Configuration
4.16 Security
CP 1243-8 IRC
116
Operating Instructions, 02/2018, C79000-G8976-C385-03
3.
Open the parameter group "VPN“ in the local security settings.
4.
For each VPN connection with the CP as a passive VPN subscriber, change the default
setting "Initiator/Responder" to the setting "Responder".
4.16.8.6
SYSLOG
Use of SYSLOG only with 1 VPN connection
If you want to use SYSLOG with level 7 (debug) via Vpn connections, this is only possible
with a single established VPN connection.
4.16.8.7
SINEMA Remote Connect
Remote maintenance with SINEMA Remote Connect (SINEMA RC)
The application "SINEMA Remote Connect" (SINEMA RC) is available for remote
maintenance purposes.
SINEMA RC uses OpenVPN for encryption of the data. The center of the communication is
SINEMA RC Server via which communication runs between the subscribers and that
manages the configuration of the communications system.
Preparatory steps
Execute the following steps before start configuring the SINEMA RC connection of the
module in STEP 7. They are the prerequisite for a consistent STEP 7 project.
●
Configuration of SINEMA Remote Connect - Server
Configure SINEMA RC - Server as necessary (not in STEP 7). The communication
module and its communication partners must be configured in the SINEMA RC Server.
●
Exporting the CA certificate (optional)
If you want to use the server certificate as authentication method of the communication
module during connection establishment, export the CA certificate from SINEMA RC -
Server. Then import the CA certificate from SINEMA RC - Server to the engineering
station.
Alternatively, you can use the fingerprint of the server certificate as authentication method
of the communication module.
Note
Recommended authentication method:
The recommended authentication method is the one using the CA certificate. The certificate
is valid for 10 years.
The fingerprint, on the other hand, is derived from the server certificate. Its validity may be
significantly shorter.