Siemens NK8237 MP4.70 Installation Function & Configuration Commissioning Safety Regulations
  1. Manuals
  2. Brands
  3. Siemens Manuals
  4. Firewall
  5. NK8237 MP4.70
  6. Installation function & configuration commissioning safety regulations
Siemens NK8237 MP4.70 Installation Function & Configuration Commissioning Safety Regulations

Siemens NK8237 MP4.70 Installation Function & Configuration Commissioning Safety Regulations

Firewall application for sinteso stt20 and cerberus pro fire detection systems
Hide thumbs
Table of Contents

Quick Links

NK8237 MP4.70
Firewall Application for Sinteso
STT20 and Cerberus PRO Fire
Detection Systems
Installation
Function & Configuration
Commissioning
Safety Regulations
A6V10403182_a_en
30.09.2014
Building Technologies
Fire Safety & Security Products
Table of Contents
loading

Related Manuals for Siemens NK8237 MP4.70

Summary of Contents for Siemens NK8237 MP4.70

  • Page 1 NK8237 MP4.70 Firewall Application for Sinteso STT20 and Cerberus PRO Fire Detection Systems Installation Function & Configuration Commissioning Safety Regulations Building Technologies A6V10403182_a_en 30.09.2014 Fire Safety & Security Products...

  • Page 3: Table Of Contents

    Table of contents   About this document......................5     Safety regulations ....................8     Country-specific standards...................8     Assembly and installation..................8     Disposal and recycling ..................8     Modifications to the system design and the products ..........9     Data privacy and protection .................9  ...
  • Page 4     Configuring the routing table ................38     Configuring the relay output ................41     Downloading the NK8237...................42     6.9.1 Verifying the connection to the NK8237 unit........42     6.9.2 NK8237 configuration download ............42     6.9.3 NK8237 firmware download procedure..........43  ...

  • Page 5: About This Document

    Training program information including the Siemens intranet link  A complete list of all available DMS8000 documents  Instructions for how to obtain a document via the Siemens intranet using the  Siemens Asset Portal A map of relevant documents for each target audience group ...
  • Page 6 About this document 3. In the resulting area on the right, click on Contents link to show the list of search results. For more information such as Siemens news and announcements, visit the STEP Web portal at: https://workspace.sbt.siemens.com/content/00001123/default.aspx Note: Before beginning work on the system you must have read and understood Safety Regulations section in this manual.
  • Page 7 For more information on creating flowcharts, printed material are indicated with an arrow see Flowcharts [→92]. and the page number, enclosed in brackets: [→92] Modification index Note: For versions more than four years old, please visit the Siemens Asset Portal. Version Date Notes A6V10403182_a_en 09.2014 NK8237 MP4.70...

  • Page 8: Safety Regulations

    Country-specific standards Siemens Building Technologies products are developed and produced in compliance with the relevant international and European safety standards. This document provides warnings and recommendations specific to NK8000 products.

  • Page 9: Modifications To The System Design And The Products

    Modifications to the system design and the products Note: Modifications to a system or to individual products may cause faults or malfunctioning. Please request written approval from Siemens Building Technologies and from any relevant authorities concerning intended system modifications and system extensions. Data privacy and protection Make sure that the configuration of the system complies with local data privacy and protection regulations.

  • Page 10: Introduction

    Introduction Firewall application examples 2 Introduction The NK8000 family provides LAN/WAN adapter products for a safety and security network: The NK822x series (phased out).  The NK823x series.  The NK8237 Modbus Gateway.  NK8237 Modbus Gateway for Sinteso FS20, STT20 and Cerberus PRO FS720 fire detection systems provides a connection (TCP/IP or Serial RTU) to a 3rd party Modbus station/unit for supervision and control of fire systems.
  • Page 11 Introduction Firewall application examples Management station Engineering tool (e.g. MM8000 or 3rd party) (e.g. SintesoWork, SintesoView) External network Internal network Power COM 1 Tamper COM 2 Download COM 3 Diagnostics COM 4 Station NK8237 firewall Networking via Ethernet Management station Engineering tool (e.g.
  • Page 12 Introduction Firewall application examples Management station Engineering tool (e.g. MM8000 or 3rd party) (e.g. SintesoWork, SintesoView) External network Internal network Power COM 1 Tamper COM 2 Download COM 3 Diagnostics COM 4 NK8237 firewall Station SAFEDLINK Networking via SAFEDLINK and Ethernet Management station Engineering tool (e.g.

  • Page 13: What's New

    Introduction What's new Management station Engineering tool (e.g. MM8000 or 3rd party) (e.g. SintesoWork, SintesoView) External network Internal network NK8237 Power COM 1 Tamper COM 2 Download COM 3 Diagnostics COM 4 firewall FIBER NETWORK (LAN) Station SAFEDLINK SAFEDLINK Extended SAFEDLINK network What's new Here is the list of modifications for new functions and software improvements.

  • Page 14: Structure And Functions

    Structure and functions NK8237 hardware 3 Structure and functions NK8237 hardware The NK8237 is composed of an electronic board installed in a compact and robust plastic box. NK8237 gateway unit 3.1.1 Front panel The front panel houses 9 LED’s. Left Side LED’s The five LED’s on the left side are, from top to bottom: Power (LED green) Power (hardware –...

  • Page 15: Internal Dip Switches

    Structure and functions NK8237 hardware Blinking (1 flash) : missing or insufficient license.  Blinking (2 flashes) : trouble with the I C bus to I/O modules.  Blinking (3 flashes) : not used  Blinking (4 flashes) : trouble with the serial/network interface. ...

  • Page 16: Internal Jumpers

    Structure and functions NK8237 hardware 3.1.3 Internal jumpers X101 X102 X103 X104 X105 X111 Internal DIP switch and jumpers (NKM8001-A2 mainboard) Item Name Description S101 DIP-Switches Reset button Tamper switch X115 When closed, it disables the box tamper alarm. 3.1.4 Ethernet interfaces The NK8237 main board is equipped with two Ethernet interfaces.

  • Page 17: Usb Interface

    Structure and functions NK8237 hardware Back Ethernet connectors Item Description Ethernet 1 Ethernet 2 3.1.5 USB interface The NK8237 main board is equipped with a USB interface you can use to log data Network about network communications on a USB mass storage device (see Connectivity Guide , document no.A6V10359485).
  • Page 18 Structure and functions NK8237 hardware SD card slot location on the mainboard Item Description SD card slot Building Technologies A6V10403182_a_en Fire Safety & Security Products 30.09.2014...

  • Page 19: Hardware Installation

    Hardware installation NK8237 hardware installation 4 Hardware installation The NK8237 unit can be installed in the existing cabinets by mounting the plastic housing on a DIN rail. Environmental requirements The NK82xx units should always be installed in a protective housing, away from dust, high temperature and humidity, vibrations and impacts.
  • Page 20 Hardware installation NK8237 hardware installation Top view Back NK8237 electrical interfaces (top view) Item Name Description Ethernet 2 Ethernet 1 X101 1 output X102 3 inputs X103 Power supply X104 RS485 (in place of COM1) X105 RS485 (in place of COM2) Bottom view Serial RS232-interfaces (bottom view) Item...
  • Page 21 Hardware installation NK8237 hardware installation X103 X104 X105 Power supply RS485-1 RS485-2 NK8237 power connections X103: Power Supply Power connections. Power supply Assignment Primary Earth – Not used Not used Secondary (optional) Earth – X2/X3: Ethernet Connector A standard RJ45 connector connects Ethernet. Category 5 or 6 UTP cabling is best suited.
  • Page 22 Hardware installation NK8237 hardware installation X102: Onboard I/O (Inputs) Onboard I/O (inputs). Assignment Input 1 (Mains failure) Input 2 (Battery fault) Input 3 (Power supply fault) Common + Val – Val DIN Rail Installation The modules are supplied in a plastic box that can be easily attached to the DIN rail by hooking it on the top of the rail and pressing it in on the opposite side.

  • Page 23: Software Installation

    Software installation Installation checklist 5 Software installation The software installation includes the following: Composer and basic tools for system configuration.  Additional tools: NW8202 (for IP configuration download), NW8204 (for  maintenance and diagnostic), NK823x Web Server (for NK8237 diagnostic information and IP configuration).
  • Page 24 Software installation Launching Composer Click Local then OK to confirm that you want a local server connection. Click Browse to connect to another server.  A Browse window displays. Server browsing window Note 1: To change a server connection at a later time, select the appropriate project or root node in the Projects Management window tree and then select the Projects Management window Change server icon...

  • Page 25: Nk823X Web Server

    NOTE: To stop the browser's security warning, see Secure communication for web services [➙ 28] about the configuration of supported browsers to trust the self-signed Siemens certificate. NK823x 4. Click Login and type the default username and password (see Table Web Server login profiles for available login profiles).

  • Page 26: Nw8202 Ip Configuration Download Tool

    Software installation NW8202 IP configuration download tool NK823x Web Server login profiles Profile Default username Default Available commands password Engineer NK_eng (After login: display diagnostic information) Change password: change the Engineer password. Administrator Admin NK_admin Diagnostic NK: display diagnostic information. IP configuration: configure IP settings.

  • Page 27: Nw8202 Software Requirements

    Software installation NW8204 maintenance and diagnostic tool 5.5.2 NW8202 software requirements Windows XP Professional or higher operating system  Network Configuration including TCP/IP protocol  5.5.3 NW8202 installation To install the NW8202 tool on a service PC, do the following: 1.

  • Page 28: Secure Communication For Web Services

    Sockets Layer or SSL) to the standard HTTP protocol and uses a certificate to identify the web site. A self-signed Siemens certificate is automatically installed that can perfectly support the secure communication, but causes the connecting browsers to show one or more warnings indicating that the certificate is not issued by a trusted certificate authority.
  • Page 29 Software installation Secure communication for web services – Check the location of the certificate, click Finish and then OK to close the dialog box 2) Import the certificate file in the trusted certification list: – In Chrome, open Settings, click Show advanced settings and then Manage certificates…...

  • Page 30: Configuration

    Configuration Configuration checklist 6 Configuration Configuration checklist Verify that you have satisfied the items needed in the first checklist before proceeding to the configuration checklist that follows. The following abbreviations are used in the checklists: DMS8000 Network Connectivity Guide DMS-CG: (document no.

  • Page 31: Configuring Ip Settings Via Nw8202

    Configuration Configuring IP settings via NW8202 3. Set to ON the correct DIP switch of S101 (DIP switch 1 to use Ethernet 1, DIP switch 2 to use Ethernet 2) and press the reset button S1. 4. Connect the Service PC to the correct Ethernet port of the NK8237. Access [➙...
  • Page 32 Configuration Configuring IP settings via NW8202 1. Set the Service PC IP address to 192.168.9.x (for example 192.168.9.254, to use the Ethernet port 1 with default IP address 192.168.9.41) or to 192.168.10.x (for example 192.168.10.254, to use the Ethernet port 2 with default IP address 192.168.10.41) and the subnet mask to 255.255.255.0.

  • Page 33: Creating The Nk8237 Firewall Project

    Configuration Creating the NK8237 firewall project crossed or straight-through Cat. 5 twisted pair patch cable. In fact, NK8237 supports automatic crossover.  While the download is being performed, the FTP Diagnostic window is displayed with the current status of the download. ...
  • Page 34 Configuration Creating the NK8237 firewall project Starting a new project by restoring the NK8237 Firewall default project backup Opening the project To open the NK8237 firewall project, select it in the Projects Management  window and click Open. By default, the project main node is named “Project Node”. You can customise this name by clicking the node, selecting the Node tab on the right pane and typing the new name in the Description field.

  • Page 35: Configuring The Ethernet Connections

    Configuration Configuring the Ethernet connections Configuring the Ethernet connections 1. In the Firewall folder, expand the subtree of the NK8237 node. 2. Select the Ethernet #1 node (ETH1 external network), to be used for the external network and the configuration download from NS8011 BACnet driver. 3.
  • Page 36 Configuration Configuring the firewall accepted; if source and destination IP addresses are added, only such added IP addresses are allowed to communicate. You can add/delete source and destination IP addresses by using the Add and Delete buttons. (optional) Select the Enable FW Logging check box to enable the logging of firewall traffic.
  • Page 37 Configuration Configuring the firewall Default firewall configuration Default firewall advanced port settings Building Technologies A6V10403182_a_en Fire Safety & Security Products 30.09.2014...

  • Page 38: Configuring The Routing Table

    Configuration Configuring the routing table Firewall source and destination addresses settings Predefined TCP/UDP ports TCP Port 51000 to 51064: SintesoWorks tool communications  TCP Port number 3001 (NK8000, 3001…3004 in multiple host configurations)  TCP Port 20500: NK8000 secure download ...
  • Page 39 Configuration Configuring the routing table each route: the higher the number (cost), the lower the corresponding priority. 4. Add as many routes as required by your network configuration. Routing table configuration Checking the routing table  The configuration has been downloaded to the NK8237 unit. 1.
  • Page 40 Configuration Configuring the routing table Routing table upload and check Using dynamic routing Dynamic routing makes use of the Open Shortest Path First (OSPF) protocol. OSPF automatically manages the shortest routing paths available in complex networks. To enable dynamic routing, proceed as follows: 1.

  • Page 41: Configuring The Relay Output

    Configuration Configuring the relay output Enabling dynamic routing Configuring the relay output Configuring the relay output The relay output can be activate by cable disconnection on Ethernet ports and by other NK8237 failures, such as low memory, logging failures and software errors. To enable the relay output for diagnostic purpose, proceed as follows: 1.

  • Page 42: Downloading The Nk8237

    Configuration Downloading the NK8237 Downloading the NK8237 Configuration download The configuration download allows the Composer tool to transfer all the settings into the NK8237 for runtime use. Once the NK8237 unit is connected over the IP network, this operation can be quickly performed from Composer using a right click command of the NK8237 node.

  • Page 43: Nk8237 Firmware Download Procedure

    Configuration Downloading the NK8237 2. Select Node Commands > Download Configuration File.  The download procedure starts. Note: In the same menu, you can also create a backup copy of the NK8237 configuration INI file (Create INI file), which might be helpful for troubleshooting. After the download, the NK8237 unit stops and then reboots.
  • Page 44 Configuration Downloading the NK8237 Controlling and checking the unit status The Tools tab of the NK823x unit provides some control commands and a screen status report of the unit. It allows for: Commanding a remote reset of the unit (that will disconnect the unit for about ...

  • Page 45: Maintenance And Diagnostics

    Maintenance and diagnostics Kernel update 7 Maintenance and diagnostics Kernel update The NK8237 Kernel is the main component of the operating system, which acts as a bridge between the application and the hardware level. In certain conditions, it may be necessary to update the Kernel, following specific instructions of the technical support.

  • Page 46: Snmp Monitoring

    Maintenance and diagnostics SNMP monitoring SNMP monitoring The NK8237 units can support the SNMP protocol (Simple Network Management Protocol) to enable remote stations to monitor the units for conditions that may require administrative attention. Using the SNMPv1 (RFC 1155-1157) on the UDP port 161, the NK8237 provides two sets of internal information variables using the community IDs listed here below that enable the access to the MIB (Management Information Base) namespace.
  • Page 47 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool (recommended – read-only privileges). - Administrative user: call customer support for username and password (read/write privileges). Case sensitive – enter letters in lower case only. NW8204 window (installed GUI) 2. Insert the NK IP Address. Note: Inserting an incorrect IP address causes the following window to appear.
  • Page 48 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool NW8204 window with open connection (installed GUI) Item Name Description Change User Select to display user login window (see step 1). About Displays the version of the NW8204 tool. Local File Browse for a local copy of DIAGNO.LOG or EEPROM.LOG to analyse/troubleshoot a remote NK82xx (admin user only).

  • Page 49: File Commands

    Maintenance and diagnostics The NW8204 maintenance and diagnostic tool 7.3.2 File commands These commands are meant for remote technical maintenance and diagnostic of the NK8237 units. The commands apply to the file selection active in the list on the left hand side of the screen. Download file Transfer the selected file from the NK8237 .
  • Page 50 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool Setting date and time NK Vitality Opens a window, which shows the current status of the NK8237 point image. NW8204 Vitality window The window can be updated manually by pressing the Refresh button. You can use it to check if status changes are sent correctly from NK8237 (for example from the tamper switch).
  • Page 51 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool Port number request Click OK to check the port number. At that point, the associated field shows the type of information found (e.g. Last IP connected) and you can to use the field arrow controls to show the actual IP address.

  • Page 52: Uploading Diagnostic Files

    Maintenance and diagnostics The NW8204 maintenance and diagnostic tool Reads the NK8237 routing status: Enabled, Disabled. 7.3.4 Uploading diagnostic files Diagnostic file purposes The purpose of these files is to record messages of what has taken place with the NK8237 to make it easier to determine if something is wrong, or if something important has taken place.
  • Page 53 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool EV_EEPROM_RESET Reset command EV_EEPROM_EMERGENCY Restart in emergency mode EV_EEPROM_FTP_SESSION FTP session opened EV_EEPROM_CONFIG_CHANGE Configuration file changed EV_EEPROM_SW_CHANGE Software version changed EV_EEPROM_CPU_CHANGE CPU changed EV_EEPROM_ETH_PNP_UPDAT Ethernet EEProm update EV_EEPROM_ETH_PNP_ERROR Ethernet EEProm update failed EV_EEPROM_DLL_LOAD_FAILED DLL load failure EV_EEPROM_DLL_EXCLUDED DLL excluded from round-robin schedule...

  • Page 54: Using Log Files

    Maintenance and diagnostics The NW8204 maintenance and diagnostic tool 3. Choose where you want to save the file(s) and select Save. 4. Select Close Connection. If you do not close the connection, you will automatically be timed out in five minutes.
  • Page 55 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool Configuring the log upload Uploading log data Note: If the data upload procedure seems to require a too long time to be accomplished, you can abort the procedure by clicking the Abort Log Upload button.
  • Page 56 Maintenance and diagnostics The NW8204 maintenance and diagnostic tool Setting the log storage WARNING Removing the USB key while the logging is enabled (without using the Safely Remove command) may cause the unit to restart or block (a manual restart is then needed).

  • Page 57: Menu "Send Default Configuration File

    Maintenance and diagnostics The NW8204 maintenance and diagnostic tool Configuring logging function on the fly Note: Resetting the unit restores the original logging configuration saved in Composer. 7.3.6 Menu "Send Default Configuration File" Sends a default configuration file containing only the new IP-configuration to the NK8237.

  • Page 58: The Nk823X Web Server

    Maintenance and diagnostics The NK823x Web Server Note: Two download options are available in the Download Mode section: FTP (default) or Secure Download (encrypted data transmission that makes use of TCP port 20500). The NK823x Web Server The NK823x Web Server provides diagnostic information about the NK8237 (to access the NK823x Web Server, see NK823x Web Server [➙...
  • Page 59 Maintenance and diagnostics Correcting communication failures Note: If you need to modify the IP address because of a network change, you might want to reset the device back to factory configuration by setting DIP-switch 1 or 2 to ON (see Internal DIP switches [➙ 15]) and then connect on the known address to change the IP address.

  • Page 60: Secure Operation Requirements

    Compliance with local regulations must be addressed. This can concern paper listings as well as tapes and memory support. For further information on general security issues regarding Siemens products, please refer to the internal documentation and procedures on this subject.
  • Page 62 Issued by © 2014 Copyright Siemens Switzerland Ltd Siemens Switzerland Ltd Technical specifications and availability subject to change without notice. Infrastructure & Cities Sector Building Technologies Division International Headquarters Gubelstrasse 22 CH-6301 Zug Tel. +41 41-724 24 24 www.siemens.com/buildingtechnologies Document ID...

Table of Contents