Siemens SCALANCE M812, SCALANCE M816 Operating Instructions Manual
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
SIMATIC NET
Industrial Remote Communication
Remote Networks
SCALANCE M812, M816
Operating Instructions
08/2018
C79000
Preface
Security recommendations
1
Description of the device
2
Installation
3
Connecting up
4
Dimension drawings
5
Technical specifications
6
Approvals
A
-G8976-C331-06
Siemens AG
Division Process Industries and Drives
Postfach 48 48
90026 NÜRNBERG
GERMANY
Document order number: C79000-G8976-C343
Ⓟ
Copyright © Siemens AG 2014 - 2018.
All rights reserved
Legal information
Warning notice system
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
indicates that minor personal injury can result if proper precautions are not taken.
NOTICE
indicates that property damage can result if proper precautions are not taken.
Qualified Personnel
personnel qualified
Proper use of Siemens products
WARNING
Siemens products may only be used for the applications described in the catalog and in the relevant technical
ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks
Disclaimer of Liability
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent
damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert
symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are
graded according to the degree of danger.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will
be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to
property damage.
The product/system described in this documentation may be operated only by
task in accordance with the relevant documentation, in particular its warning notices and safety instructions.
Qualified personnel are those who, based on their training and experience, are capable of identifying risks and
avoiding potential hazards when working with these products/systems.
Note the following:
documentation. If products and components from other manufacturers are used, these must be recommended
or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and
maintenance are required to ensure that the products operate safely and without any problems. The permissible
All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication
may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
We have reviewed the contents of this publication to ensure consistency with the hardware and software
described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the
information in this publication is reviewed regularly and any necessary corrections are included in subsequent
editions.
for the specific
07/2018 Subject to change
Preface
Purpose of the Operating Instructions
Validity of the manual
Naming of the devices
Classification
Description
Terms used
term M81x is used.
M816
Further documentation
These compact operating instructions contain information with which you will be able to
install and connect up a device of the SCALANCE M -800 product line. The configuration
and the integration of the device in a network are not described in these instructions.
These operating instructions apply to the following devices:
● SCALANCE M812-1
● SCALANCE M816-1
Product line For all devices and variants in the product line, the term M-
Device family For all devices and variants in the device family line, the
Device If information relates to a specific device, the device name
● System manual "Industrial Ethernet"
The system manual contains information on other SIMATIC NET products that you can
operate along with the devices of this product line in an Industrial Ethernet network.
There, you will find among other things optical performance data of the communications
partner that you require for the installation.
The "SIMATIC NET Industrial Ethernet" system manual can be found on the Internet
pages of Siemens Industry Online Support under the following entry ID: 27069465
(https://support.industry.siemens.com/cs/ww/en/view/27069465)
● "Passive network components" system manual
This system manual contains installation instructions for several of the most common
components and guidelines for setting up networked automation plants in buildings.
The "Passive network components" system manual can be found on the Internet pages of
Siemens Industry Online Support under the following entry ID: 84922825
(https://support.industry.siemens.com/cs/ww/en/view/84922825)
M-800
800 is used.
M81x
M812
is used.
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
3
Preface
SIMATIC NET manuals
You will find SIMATIC NET manuals on the Internet pages of Siemens Industry Online
Support:
● using the search function:
Link to Siemens Industry Online Support
(https://support.industry.siemens.com/cs/ww/en/)
Enter the entry ID of the relevant manual as the search item.
● In the navigation panel on the left hand side in the area "Industrial Communication":
Link to the area "Industrial Communication"
(https://support.industry.siemens.com/cs/ww/en/ps/15247/pm)
Go to the required product group and make the following settings:
tab "Entry list", Entry type "Manuals"
You will find the documentation for the SIMATIC NET products relevant here on the data
medium that ships with some products:
● Product CD / product DVD
● SIMATIC NET Manual Collection
You will find the article numbers for the Siemens products of relevance here in the following
catalogs:
● SIMATIC NET Industrial Communication / Industrial Identification, catalog IK PI
● SIMATIC Products for Totally Integrated Automation and Micro Automation, catalog
ST 70
● Industry Mall - catalog and ordering system for automation and drive technology, Online
catalog (https://mall.industry.siemens.com)
You can request the catalogs and additional information from your Siemens representative.
SCALANCE M812, M816
4 Operating Instructions, 08/2018, C79000-G8976-C331-06
Preface
Security information
Recycling and disposal
Trademarks
Siemens provides products and solutions with industrial security functions that support the
secure operation of plants, systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is
necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial
security concept. Siemens’ products and solutions constitute one element of such a concept.
Customers are responsible for preventing unauthorized access to their plants, systems,
machines and networks. Such systems, machines and components should only be
connected to an enterprise network or the internet if and to the extent such a connection is
necessary and only when appropriate security measures (e.g. firewalls and/or network
segmentation) are in place.
For additional information on industrial security measures that may be implemented, please
visit
Link: (https://www.siemens.com/industrialsecurity)
Siemens’ products and solutions undergo continuous development to make them more
secure. Siemens strongly recommends that product updates are applied as soon as they are
available and that the latest product versions are used. Use of product versions that are no
longer supported, and failure to apply the latest updates may increase customers’ exposure
to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS
Feed under
Link: (https://www.siemens.com/industrialsecurity)
The products are low in pollutants, can be recycled and meet the requirements of the WEEE
directive 2012/19/EU for the disposal of electrical and electronic equipment.
Do not dispose of the products at public disposal sites.
For environmentally friendly recycling and the disposal of your old device contact a certified
disposal company for electronic scrap or your Siemens contact (Product return
(https://support.industry.siemens.com/cs/ww/en/view/109479891)).
Note the different national regulations.
The following and possibly other names not identified by the registered trademark sign ® are
registered trademarks of Siemens AG:
SCALANCE, SINEMA, KEY-PLUG, C-PLUG
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
5
Preface
License conditions
Note
Open source software
Read the license conditions for open source software carefully before using the
SIMATIC NET glossary
product.
You will find license conditions in the following documents on the supplied data medium:
● M87x, M81x, M826: OSS_Scalance-M-800-S615_86.pdf
● M804PB: OSS_Scalance-M-804_86.pdf
Explanations of many of the specialist terms used in this documentation can be found in the
SIMATIC NET glossary.
You will find the SIMATIC NET glossary on the Internet at the following address:
50305045 (https://support.industry.siemens.com/cs/ww/en/view/50305045)
SCALANCE M812, M816
6 Operating Instructions, 08/2018, C79000-G8976-C331-06
Table of contents
Preface ................................................................................................................................................... 3
1 Security recommendations ...................................................................................................................... 9
2 Description of the device ....................................................................................................................... 15
3 Installation ............................................................................................................................................ 29
4 Connecting up ....................................................................................................................................... 39
5 Dimension drawings .............................................................................................................................. 53
6 Technical specifications ........................................................................................................................ 57
A Approvals .............................................................................................................................................. 61
2.1 Product characteristics............................................................................................................ 15
2.2 Accessories ............................................................................................................................. 17
2.3 LED display ............................................................................................................................. 18
2.3.1 SCALANCE M812-1 ............................................................................................................... 18
2.3.2 SCALANCE M816-1 ............................................................................................................... 21
2.4 Terminals ................................................................................................................................ 24
2.5 SET button .............................................................................................................................. 26
2.6 C-PLUG and KEY-PLUG ........................................................................................................ 28
3.1 Securing the housing .............................................................................................................. 30
3.2 Wall mounting ......................................................................................................................... 31
3.3 Installing on the DIN rail .......................................................................................................... 33
3.4 Installing on the S7-300 standard rail ..................................................................................... 34
3.5 Installing on the S7-1500 standard rail ................................................................................... 35
3.6 Mounting on a pedestal........................................................................................................... 36
4.1 Safety when connecting up ..................................................................................................... 40
4.2 Power supply .......................................................................................................................... 42
4.3 Grounding ............................................................................................................................... 44
4.4 Digital input/output .................................................................................................................. 45
4.5 DSL interface .......................................................................................................................... 48
4.6 Ethernet port ........................................................................................................................... 49
4.7 Replacing the PLUG ............................................................................................................... 50
5.1 SCALANCE M812-1 ............................................................................................................... 53
5.2 SCALANCE M816-1 ............................................................................................................... 55
6.1 SCALANCE M812 \ M816 ...................................................................................................... 57
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
7
Table of contents
Index .................................................................................................................................................... 71
A.1 INSTALLATION...................................................................................................................... 62
A.2 EU declaration of conformity ................................................................................................. 63
A.2.1 ATEX ...................................................................................................................................... 64
A.2.3 RoHS ...................................................................................................................................... 65
A.3 General approvals ................................................................................................................. 66
A.3.1 ATEX ...................................................................................................................................... 66
A.3.2 IECEx ..................................................................................................................................... 68
A.3.3 RCM / C-TICK ........................................................................................................................ 68
A.3.4 FM certification ....................................................................................................................... 69
A.3.5 UL certification (product safety) ............................................................................................. 69
A.3.6 UL HAZ. LOC certification (explosion protection) .................................................................. 70
A.3.7 EAC ........................................................................................................................................ 70
SCALANCE M812, M816
8 Operating Instructions, 08/2018, C79000-G8976-C331-06
1
General
Physical access
Software (security functions)
To prevent unauthorized access, note the following security recommendations.
● You should make regular checks to make sure that the device meets these
recommendations and/or other security guidelines.
● Evaluate your plant as a whole in terms of security. Use a cell protection concept with
suitable products.
Link: (https://www.industry.siemens.com/topics/global/en/industrial-
security/pages/default.aspx)
● Separate connections correctly (WBM. Telnet, SSH etc.).
● Limit physical access to the device to qualified personnel.
The memory card or the PLUG (C-PLUG, KEY-PLUG) contains sensitive data such as
certificates, keys etc. that can be read out and modified.
● Lock unused physical ports on the device. Unused ports can be used to gain forbidden
access to the plant.
● Keep the software up to date. Check regularly for security updates of the product.
You will find information on this on the Internet pages "Industrial Security
(https://www.siemens.com/industrialsecurity)".
● Inform yourself regularly about security advisories and bulletins published by Siemens
ProductCERT (https://www.siemens.com/cert/en/cert-security-advisories.htm).
● Only activate protocols that you really require to use the device.
● Restrict access to the management of the device with firewall rules.
● The option of VLAN structuring provides good protection against DoS attacks and
unauthorized access. Check whether this is practical or useful in your environment.
● Use a central logging server to log changes and accesses. Operate your logging server
within the protected network area and check the logging information regularly.
● We recommend formatting a PLUG that is not being used.
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
9
Security recommendations
Passwords
Keys and certificates
● Define rules for the use of devices and assignment of passwords.
● Regularly update passwords and keys to increase security.
● Change all default passwords for users before you operate the device.
● Only use passwords with a high password strength. Avoid weak passwords for example
password1, 123456789, abcdefgh.
● Make sure that all passwords are protected and inaccessible to unauthorized personnel.
● Do not use the same password for different users and systems or after it has expired.
This section deals with the security keys and certificates you require to set up TLS, VPN
(IPsec, OpenVPN) and SINEMA RC.
● The device contains a pre-installed X.509 certificate with key. Replace this certificate with
a self-made certificate with key. We recommend that you use a certificate signed by a
reliable external or internal certification authority.
● Use the certification authority including key revocation and management to sign the
certificates.
● Make sure that user-defined private keys are protected and inaccessible to unauthorized
persons.
● Verify certificates and fingerprints on the server and client to prevent "man in the middle"
attacks.
● It is recommended that you use password-protected certificates in the PKCS #12 format
● It is recommended that you use certificates with a key length of at least 2048 bits.
● Change keys and certificates immediately, if there is a suspicion of compromise.
SCALANCE M812, M816
10 Operating Instructions, 08/2018, C79000-G8976-C331-06
Security recommendations
Secure/non-secure protocols
● Avoid or disable non-secure protocols, for example Telnet and TFTP. For historical
reasons, these protocols are still available, however not intended for secure applications.
Use non-secure protocols on the device with caution.
● Avoid or disable non-secure protocols. Check whether use of the following protocols is
necessary:
– Broadcast pings
– Non authenticated and unencrypted interfaces
– ICMP (redirect)
– LLDP
– Syslog
– DHCP Options 66/67
– TFTP
● The following protocols provide secure alternatives:
– SNMPv1/v2 → SNMPv3
Check whether use of SNMPv1 is necessary. SNMPv1 is classified as non-secure.
Use the option of preventing write access. The product provides you with suitable
setting options.
If SNMP is enabled, change the community names. If no unrestricted access is
necessary, restrict access with SNMP.
– HTTP → HTTPS
– Telnet → SSH
– TFTP → SFTP
● Use secure protocols when access to the device is not prevented by physical protection
measures.
● To prevent unauthorized access to the device or network, take suitable protective
measures against non-secure protocols.
● If you require non-secure protocols and services, activate these at interfaces that are
located within a protected network area.
● Using a firewall, restrict the services and protocols available to the outside to a minimum.
● For the DCP function, enable the "DCP read-only" mode after commissioning.
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
11
Security recommendations
Available protocols per port
Protocol
Port number
Port status
Default port status
Authentication
Encryption
Protocol
Protocol/port
number
Port status
Default port status
Authentication
Encryption
Local access
External
access
SSH
SFTP
HTTP
(when configured)
HTTPS
SNTP
(only outgoing)
SNMP v1/v3
(when configured)
configured)
DNS Server
(when configured)
The following list provides you with an overview of the open ports on this device. Keep this in
mind when configuring a firewall.
The table includes the following columns:
●
All protocols that the device supports
●
Port number assigned to the protocol
●
– Open
– Open (when configured)
●
The port is always open and cannot be closed.
The port is open if it has been configured.
– Local access
– External access
●
Specifies whether or not the protocol is authenticated during access.
●
Specifies whether the transfer is encrypted.
TCP/80 Open
TCP/443 Open Open Closed Yes Yes
UDP/123 Open
TCP/22 Open
Default port status of the port when the port is accessed via a local connection, e.g.
via LAN.
Default port status of the port when the port is accessed via an external connection,
e.g. WAN, WLAN, VPN.
Open Closed Yes Yes
(when configured)
Open Closed Yes No
Closed Closed No No
SCALANCE M812, M816
12 Operating Instructions, 08/2018, C79000-G8976-C331-06
UDP/161 Open
TCP/53 Open
Open Closed Yes Yes (when
Open Closed No No
Security recommendations
Protocol
Protocol/port
number
Port status
Default port status
Authentication
Encryption
Local access
External
access
DNS Client
Syslog
(only outgoing)
IPsec/IKE
UDP/4500
DHCP server
DHCP server
NTP client
(only outgoing)
NTP server
UDP/123
Open
Closed
Closed
No
No
Siemens Remote
Service
(cRSP/SRS)
PROFINET
UDP/34964
Open
Open
Open
No
No
OpenVPN to
SINEMA RC
KeyPlug]
TFTP
(only outgoing)
DynDNS
(only outgoing)
Telnet
(when configured)
Ping
ICMP
Open
Open
Closed
No
No
RADIUS client
UDP/1813
TIA Portal Cloud
Connector
(variable)
(when configured)
SMTP
(only outgoing)
HTTP proxy
(only outgoing)
1)
Only with SCALANCE M804PB
UDP/53 Open
(when configured)
UDP/514 Open
UDP/500
Open
(when configured)
UDP/67
Open
(when configured)
UDP/67
Open
(when configured)
UDP/123 Open
TCP/443 Open
(only outgoing)
TCP, UDP
depending
Open
(only outgoing)
on server
config [only
with
Open Closed No No
Closed Closed No No
Closed Open Yes Yes
Open Closed No No
Open Closed No No
Closed Closed No No
Closed Closed Yes Yes
Closed Closed Yes Yes
UDP/69 Open
TCP/80 Open
TCP/23 Open
UDP/1812
TCP/9023
1)
TCP/25 Open
TCP/variable Open
Open
(when configured)
Open
Closed Closed No No
Closed Closed No No
Open Closed Yes No
Closed Closed No No
Open Closed No No
Closed Closed No No
Closed Closed No No
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
13
Security recommendations
SCALANCE M812, M816
14 Operating Instructions, 08/2018, C79000-G8976-C331-06
2
2.1
Product characteristics
Interfaces
Functionality
M812-1
M816-1
DSL interface
1x RJ45
1x RJ45
Ethernet interface
1x RJ-45 10 / 100 Mbps
4 x RJ-45 10 / 100 Mbps
PLUG slot
-
✓
Scope of delivery
Note
Not included with the product
The following components do not ship with the product:
•
You will find more detailed information in "C-PLUG and KEY-PLUG (Page 28)".
Article numbers
Type
Description
Article number
Analog phone connection (Annex A)
6GK5812-1AA00-2AA2
ISDN connection (Annex B)
6GK5812-1BA00-2AA2
Analog phone connection (Annex A)
6GK5816-1AA00-2AA2
ISDN connection (Annex B)
6GK5816-1BA00-2AA2
Digital input/output 1/1 1/1
The following components ship with the product:
● One device
● A 5-pin terminal block for the power supply
● A 2-pin terminal block for the digital output
● A 2-pin terminal block for the digital input
● Documentation CD
KEY-PLUG / C-PLUG
SCALANCE M812-1 ADSL2+ router
SCALANCE M816-1 ADSL2+ router
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
15
Description of the device
Unpacking and checking
WARNING
Do not use any parts that show evidence of damage
2.1 Product characteristics
If you use damaged parts, there is no guarantee that the device will function according to
the specification.
If you use damaged parts, this can lead to the following problems:
• Injury to persons
• Loss of the approvals
• Violation of the EMC regulations
Use only undamaged parts.
1. Make sure that the package is complete.
2. Check all the parts for transport damage.
SCALANCE M812, M816
16 Operating Instructions, 08/2018, C79000-G8976-C331-06
Description of the device
2.2
Accessories
Type
Properties
Article number
configuration data
Connect and for storing configuration data.
M876-X / S615
2.2 Accessories
You will find further information on the accessories program for the M812 and M816 in the
Industry Mall
(https://eb.automation.siemens.com/goos/WelcomePage.aspx?regionUrl=/de&language=en)
.
C-PLUG Exchangeable storage medium (32 MB) for the
Exchangeable storage medium (256 MB) for the
configuration data
KEY-PLUG SINEMA
RC
Desktop pedestal SCALANCE M-800 desktop pedestal for table
Exchangeable storage medium (256 MB) to enable
the connection functionality to SINEMA Remote
mounting for SCALANCE M812 / M816 / M874-X /
6GK1900-0AB00
6GK1900-0AB10
6GK5908-0PB00
6GK5898-8MD00
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
17
Description of the device
2.3
LED display
2.3.1
SCALANCE M812-1
2.3 LED display
SCALANCE M812, M816
18 Operating Instructions, 08/2018, C79000-G8976-C331-06
Description of the device
LED
Status
Meaning
/ 200 ms off
2.3 LED display
F
OFF
ON
Flashing The bootloader waits in this state for a new firmware file that you can
Flashing
at the
interval:
2000 ms on
No fault/error.
The device is starting up or an error has occurred.
download using TFTP.
Firmware on PLUG
The device is performing a firmware update or downgrade.
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
19
Description of the device
LED
Status
Meaning
2.3 LED display
L
CR
DSL OFF
OFF
ON
OFF
Flashing DSL line training is completed, the DSL connection is established and
ON
ON
ON
Flashing DSL line training has failed or the DSL cable connection is down.
Device turned off, no power supply.
Device turned on, power supply present.
Device is not dialed in.
PPPoE passthrough is enabled.
The dial-in with the access data was successful and the device was
assigned an external IP address by the DSL provider.
The dial-in has failed.
DSL interface is off.
DSL interface is enabled and the DSL line training is running: The device
synchronizes itself with the DSLAM in the central office.
ON
P1 OFF
DI OFF
DO OFF
OFF
ON
ON
ON
ON
ON
DSL line training is completed and the DSL connection is established.
VPN not established
VPN established
Ethernet connection to local computer or LAN not established
Ethernet connection to local computer or LAN established
Device receiving / sending data
Digital input inactive
Digital input active.
Digital output inactive
Digital output active.
SCALANCE M812, M816
20 Operating Instructions, 08/2018, C79000-G8976-C331-06
Description of the device
2.3.2
SCALANCE M816-1
2.3 LED display
SCALANCE M812, M816
Operating Instructions, 08/2018, C79000-G8976-C331-06
21
Description of the device
LED
Status
Meaning
/ 200 ms off
2.3 LED display
F
L
CR
OFF
ON
Flashing The bootloader waits in this state for a new firmware file that you can
Flashing
at the
interval:
2000 ms on
OFF
ON
OFF
Flashing DSL line training is completed, the DSL connection is established and
No fault/error.
The device is starting up or an error has occurred.
download using TFTP.
Firmware on PLUG
The device is performing a firmware update or downgrade.
Device turned off, no power supply.
Device turned on, power supply present.
The device has not dialed in and / or the "Enable PPPoE Passthrough"
function is enabled.
PPPoE passthrough is enabled.
On
ON
DSL OFF
ON
Flashing DSL line training has failed or the DSL cable connection is down.
ON
SCALANCE M812, M816
OFF
ON
The dial-in with the access data was successful and the device was
assigned an external IP address by the DSL provider.
The dial-in has failed.
The DSL interface is off or the DSL line training has not yet begun.
DSL interface is enabled and the DSL line training is running: The device
synchronizes itself with the DSLAM in the central office.
DSL line training is completed and the DSL connection is established.
VPN not established
VPN established
22 Operating Instructions, 08/2018, C79000-G8976-C331-06
Loading...