show the entry list
Industrial Ethernet network components (wireless) -- Operation and maintenance -- Teleservicing 
Which ports are used by the various services for data transfer by means of TCP and UDP and what should you watch out for when using routers and firewalls? 
Which ports are used by the various services for data transfer by means of TCP and UDP and what should you watch out for when using routers and firewalls?Go to beginning
Part number:

Description
 This entry gives you an overview of the ports used by the various services for data transfer by means of TCP and UDP.

If the data is transferred over routers or if firewalls are used, the port must be enabled in the router or firewall according to the service implemented.
 

Service

Destination port

 Transport protocol

Description

FTP

20, 21

 TCP

The "File Transfer Protocol" is used for transferring files to and from a remote computer system. Here, the protocol uses TCP/IP as the underlying protocol.

Using the File Transfer Protocol you can execute commands for files and directories, for example:

  • List or delete files and directories on the remote system.
  • Access files in the IT CP or Advanced CP (the IT CP or Advanced CP is FTP server).

Direction of access
This function allows you to download files (your own HTML pages, for example) from a PC into the IT CP or Advanced CP using an FTP client.

Telnet 23 TCP Telnet helps set up a terminal session on the Telnet server to the Telnet client. This client/server protocol is based on TCP and is used for web-based management on OSM and ESM.

SMTP

25
465 (encrypted)

 TCP

The Simple Mail Transport Protocol is used in the internet to deliver e-mails to a mail server and exchange mails between two mail servers.
SMTP is used to gain access to the mail client (IT CP or Advanced CP is SMTP client) on a mail server (SMTP server).

Direction of access
 With an IT CP or Advanced CP you can send e-mails from the user program. This is done by sending a message to Port 25 and the IP address of the configured mail server.

DNS 53 TCP,
UDP		 The Domain Name System (DNS) is responsible for assigning names and resolution in IP-based networks.
bootps (DHCP) 67 (Server) UDP The Dynamic Host Configuration Protocol (DHCP) permits you to assign the network configuration to clients by means of a server.
bootpc (DHCP) 68 (Client) UDP
TFTP 69 UDP The Trivial File Transfer Protocol (TFTP) is a simple protocol for file transfer. Each file package is acknowledged separately. TFTP is used for OSM/ESM to download firmware or save and load configurations. More information is available in the manual "SIMATIC NET Industrial Ethernet OSM/ESM Network Management", section 6.3 in Entry ID 8677203.

HTTP

80

 TCP

The Hypertext Transfer Protocol (HTTP) is a transfer protocol for transferring information in the World Wide Web (WWW). HTTP is used to gain access to an HTML page in the IT CP or Advanced CP (IT CP is HTTP server).

Direction of access
On an IT CP or Advanced CP you can store HTML pages with which you can read the process values from the controller.

RFC1006

102

 TCP

RFC 1006 is based on the TCP protocol and permits a reliable connection between two systems.
 RFC 1006 is used for standard connections in the SIMATIC environment.
Areas of application:

  • STEP 7 remote programming via LAN

  • STEP 7 remote programming via ISDN

  • ISO-on-TCP connections

  • S7 connections via Industrial Ethernet

The TCP Port 102 must be enabled in all areas of application.

Note
Port 102 is blocked by default in routers and firewalls and must be enabled for the complete transfer route.

NTP 123 UDP The Network Time Protocol (NTP) is a standard for time synchronization in IP-based networks.
SNMP 161,162 UDP Simple Network Management Protocol (SNMP) is a UDP-based protocol that has been specified specially for the administration of data networks. The SNMP is for managing and configuring the different network components. In this way routers, switches and other components that are usually widely distributed can be managed from a central workstation.
HTTPS 443 TCP HyperText Transfer Protocol Secure (HTTPS) is for encryption and authentication of the communication between web server and browser in the World Wide Web.
ISAKMP 500 UDP The Internet Security Association and Key Management Protocol (ISAKMP) is a protocol for establishing security associations (SA) and exchanging cryptic codes in the internet.
Modbus 502 TCP,
UDP		 Modbus TCP
Syslog 514 UDP The syslog protocol is for transferring syslog messages. Syslog messages contain short text messages (less than 1024 bytes) and are transferred unencrypted.
IPSec 4500 TCP,
UDP		 Internet Protocol Security (IPS) is a security protocol that provides the following protection goals for communication over IP networks:
  • Confidentiality
  • Authenticity
  • Integrity

It is used to establish virtual private networks (VPN).

Table 01

The table below lists the product groups with the UDP/TCP protocols.
 
Service

Product groups

SCALANCE X with Management functions Wireless LAN PLC PLC CPs PC CPs IE/AS-i Link,
IE/PB Link,
IWLAN/PB Link
FTP server X X - X3)2) X -
Telnet X X - - X X7)
SMTP X X - - X X5)
DNS - - - - X -
bootpc
(DHCP client)		 X X - X2) X X5)
TFTP client X X - - X X5)
HTTP X X X12) X2) X X5)
RFC1006 - - X12) X2) X X6)
NTP X8) X8)9) X12) X2) X X
SNMP X X X12) X2) X X
HTTPS X X X12) - X -
Syslog client X10) X - - - -
ISAKMP - - - - X -
Modbus TCP - - X11) X4) - -
IPSec - - - - X -
Table 02

1) The integrated FTP server is for downloading the firmware in the module.
2) Information about which Industrial Ethernet CPs support theseservices is available in Entry IDs: 16767769 and 15368142.
3) The FTP service is supported by IT CPs and Advanced CPs.
4) The Modbus TCP service is supported with the "OPEN MODBUS / TCP CP" product. You can find more information about OPEN MODBUS / TCP communication in Entry ID: 22660304.
5) This service is supported only by IE/AS-i Link.
6) This service is supported only by IE/PB Link and IWLAN/PB Link.
7) This service is supported only by IWLAN/PB Link.
8) SCALANCE X and SCALANCE W support the Simple Network Time Protocol (SNTP), the simple form of the Network Time Protocol (NTP).
9) SCALANCE W in compliance with IEEE 802.11n supports Network Time Protocol (NTP). An overview of the SIMATIC NET Industrial Wireless LAN components in compliance with IEEE 802.11n is available in Entry ID: 56692761.
10) SCALANCE X-300, X-400 and X-500 can be used as Syslog client.
11) The Modbus TCP service is supported with the "OPEN MODBUS / TCP CP" product. You can find more information about OPEN MODBUS / TCP communication in Entry ID: 22660304.
12) Information about which CPUs support this service is available in Entry ID: 18909487.

Further information
 More information about the products mentioned above is available in the manuals below:
 
Manual Entry ID
Industrial Ethernet Switches SCALANCE X-200 Operating instructions 25508728
Industrial Ethernet Switches SCALANCE X-300 Operating instructions 26046091
Industrial Ethernet Switches SCALANCE X-400 Operating instructions 19625216
SCALANCE X-500 Web Based Management Configuration Manual 56699325
SCALANCE X-500 Command Line Interface Configuration Manual 56699784
SIMATIC NET SCALANCE W700 Web Based Management Configuration Manual 57269008
SIMATIC NET SCALANCE W700 Command Line Interface Configuration Manual 57269842
IE/PB Link PN IO 19299692
IWLAN/PB Link 21379908
IE/AS-i Link 22712154
Table 03

 Entry ID:58064476   Date:2012-04-02 
I regard this article....as helpfulas not helpful                                 
Print  
    © Siemens AG 2013 - Corporate Information - Privacy Policy - Terms of Use
related links
GPRS/GSM-Modem SINAUT MD740-1 Sy ...
SINEMA Server
PCS 7 Security Concept Recommenda ...
Getting Started SENTRON powermana ...
WinCC Professional V11.0 SP1
mySupport
All personal data, information and functions at a glance - e.g.
My Documentation Manager 
Newsletter 
CAx-Download-Manager 
Support Request
To this entry
Print
Create PDF 
Send to a friend
QuickLinks
Compatibility tool 
Help
Online Help
Guided Tour