual e-mails in the message editor (entry "Messages"), see section
Requirements
The following requirements must be met in the configuration for sending e-mails:
●
The security functions are enabled.
●
The time of the CP is synchronized.
●
In the "E-mail configuration" entry, the protocol to be used and the data for access to the
e-mail server are configured.
E-mail configuration
With the default setting of the SMTP port 25, the module transfers unencrypted e-mails.
If your e-mail service provider only supports encrypted transfer, use one of the following
options:
●
Port no. 587
By using STARTTLS, the module sends encrypted e-mails to the SMTP server of your e-
mail service provider.
Recommendation: If your e-mail provider offers both options (STARTTLS / SSL/TLS), you
should use STARTTLS with port 587.
●
Port no. 465
By using SSL/TLS (SMTPS), the module sends encrypted e-mails to the SMTP server of
your e-mail service provider.