manualshive.com logo in svg

Siemens SIMATIC NET RUGGEDCOM APE1808, Configuration Manual

The Siemens SIMATIC NET RUGGEDCOM APE1808 is a high-performance networking device. Ensure easy setup and maximize functionality with the Configuration Manual. Download this comprehensive and user-friendly manual for free from our website. Discover step-by-step instructions and unlock the full potential of your APE1808.

Share
Download
background image

Overview
1.3 Security Recommendations

the RSS feed on the Siemens ProductCERT SSecurity Advisories website, or by fol-

lowing @ProductCert on Twitter.

• Only enable the services that will be used on the module, including physical

ports. Unused physical ports could potentially be used to gain access to the net-

work behind the module.

• When using the Windows®-based version of the RUGGEDCOM APE1808, use Bit-

locker to avoid unauthorized access to sensitive information stored on the hard

drive.

Authentication

• When using the Linux-based version of the RUGGEDCOM APE1808, add an ad-

ministrative account, disable the root user on Debian Linux, and replace any de-

fault passwords. For a list of default user profiles and passwords, refer to 

"Log-

ging in to RUGGEDCOM APE1808 (Page 11)"

.

• To prevent unauthenticated access to the BIOS, configure a supervisor password

and set the power on password. For more information, refer to 

"Setting the BIOS

Password (Page 12)"

.

• When using the Linux-based version of the RUGGEDCOM APE1808, ensure the

GRUB bootloader password is configured. For more information, refer to 

"Setting

the GRUB Bootloader Password (Page 14)"

.

• Use strong passwords. Avoid weak passwords such as 

password1

123456789

,

abcdefgh

, etc.

• Passwords should not be re-used across different usernames and systems, or af-

ter they expire.

• Make sure to take appropriate precautions when shipping the module beyond

the boundaries of the trusted environment:
• If SSH and SSL keys are configured, replace the existing keys with 

throwaway

keys prior to shipping.

• If SSH and SSL keys are configured, take the existing keys out of service.

When the module returns, create and program new keys for the module.

Communication

• Log messages should be delivered using TLS-encrypted syslog over TCP to pre-

vent them from being sent as plain text.

Physical/Remote Access

• Do not connect the device to the Internet. Deploy the device only within a secure

network perimeter.

• Exercise extreme caution when changing any settings in the BIOS. For example,

USB and PXE boot are disabled by default; enabling these settings is not advis-

able for securing the module.

• Control access to the USB, SD Card slot, and gigabit Ethernet ports to the same

degree as any physical access to the module.

4

RUGGEDCOM APE1808

Configuration Manual, 11/2019, C79000-G8976-1415-03

Summary of Contents for SIMATIC NET RUGGEDCOM APE1808

Page 1: ...Edition 11 2019 Configuration Manual SIMATIC NET Industrial Ethernet Switches RUGGEDCOM APE1808 For APE1808 APE1808W10 https www siemens com ...

Page 2: ...Industrial Ethernet Switches RUGGEDCOM APE1808 Configuration Manual For APE1808 APE1808W10 Preface Overview 1 Configuring and Using the RUGGEDCOM APE1808 2 Frequently Asked Questions 3 11 2019 C79000 G8976 1415 03 ...

Page 3: ... personnel are those who based on their training and experience are capable of identify ing risks and avoiding potential hazards when working with these products systems Proper Use of Siemens Products Note the following WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation If products and components from other manufactur...

Page 4: ...rking in Factory Default Conditions 7 1 8 2 Example RX15xx Services and WAN Networking 8 2 Configuring and Using the RUGGEDCOM APE1808 11 2 1 Logging in to RUGGEDCOM APE1808 11 2 2 Adding a User Linux Only 11 2 3 Setting the Root and User Passwords Linux Only 12 2 4 Setting the BIOS Password 12 2 5 Disabling Alternative Boot Options 13 2 6 Setting the GRUB Bootloader Password 14 2 7 Setting the Ha...

Page 5: ...Table of Contents iv RUGGEDCOM APE1808 Configuration Manual 11 2019 C79000 G8976 1415 03 ...

Page 6: ... other documents related to this product that may be of interest Unless indicated otherwise each document is available on the Siemens Industry On line Support SIOS https support industry siemens com website Note Documents listed are those available at the time of publication Newer versions of these documents or their associated products may be available For more informa tion visit SIOS or consult ...

Page 7: ...o provide training specific to the customer s application For more information about training services and course availability visit https www siemens com or contact a Siemens Sales representative Customer Support Customer support is available 24 hours 7 days a week for all Siemens customers For technical support or general information contact Siemens Customer Support through any of the following ...

Page 8: ...Preface Customer Support Ask questions or share knowledge with fellow Siemens customers and the support community RUGGEDCOM APE1808 Configuration Manual 11 2019 C79000 G8976 1415 03 vii ...

Page 9: ...Preface Customer Support viii RUGGEDCOM APE1808 Configuration Manual 11 2019 C79000 G8976 1415 03 ...

Page 10: ...3 4 5 6 4 1 SD Card Slot 2 Display Port 3 Gigabit Ethernet GbE Port 4 USB Ports 5 Reset Button 6 Power LED Figure 1 1 RUGGEDCOM APE1808 Module 1 1 Operating System Each RUGGEDCOM APE1808 module comes with a pre installed operating system Module Operating System APE1808 Debian Linux APE1808W10 Microsoft Windows 10 Upgrading or Changing the Operating System The operating system can be upgraded or ex...

Page 11: ... File Allocation Table exFAT file system which is not pre installed in the Linux based versions of the RUGGEDCOM APE1808 For more information refer to the SD Standard Overview https www sd card org developers overview capacity Linux add ons that provide support for exFAT are available but must be used in con junction with a valid license from Microsoft or a Microsoft authorized provider For more i...

Page 12: ...ce may have USB 2 0 or 3 0 interfaces SD Card Usage Limit the usage of 3 3 V SD cards and use UHS I type SD cards whenever possible 1 3 Security Recommendations To prevent unauthorized access to the module note the following security recom mendations Hardware Software Before commissioning the RUGGEDCOM APE1808 line module apply the latest security updates from Debian or from Microsoft as per stand...

Page 13: ...gured For more information refer to Setting the GRUB Bootloader Password Page 14 Use strong passwords Avoid weak passwords such as password1 123456789 abcdefgh etc Passwords should not be re used across different usernames and systems or af ter they expire Make sure to take appropriate precautions when shipping the module beyond the boundaries of the trusted environment If SSH and SSL keys are con...

Page 14: ...age to the device When hot swapping the RUGGEDCOM APE1808 module wait 3 seconds before re inserting the module into the RUGGEDCOM router NOTICE Whenever possible reboot the RUGGEDCOM APE1808 from the operating system in stead of requesting a reboot with the Reset button This helps to safeguard against improper shutdowns and protect data integrity Powering Down the RUGGEDCOM APE1808 To fully power ...

Page 15: ... 2 3 4 1 Switch Fabric Data Plane 2 Line Module 10 100 1000Base TX 3 RUGGEDCOM APE1808 Module 4 Gigabit Ethernet GbE Network Interfaces Figure 1 2 A RUGGEDCOM RX15xx Device With an RUGGEDCOM APE1808 Module Installed 1 7 Default IP Addresses Based on the software platform installed on the RUGGEDCOM APE1808 the IP ad dresses for the front and or internal ports may be pre configured or set dynamicall...

Page 16: ...ed in a RUGGEDCOM RX15xx chassis with a four port Eth ernet module in LM2 Figure 1 3 Example Configuration In the factory default condition all Ethernet interfaces on the RUGGEDCOM RX15xx router including the internal port of the RUGGEDCOM APE1808 are created as switched ports in the default VLAN When DHCP is configured in RUGGEDCOM ROX II an IPv4 subnet and a gateway IP are automatically assigned...

Page 17: ...or much the same reason should you wish to forward traffic arriving on fe cm 1 through to the 172 16 0 0 16 network via the RUGGEDCOM APE1808 you would need to configure a route for it on the RUGGEDCOM RX15xx device and enable IP for warding from the Windows or Linux operating system Note When operating the RUGGEDCOM APE1808 in either switch or router mode the RUGGEDCOM RX15xx will issue RSTP BPDU...

Page 18: ...le these ports must be configured as socket ports that allow incoming calls on TCP ports 5001 ser 3 1 through 5006 ser 3 6 While any address on the RX1500 control module may be used to connect the RUGGEDCOM APE1808 to these ports switch 0001 switch 0002 and dummy0 addresses are recommended In par ticular dummy0 addresses are useful when router redundancy is implemented As in the previous scenario ...

Page 19: ...Overview 1 8 2 Example RX15xx Services and WAN Networking 10 RUGGEDCOM APE1808 Configuration Manual 11 2019 C79000 G8976 1415 03 ...

Page 20: ...TICE Security hazard risk of unauthorized access To prevent unauthorized access to the device make sure to change the default pass word before commissioning the device Software Platform Default Username Default Password Windows 10 Enterprise 2019 LTSC There is no default username or password for Windows 10 Enter prise 2019 LTSC installations The username and password is set by the user during the ...

Page 21: ...Phone Other Is the information correct Y n y root wheezyape 2 3 Setting the Root and User Passwords Linux Only For security reasons the default root Linux password should be changed before the module is deployed NOTICE Use strong passwords Avoid weak passwords such as password1 123456789 abcdefgh etc Changing the Root Password To change the default root password for Linux do the following 1 Login ...

Page 22: ...ll control of all RUGGEDCOM APE1808 set tings 5 Enable Power On Password 6 Set the supervisor and power on password 7 Press F10 to save and reboot 2 5 Disabling Alternative Boot Options To prevent users with physical access to the module from logging in to the device and bypassing the bootloader password it is recommended that alternative unau thorized boot options be disabled before the module is...

Page 23: ...C845E07E440F134D ED2537081F54 Record the password for future use in the upcoming steps 3 Using vim or nano open the file etc grub d 40_custom 4 In the file etc grub d 40_custom add the following line set superusers root 5 Add the the following line password_pbkdf2 root KEY Add the GRUB password created in Step 2 to this line For example password_pbkdf2 root grub pbkdf2 sha512 10000 380AD91E6C36BB4...

Page 24: ... Troubleshooting the RUGGEDCOM APE1808 The following describes potential solutions for common problems Lost IP Address The simplest resolution to this problem occurs when the RUGGEDCOM APE1808 is easily reached and a monitor is attached The RUGGEDCOM APE1808 can be queried for the IP address and the configuration of the RUGGEDCOM APE1808 or command module may be changed to allow networking If the ...

Page 25: ...Installation Manual for your RUGGEDCOM RX15xx device If power is sufficient the syslog file should be examined for irregularities during the boot The last boot may have occurred some time in the past and may no longer be recorded in the syslog If this is the case the module can be rebooted by disabling it and re enabling it The syslog will then contain enties reflecting the RUGGEDCOM APE1808 boot ...

Page 26: ...ecover an image of the original factory settings A Siemens strongly recommends creating a backup image of the RUGGEDCOM APE1808 before it is configured If this image is available it can be easily re stored If an original backup image is not available contact Siemens Customer Support for assistance In most cases the RUGGEDCOM APE1808 module must be re turned to the factory to be re imaged This serv...

Page 27: ...Frequently Asked Questions 18 RUGGEDCOM APE1808 Configuration Manual 11 2019 C79000 G8976 1415 03 ...

Page 28: ...ttps www siemens com Industry Online Support service and support https support industry siemens com Industry Mall https mall industry siemens com Siemens AG Digital Industry Process Automation Postfach 48 48 90026 NÜRNBERG GERMANY ...

Reviews:

No comments

Related manuals for SIMATIC NET RUGGEDCOM APE1808

Ubee DVW3201B User Manual preview
DVW3201B
Brand: Ubee Pages: 9
Conceptronic C150BRS4 Quick Installation Manual preview
C150BRS4
Brand: Conceptronic Pages: 230
Direct IP IDIS DR-1304P Operation Manual preview
IDIS DR-1304P
Brand: Direct IP Pages: 76
Ensemble Designs Avenue Express Control Panel Data Pack preview
Avenue Express Control Panel
Brand: Ensemble Designs Pages: 19
Patton electronics 3087 Quick Start Manual preview
3087
Brand: Patton electronics Pages: 12
CalAmp Viper 100 User Manual preview
Viper 100
Brand: CalAmp Pages: 115
BinTec BIANCA/BRI Getting Started preview
BIANCA/BRI
Brand: BinTec Pages: 34
Abocom 802.11a/b/g SDIO WiFi Module SDM3100 User Manual preview
802.11a/b/g SDIO WiFi Module SDM3100
Brand: Abocom Pages: 14
ZyXEL Communications SHD1110 Quick Start Manual preview
SHD1110
Brand: ZyXEL Communications Pages: 12
ADTRAN 1700601G2 Quick Start Manual preview
1700601G2
Brand: ADTRAN Pages: 4
Extreme Networks Summit WM3400 Installation Manual preview
Summit WM3400
Brand: Extreme Networks Pages: 51
Gbord EN-203 User Manual preview
EN-203
Brand: Gbord Pages: 11
Radio Shack TRS-80 PTC-64 Operation Manual preview
TRS-80 PTC-64
Brand: Radio Shack Pages: 40
QCT QuantaGrid D51PH-1ULH Service Manual preview
QuantaGrid D51PH-1ULH
Brand: QCT Pages: 167
Wieland wienet UMS 5-L Installation Instruction preview
wienet UMS 5-L
Brand: Wieland Pages: 2
Enterasys Matrix 6H303-48 Hardware Installation Manual preview
Matrix 6H303-48
Brand: Enterasys Pages: 90
Planet Networking & Communication VRT-311 User Manual preview
VRT-311
Brand: Planet Networking & Communication Pages: 147
IC Realtime Elite Series Quick Start Manual preview
Elite Series
Brand: IC Realtime Pages: 8

Brands by name

Popular brands

Load more brands