___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
___________________
SIMATIC NET
Industrial Wireless LAN
SCALANCE W770/W730 to IEEE
802.11n Web Based Management
Configuration Manual
08/2018
C79000
-G8976-C323-09
Introduction
1
Description
2
Security recommendations
3
Technical basics
4
IP addresses
5
Configuring with Web Based
Management
6
Upkeep and maintenance
7
Troubleshooting/FAQ
8
Appendix A
A
Appendix B
B
Appendix C
C
Appendix D
D
Siemens AG
Division Process Industries and Drives
Postfach 48 48
90026 NÜRNBERG
GERMANY
C79000-G8976-C323-09
Ⓟ
07/2018 Subject to change
Copyright © Siemens AG 2013 - 2018.
All rights reserved
Legal information
Warning notice system
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent
damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert
symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are
graded according to the degree of danger.
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
indicates that minor personal injury can result if proper precautions are not taken.
NOTICE
indicates that property damage can result if proper precautions are not taken.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will
be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to
property damage.
Qualified Personnel
The product/system described in this documentation may be operated only by
personnel qualified
for the specific
task in accordance with the relevant documentation, in particular its warning notices and safety instructions.
Qualified personnel are those who, based on their training and experience, are capable of identifying risks and
avoiding potential hazards when working with these products/systems.
Proper use of Siemens products
Note the following:
WARNING
Siemens products may only be used for the applications described in the catalog and in the relevant technical
documentation. If products and components from other manufacturers are used, these must be recommended
or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and
maintenance are required to ensure that the products operate safely and without any problems. The permissible
ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks
All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication
may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability
We have reviewed the contents of this publication to ensure consistency with the hardware and software
described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the
information in this publication is reviewed regularly and any necessary corrections are included in subsequent
editions.
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 3
Table of contents
1 Introduction ............................................................................................................................................. 9
1.1 Information on the Configuration Manual.................................................................................. 9
1.2 Type designations ................................................................................................................... 14
2 Description ............................................................................................................................................ 15
2.1 Network structures .................................................................................................................. 16
2.2 Possible applications of SCALANCE W700 devices .............................................................. 21
2.3 Product characteristics............................................................................................................ 22
2.4 IEEE 802.11n .......................................................................................................................... 24
2.5 Requirements for installation and operation of SCALANCE W devices ................................. 28
2.6 C-PLUG and KEY-PLUG ........................................................................................................ 29
2.7 Power over Ethernet (PoE) ..................................................................................................... 31
3 Security recommendations .................................................................................................................... 35
4 Technical basics ................................................................................................................................... 41
4.1 Configuration limits for WBM and CLI ..................................................................................... 41
4.2 Interfaces and system functions ............................................................................................. 43
4.3 EtherNet/IP ............................................................................................................................. 47
4.4 PROFINET .............................................................................................................................. 48
4.5 VLAN ....................................................................................................................................... 49
4.6 MAC-based communication .................................................................................................... 50
4.7 iPCF / iPCF-HT / iPCF-MC ..................................................................................................... 51
4.8 iREF ........................................................................................................................................ 55
4.9 iPRP ........................................................................................................................................ 57
4.10 AeroScout ............................................................................................................................... 60
4.11 NAT/NAPT .............................................................................................................................. 62
4.12 SNMP ...................................................................................................................................... 63
4.13 Spanning Tree ........................................................................................................................ 66
4.13.1 RSTP, MSTP, CIST ................................................................................................................ 67
4.14 User management .................................................................................................................. 69
5 IP addresses ......................................................................................................................................... 71
5.1 IPv4 / IPv6 ............................................................................................................................... 71
5.2 IPv4 address ........................................................................................................................... 73
5.2.1 Structure of an IPv4 address .................................................................................................. 73
Table of contents
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
4 Configuration Manual, 08/2018, C79000-G8976-C323-09
5.2.2 Initial assignment of an IPv4 address .................................................................................... 74
5.2.3 Address assignment via DHCPv4 .......................................................................................... 75
5.2.4 Address assignment with the Primary Setup Tool ................................................................. 76
5.2.5 Address assignment with STEP 7.......................................................................................... 76
5.3 IPv6 address .......................................................................................................................... 77
5.3.1 IPv6 terms .............................................................................................................................. 77
5.3.2 Structure of an IPv6 address ................................................................................................. 79
6 Configuring with Web Based Management ............................................................................................ 81
6.1 Web Based Management ...................................................................................................... 81
6.2 Login ...................................................................................................................................... 83
6.3 "Wizard" menu ....................................................................................................................... 87
6.3.1 Basic Wizard .......................................................................................................................... 87
6.3.1.1 System Settings ..................................................................................................................... 88
6.3.1.2 Country Settings..................................................................................................................... 90
6.3.1.3 IP Address Settings ............................................................................................................... 91
6.3.1.4 Management Interfaces ......................................................................................................... 92
6.3.1.5 Antenna Settings .................................................................................................................... 94
6.3.1.6 Radio Settings ........................................................................................................................ 96
6.3.1.7 Access Point Settings ............................................................................................................ 98
6.3.1.8 Client Settings ........................................................................................................................ 99
6.3.1.9 Client Setting Allowed Channels .......................................................................................... 101
6.3.1.10 Security Settings .................................................................................................................. 103
6.3.1.11 Dot1x Supplicant Settings .................................................................................................... 105
6.3.1.12 Dot1x RADIUS Server Settings ........................................................................................... 106
6.3.1.13 Summary of the settings ...................................................................................................... 108
6.4 "Information" menu............................................................................................................... 109
6.4.1 Start page ............................................................................................................................. 109
6.4.2 Versions ............................................................................................................................... 115
6.4.3 I&M ....................................................................................................................................... 117
6.4.4 ARP / neighbors ................................................................................................................... 118
6.4.4.1 ARP table ............................................................................................................................. 118
6.4.4.2 IPv6 Neighbor Table ............................................................................................................ 119
6.4.5 Log Tables ........................................................................................................................... 120
6.4.5.1 Event log .............................................................................................................................. 120
6.4.5.2 WLAN authentication log ..................................................................................................... 122
6.4.6 Faults ................................................................................................................................... 123
6.4.7 Redundancy ......................................................................................................................... 124
6.4.8 Ethernet Statistiken .............................................................................................................. 129
6.4.8.1 Interface statistics ................................................................................................................ 129
6.4.8.2 Packet Size .......................................................................................................................... 130
6.4.8.3 Frame Type .......................................................................................................................... 131
6.4.8.4 Packet Error ......................................................................................................................... 131
6.4.9 Learning Table ..................................................................................................................... 132
6.4.10 IPv6 routing .......................................................................................................................... 133
6.4.11 DHCP-Server ....................................................................................................................... 134
6.4.12 SNMP ................................................................................................................................... 135
6.4.13 Security ................................................................................................................................ 136
6.4.13.1 Overview .............................................................................................................................. 136
6.4.13.2 Supported Function Rights .................................................................................................. 139
Table of contents
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 5
6.4.13.3 Roles ..................................................................................................................................... 140
6.4.13.4 Groups .................................................................................................................................. 141
6.4.13.5 Inter AP Blocking .................................................................................................................. 142
6.4.14 WLAN .................................................................................................................................... 143
6.4.14.1 Overview AP ......................................................................................................................... 143
6.4.14.2 Client List .............................................................................................................................. 145
6.4.14.3 WDS List ............................................................................................................................... 147
6.4.14.4 Overlap AP ............................................................................................................................ 148
6.4.14.5 Force Roaming ..................................................................................................................... 150
6.4.14.6 Overview Client ..................................................................................................................... 151
6.4.14.7 Available AP .......................................................................................................................... 154
6.4.14.8 IP mapping table ................................................................................................................... 156
6.4.14.9 Background noise ................................................................................................................. 157
6.4.15 WLAN Statistics .................................................................................................................... 158
6.4.15.1 Errors .................................................................................................................................... 158
6.4.15.2 Management Sent ................................................................................................................. 160
6.4.15.3 Management Received ......................................................................................................... 161
6.4.15.4 Data Sent .............................................................................................................................. 162
6.4.15.5 Data Received ...................................................................................................................... 164
6.4.16 WLAN iFeatures .................................................................................................................... 165
6.4.16.1 iREF Client List ..................................................................................................................... 165
6.4.16.2 iREF WDS List ...................................................................................................................... 167
6.4.16.3 AeroScout ............................................................................................................................. 168
6.4.16.4 iPRP ...................................................................................................................................... 170
6.5 "System" menu ..................................................................................................................... 172
6.5.1 System Configuration............................................................................................................ 172
6.5.2 General ................................................................................................................................. 175
6.5.2.1 Device ................................................................................................................................... 175
6.5.2.2 Coordinates ........................................................................................................................... 176
6.5.3 Agent IPv4 ............................................................................................................................ 178
6.5.4 Agent IPv6 ............................................................................................................................ 179
6.5.4.1 IPv6 default routes ................................................................................................................ 182
6.5.5 DNS....................................................................................................................................... 183
6.5.6 Restart .................................................................................................................................. 185
6.5.7 Commit Control ..................................................................................................................... 188
6.5.8 Load & Save ......................................................................................................................... 189
6.5.8.1 HTTP ..................................................................................................................................... 193
6.5.8.2 TFTP ..................................................................................................................................... 196
6.5.8.3 SFTP ..................................................................................................................................... 199
6.5.8.4 Passwords ............................................................................................................................ 202
6.5.9 Events ................................................................................................................................... 204
6.5.9.1 Configuration ......................................................................................................................... 204
6.5.9.2 Severity Filters ...................................................................................................................... 206
6.5.10 SMTP client ........................................................................................................................... 208
6.5.11 DHCPv4 ................................................................................................................................ 210
6.5.11.1 DHCP client .......................................................................................................................... 210
6.5.11.2 DHCP Server ........................................................................................................................ 211
6.5.11.3 DHCP Options ...................................................................................................................... 214
6.5.11.4 Static Leases ........................................................................................................................ 216
6.5.12 SNMP .................................................................................................................................... 218
6.5.12.1 General ................................................................................................................................. 218
6.5.12.2 Traps ..................................................................................................................................... 221
Table of contents
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
6 Configuration Manual, 08/2018, C79000-G8976-C323-09
6.5.12.3 v3 Groups ............................................................................................................................. 222
6.5.12.4 v3 Users ............................................................................................................................... 225
6.5.13 System Time ........................................................................................................................ 227
6.5.13.1 Manual Setting ..................................................................................................................... 228
6.5.13.2 DST Overview ...................................................................................................................... 230
6.5.13.3 DST Configuration ............................................................................................................... 232
6.5.13.4 SNTP Client ......................................................................................................................... 235
6.5.13.5 NTP Client ............................................................................................................................ 238
6.5.13.6 SIMATIC Time Client ........................................................................................................... 240
6.5.14 Auto Logout .......................................................................................................................... 242
6.5.15 Syslog Client ........................................................................................................................ 243
6.5.16 Fault Monitoring ................................................................................................................... 244
6.5.16.1 Power Supply ....................................................................................................................... 244
6.5.16.2 Link Change ......................................................................................................................... 246
6.5.17 PROFINET ........................................................................................................................... 247
6.5.18 EtherNet/IP ........................................................................................................................... 249
6.5.19 PLUG ................................................................................................................................... 251
6.5.19.1 Configuration ........................................................................................................................ 251
6.5.19.2 License ................................................................................................................................. 254
6.5.20 Ping ...................................................................................................................................... 257
6.6 "Interfaces" menu ................................................................................................................. 259
6.6.1 Ethernet ................................................................................................................................ 259
6.6.1.1 Overview .............................................................................................................................. 259
6.6.1.2 Configuration ........................................................................................................................ 261
6.6.2 WLAN ................................................................................................................................... 263
6.6.2.1 Basic .................................................................................................................................... 263
6.6.2.2 Advanced ............................................................................................................................. 268
6.6.2.3 Antennas .............................................................................................................................. 271
6.6.2.4 Allowed Channels ................................................................................................................ 274
6.6.2.5 802.11n ................................................................................................................................ 276
6.6.2.6 AP ........................................................................................................................................ 277
6.6.2.7 AP WDS ............................................................................................................................... 281
6.6.2.8 AP 802.11a/b/g Rates .......................................................................................................... 283
6.6.2.9 AP 802.11n Rates ................................................................................................................ 285
6.6.2.10 Client .................................................................................................................................... 288
6.6.2.11 Force Roaming..................................................................................................................... 292
6.6.2.12 Signal recorder ..................................................................................................................... 295
6.6.2.13 Spectrum Analyzer ............................................................................................................... 306
6.6.3 Remote Capture ................................................................................................................... 313
6.7 "Layer 2" menu ..................................................................................................................... 317
6.7.1 VLAN .................................................................................................................................... 317
6.7.1.1 General ................................................................................................................................ 317
6.7.1.2 Port-based VLAN ................................................................................................................. 320
6.7.2 Dynamic MAC Aging ............................................................................................................ 323
6.7.3 Spanning Tree...................................................................................................................... 324
6.7.3.1 General ................................................................................................................................ 324
6.7.3.2 CIST General ....................................................................................................................... 326
6.7.3.3 CIST Port ............................................................................................................................. 328
6.7.3.4 MST General ........................................................................................................................ 332
6.7.3.5 MST Port .............................................................................................................................. 334
6.7.4 DCP Forwarding................................................................................................................... 336
Table of contents
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 7
6.7.5 LLDP ..................................................................................................................................... 337
6.8 "Layer 3" menu ..................................................................................................................... 339
6.8.1 NAT ....................................................................................................................................... 339
6.8.1.1 Basic ..................................................................................................................................... 339
6.8.1.2 NAPT..................................................................................................................................... 342
6.9 "Security" menu .................................................................................................................... 345
6.9.1 Users ..................................................................................................................................... 345
6.9.1.1 Local Users ........................................................................................................................... 345
6.9.1.2 Roles ..................................................................................................................................... 348
6.9.1.3 Groups .................................................................................................................................. 350
6.9.2 Passwords ............................................................................................................................ 352
6.9.2.1 Passwords ............................................................................................................................ 352
6.9.2.2 Options .................................................................................................................................. 354
6.9.3 AAA ....................................................................................................................................... 355
6.9.3.1 General ................................................................................................................................. 355
6.9.3.2 RADIUS client ....................................................................................................................... 356
6.9.4 WLAN .................................................................................................................................... 360
6.9.4.1 Basic (Access Point) ............................................................................................................. 360
6.9.4.2 Basic (Client) ......................................................................................................................... 364
6.9.4.3 AP Communication ............................................................................................................... 367
6.9.4.4 AP RADIUS Authenticator .................................................................................................... 369
6.9.4.5 Client Radius Supplicant ....................................................................................................... 371
6.9.4.6 Keys ...................................................................................................................................... 373
6.9.5 MAC ACL .............................................................................................................................. 374
6.9.5.1 Rules Configuration .............................................................................................................. 374
6.9.5.2 Ingress Rules ........................................................................................................................ 376
6.9.5.3 Egress Rules ......................................................................................................................... 378
6.9.6 IP ACL ................................................................................................................................... 380
6.9.6.1 Rules Configuration .............................................................................................................. 380
6.9.6.2 Protocol Configuration .......................................................................................................... 381
6.9.6.3 Ingress Rules ........................................................................................................................ 383
6.9.6.4 Egress Rules ......................................................................................................................... 386
6.9.7 Management ACL ................................................................................................................. 389
6.9.8 Inter AP blocking
................................................................................................................... 392
6.9.8.1 Basic ..................................................................................................................................... 392
6.9.8.2 Allowed Addresses ............................................................................................................... 394
6.10 "iFeatures" menu .................................................................................................................. 396
6.10.1 iPCF ...................................................................................................................................... 396
6.10.2 iPCF-HT ................................................................................................................................ 400
6.10.3 iPCF-MC ............................................................................................................................... 404
6.10.4 iPRP ...................................................................................................................................... 407
6.10.5 iREF ...................................................................................................................................... 411
6.10.6 AeroScout ............................................................................................................................. 412
7 Upkeep and maintenance ................................................................................................................... 415
7.1 Firmware update - via WBM ................................................................................................. 415
7.2 Device configuration with PRESET-PLUG ........................................................................... 417
7.3 Embedding firmware in ConfigPack. ..................................................................................... 420
7.4 Restoring the factory settings ............................................................................................... 422
Table of contents
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
8 Configuration Manual, 08/2018, C79000-G8976-C323-09
8 Troubleshooting/FAQ ........................................................................................................................... 425
8.1 Firmware update via WBM or CLI not possible ................................................................... 425
8.2 Disrupted data transmission due to the received power being too high .............................. 427
8.3 Compatibility with predecessor products ............................................................................. 428
8.4 Instructions for secure network design ................................................................................ 429
8.5 WLAN client Trigger handover via SNMP ............................................................................ 430
8.6 Configuring the device using the TIA Portal ........................................................................ 431
8.6.1 Message: SINEMA configuration not yet accepted ............................................................. 432
A Appendix A .......................................................................................................................................... 435
A.1 MIB files supported by SCALANCE W700 device ............................................................... 435
B Appendix B .......................................................................................................................................... 437
B.1 Private MIB variables of the SCALANCE W700 .................................................................. 437
C Appendix C .......................................................................................................................................... 439
C.1 Underlying standards ........................................................................................................... 439
D Appendix D .......................................................................................................................................... 441
D.1 Messages in the event log ................................................................................................... 441
D.2 Messages in the WLAN Authentication Log ........................................................................ 446
Index ................................................................................................................................................... 447
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 9
Introduction
1
1.1
Information on the Configuration Manual
Validity of the configuration manual
This Configuration Manual covers the following products:
● SCALANCE W774-1 RJ45
● SCALANCE W774-1 M12 EEC
● SCALANCE W734-1 RJ-45
● SCALANCE W778-1 M12
● SCALANCE W778-1 M12 EEC
● SCALANCE W738-1 M12
This Configuration Manual applies to the following software version:
● SCALANCE W700 firmware as of version V 6.3
Purpose of the Configuration Manual
This Configuration Manual is intended to provide you with the information you require to
commission and operate SCALANCE W700 devices correctly. It explains how to configure
the SCALANCE W700 devices and how to integrate them in a WLAN network.
The operating instructions for the corresponding SCALANCE W700 devices describe how to
install and connect up the devices correctly.
Introduction
1.1 Information on the Configuration Manual
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
10 Configuration Manual, 08/2018, C79000-G8976-C323-09
Orientation in the documentation
Apart from the Configuration Manual you are currently reading, the following documentation
is also available from SIMATIC NET on the topic of Industrial Wireless LANs:
● Configuration Manual: SCALANCE W770 / W730 Command Line Interface
This document contains the CLI commands that are supported by SCALANCE W700
devices.
● Performance data 802.11 abgn SCALANCE W770/W730
This document contains information about the frequency, modulation, transmit power and
receiver sensitivity.
● Operating instructions SCALANCE W774-1 /W734-1
This document contains information on installing and connecting up the following
products and their approvals.
– SCALANCE W734-1 RJ-45
– SCALANCE W774-1 RJ45
– SCALANCE W774-1 M12 EEC
● Operating Instructions SCALANCE W778-1/W738-1
– SCALANCE W778-1 M12
– SCALANCE W778-1 M12 EEC
– SCALANCE W738-1 M12
● System Manual Structure of an Industrial Wireless LAN
Apart from the description of the physical basics and a presentation of the main IEEE
standards, this also contains information on data security and a description of the
industrial applications of wireless LAN.
You should read this manual if you want to set up WLAN networks with a more complex
structure (not simply a connection between two devices).
● System manual RCoax
This system manual contains both an explanation of the fundamental technical aspects
as well as a description of the individual RCoax components and their functionality.
Installation/commissioning and connection of RCoax components and their operating
principle are explained. The possible applications of the various SIMATIC NET
components are described.
● System manual - Passive Network Components IWLAN
This system manual explains the entire IWLAN cabling that you require for your IWLAN
application. For a flexible combination and installation of the individual IWLAN
components both indoors and outdoors, a wide ranging selection of compatible coaxial
accessories are available. The system manual also covers connecting cables as well as a
variety of plug-in connectors, lightning protectors, a power splitter and an attenuator.
Introduction
1.1 Information on the Configuration Manual
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 11
Terms used
The designation . . .
stands for . . .
IPv4 address
IPv4 address
IPv6 address IPv6 address
IP address
IPv4/IPv6 address
IPv4 interface
Interface that supports IPv4.
IPv6 interface Interface that supports IPv6. The interface can have more than one
IPv6 address The IPv6 addresses have different ranges (scope), e.g.
link local
IP interface Interface that supports both IPv4 and IPv6. As default the IPv4 support
is already activated. The IPv6 support needs to be activated extra.
SIMATIC NET manuals
You will find SIMATIC NET manuals on the Internet pages of Siemens Industry Online
Support:
● Using the search function:
Siemens Industry Online Support (https://support.industry.siemens.com/cs/ww/en/)
Enter the entry ID of the relevant manual as the search item.
● In the navigation panel on the left-hand side in the area "Industrial Communication":
Industrial communication (https://support.industry.siemens.com/cs/ww/en/ps/15247/man)
Go to the required product group and make the following settings:
tab "Entry list", Entry type "Manuals"
Further documentation
The "SIMATIC NET Industrial Ethernet Network Manual" contains information on other
SIMATIC NET products that you can operate along with the devices of this product line in an
Industrial Ethernet network. There, you will find among other things optical performance data
of the communications partners that you require for the installation.
The "SIMATIC NET Industrial Ethernet Network Manual" can be found on the Internet pages
of Siemens Industry Online Support under the following entry ID:
27069465 (https://support.industry.siemens.com/cs/ww/en/view/27069465)
Security information
Siemens provides products and solutions with industrial security functions that support the
secure operation of plants, systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is
necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial
security concept. Siemens’ products and solutions constitute one element of such a concept.
Customers are responsible for preventing unauthorized access to their plants, systems,
machines and networks. Such systems, machines and components should only be
connected to an enterprise network or the internet if and to the extent such a connection is
Introduction
1.1 Information on the Configuration Manual
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
12 Configuration Manual, 08/2018, C79000-G8976-C323-09
necessary and only when appropriate security measures (e.g. firewalls and/or network
segmentation) are in place.
Additionally, Siemens’ guidance on appropriate security measures should be taken into
account. For additional information on industrial security measures that may be
implemented, please visit
Link (https://www.siemens.com/industrialsecurity)
Siemens’ products and solutions undergo continuous development to make them more
secure. Siemens strongly recommends that product updates are applied as soon as they are
available and that the latest product versions are used. Use of product versions that are no
longer supported, and failure to apply the latest updates may increase customers’ exposure
to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS
Feed under
Link (https://www.siemens.com/industrialsecurity)
SIMATIC NET glossary
Explanations of many of the specialist terms used in this documentation can be found in the
SIMATIC NET glossary.
You will find the SIMATIC NET glossary here:
● SIMATIC NET Manual Collection or product DVD
The DVD ships with certain SIMATIC NET products.
● On the Internet under the following address:
50305045 (https://support.industry.siemens.com/cs/ww/en/view/50305045)
License conditions
Note
Open source software
Read the license conditions for open source software carefully before using the product.
You will find license conditions in the following documents on the supplied data medium:
● OSS_Scalance-W700_86.pdf
Introduction
1.1 Information on the Configuration Manual
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 13
Trademarks
The following and possibly other names not identified by the registered trademark sign ® are
registered trademarks of Siemens AG:
SIMATIC NET, SCALANCE, C-PLUG, RCoax
Firmware
The firmware is signed and encrypted. This ensures that only firmware created by Siemens
can be downloaded to the device.
Introduction
1.2 Type designations
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
14 Configuration Manual, 08/2018, C79000-G8976-C323-09
1.2
Type designations
Abbreviations used
The information in the manuals for the SCALANCE W700 product family often applies to
more than one product variant. In such situations, the designations of the products are
shortened to avoid having to list all the type designations. The following table shows how the
abbreviations relate to the product variants.
Product group
The designation . . . stands
for . . .
Product name
Access point W774
W778
SCALANCE W774-1 RJ-45
SCALANCE W774-1 M12 EEC
SCALANCE W778-1 M12
SCALANCE W778-1 M12 EEC
Client W734
W738
SCALANCE W734-1 RJ-45
SCALANCE W738-1 M12
All SCALANCE W devices W700 SCALANCE W774-1 RJ-45
SCALANCE W774-1 M12 EEC
SCALANCE W734-1 RJ-45
SCALANCE W778-1 M12
SCALANCE W778-1 M12 EEC
SCALANCE W738-1 M12
The type designation of a SCALANCE W700 is made up of several parts that have the
following meaning:
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 15
Description
2
Note
Interruption of the WLAN communication
The WLAN communication can be influenced by high frequency interference signals and can
be totally interrupted.
Remember this and take suitable action.
Description
2.1 Network structures
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
16 Configuration Manual, 08/2018, C79000-G8976-C323-09
2.1
Network structures
The following article deals with the setting up of various network structures using access
points and clients. A client is also an access point in client mode.
Standalone configuration with access point
This configuration does not require a server and the access point does not have a
connection to a wired Ethernet. Within its transmission range, the access point forwards data
from one WLAN node to another.
The wireless network has a unique name. All the SCALANCE W700 devices exchanging
data within this network must be configured with this name.
The gray area in the graphic symbolizes the wireless range of the access point.
Description
2.1 Network structures
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 17
Wireless access to a wired Ethernet network
If one (or more) access points have access to wired Ethernet, the following applications are
possible:
● A single device as gateway:
A wireless network can be connected to a wired network via an access point.
● Span of wireless coverage for the wireless network with several access points:
The access points are all configured with the same unique SSID (network name). All
nodes that want to communicate over this network must also be configured with this
SSID.
If a mobile station moves from the area covered by one access point to the area covered
by another access point, the wireless link is maintained (roaming).
The following graphic shows the wireless connection of a mobile station over two wireless
cells (roaming).
Description
2.1 Network structures
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
18 Configuration Manual, 08/2018, C79000-G8976-C323-09
Multichannel configuration
If neighboring access points use the same frequency channel, this can lead to longer
response times due to any collisions that may occur. If the configuration shown in the figure
is implemented as a single-channel system, computers A and B cannot communicate at the
same time with the access points in their wireless cells.
If neighboring access points are set up for different frequencies, this leads to a considerable
improvement in performance. As a result, neighboring wireless cells each have their own
medium available and the delays resulting from time-offset transmission no longer occur.
The channel spacing should be as large as possible; a practical value is 25 MHz. Even in a
multichannel configuration, all access points can be configured with the same network name.
The following graphic shows a multichannel configuration on channels 1 and 2 with four
access points.
Description
2.1 Network structures
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 19
Wireless Distribution System (WDS)
WDS allows direct links between access points and or between access points and other
WDS-compliant devices. These are used to create a wireless backbone or to connect an
individual access point to a network that cannot be connected directly to the cable
infrastructure due to its location.
Two alternative configurations are possible. The WDS partner can be configured using the
WDS ID or using its MAC address.
The following graphic shows the implementation of WDS with four access points.
Description
2.1 Network structures
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
20 Configuration Manual, 08/2018, C79000-G8976-C323-09
Network access with a client or an access point in client mode
The SCALANCE W700 device can be used to integrate wired Ethernet devices (for example
SIMATIC S7 PLC) in a wireless network.
The following graphic shows the connection of a SIMATIC S7 PLC to a wireless LAN.
Description
2.2 Possible applications of SCALANCE W700 devices
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 21
2.2
Possible applications of SCALANCE W700 devices
Note
The SIMATIC NET WLAN products use OpenSSL.
This is open
source code with license conditions (BSD).
Please refer to the current license conditions.
Since the driver includes encryption software, you should also adhere to the appropriate
regulations for your specific country.
Possible applications of the SCALANCE W774/W778
The SCALANCE W774/W778 is equipped with two Ethernet interfaces and a WLAN
interface. This makes the device suitable for the following applications:
● The SCALANCE W774/W778 forwards data within its transmission range from one node
to another without a connection to wired Ethernet being necessary.
● The SCALANCE W774/W778 can be used as a gateway from a wired to a wireless
network.
● The SCALANCE W774/W778 can be used as a wireless bridge between two networks.
● The SCALANCE W774/W778 can be used as a bridge between two different frequencies.
● The SCALANCE W774 supports protection class IP30
Two versions of the access point exist: M12 and RJ-45
● The SCALANCE W778 supports protection class IP65. The access point is available in
version M12.
Possible applications of the SCALANCE W734/W738
The SCALANCE W734/W738 is equipped with two Ethernet interfaces and a WLAN
interface. This makes the device suitable for the following applications:
● The SCALANCE W734/W738 forwards data within its transmission range from one node
to another without a connection to wired Ethernet being necessary.
● The SCALANCE W734/W738 can be used as a gateway from a wired to a wireless
network.
● The SCALANCE W734/W738 can be used as a wireless bridge between two networks.
● The SCALANCE W734 supports protection class IP30 and the SCALANCE W734/W738
supports protection class IP65.
Description
2.3 Product characteristics
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
22 Configuration Manual, 08/2018, C79000-G8976-C323-09
2.3
Product characteristics
Properties of the SCALANCE W700 devices
● The Ethernet interface supports the following:
– 10 Mbps and 100 Mbps both in full and half duplex
– Autocrossing
– Autopolarity
● Operating the WLAN interface in the frequency bands 2.4 GHz and 5 GHz.
● The WLAN interface is compatible with the standards IEEE 802.11a , IEEE 802.11b , and
IEEE 802.11g. In the 802.11a and 802.11g mode, the gross transmission rate is up to 54
Mbps.
● IEEE 802.11n
– High-speed WLAN standard (wireless LAN)
– Can operate in the 2.4 GHz and in the 5 GHz range
● IEEE 802.11h - Supplement to IEEE 802.11a
In the 802.11h mode, the methods "Transmit Power Control (TPC)" as well as "Dynamic
Frequency Selection (DFS)" are used in the range 5.25 - 5.35 and 5.47 - 5.75 GHz. In
some countries, this allows the frequency subband of 5.47 - 5.725 GHz to be used in the
outdoor area even with higher transmit powers.
TPC is a method of adapting the transmit power.
With DFS, the access point searches for primary users for 60 seconds before starting
communication on the selected channel. During this time the access point does not send
beacons. If signals are found on the channel, the channel is blocked for 30 minutes, the
access point changes channel and repeats the check. Primary users are also searched
for during operation.
● Support of the authentication standards WPA, WPA-PSK, WPA2, WPA2-PSK and
IEEE 802.1x and the encryption methods WEP, AES and TKIP.
Note
With
devices operated in WLAN mode IEEE802.11n only WPA2 (WPA2-PSK and WPA2
Radius) encryption is possible.
● For better transmission via WLAN, the function WMM (wireless multimedia) is enabled.
The frames are evaluated according to their priority and sent prioritized via the WLAN
interface.
● Suitable for inclusion of a RADIUS server for authentication.
● Device-related and application-related monitoring of the wireless connection.
● The interoperability of the SCALANCE W700 devices with Wi-Fi devices of other vendors
was tested thoroughly.
● Before commissioning the SCALANCE W700, check the wireless conditions on site. If
you intend to use Industrial Wireless LAN systems and WirelessHART systems in the 2.4
GHz band, you will need to plan the use of the channels. At all costs, avoid parallel use of
Description
2.3 Product characteristics
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 23
overlapping frequency ranges. The following overlaps exist with Industrial Wireless LAN
and WirelessHART:
IWLAN channel
IEEE 802.11 b/g/n
WHART channel
IEEE 802.15.4
1
11 - 16
6 15 - 20
7
16 - 21
11 20 - 25
13
21 - 25
Note
All SCALANCE W700 access points can be reconfigured for client mode.
Features of the SCALANCE W700
Type
Number of
WLAN
ports
Antennas
Number and
type of Ethernet
interface
Degree of
protection
Article number
SCALANCE W774-1 RJ-45 1 external 2 x 10/100 Mbps
Ethernet (cop-
per)
IP30 6GK5774-1FX00-0AA0
6GK5774-1FX00-0AB0 (1)
6GK5774-1FX00-0AC0
(2)
SCALANCE W774-1 M12
EEC
1 external 2 x 10/100 Mbps
Ethernet (cop-
per)
IP30 6GK5774-1FY00-0TA0
6GK5774-1FY00-0TB0 (1)
SCALANCE W734-1 RJ-45 1 external 2 x 10/100 Mbps
Ethernet (cop-
per)
IP30 6GK5734-1FC00-0AA0
6GK5734-1FC00-0AB0 (1)
SCALANCE W778-1 M12 1 external 2 x 10/100 Mbps
Ethernet (cop-
per)
IP65 6GK5778-1GY00-0AA0
6GK5778-1GY00-0AB0 (1)
SCALANCE W778-1 M12
EEC
1 external 2 x 10/100 Mbps
Ethernet (cop-
per)
IP65 6GK5778-1GY00-0TA0
6GK5778-1GY00-0TB0 (1)
SCALANCE W738-1 M12 1 external 2 x 10/100 Mbps
Ethernet (cop-
per)
IP65 6GK5738-1GY00-0AA0
6GK5738-1GY00-0AB0 (1)
(1) US variant
(2) Israel variant
Description
2.4 IEEE 802.11n
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
24 Configuration Manual, 08/2018, C79000-G8976-C323-09
2.4
IEEE 802.11n
Overview
The standard IEEE 802.11n is an expansion of the 802.11 standard and was approved in
2009.
Previous standards worked either in the 2.4 GHz frequency band (IEEE 802.11g /b) or in the
5 GHz frequency band (IEEE 802.11a). IEEE 802.11n can operate in both frequency band.
In the IEEE 802.11n standard, there are mechanisms implemented in PHY and MAC layers
that increase the data throughput and improve the wireless coverage.
● MIMO antenna technology
● Maximum ratio combining (MRC)
● Spatial multiplexing
● Channel bonding
● Frame aggregation
● Accelerated guard interval
● Modulation and coding scheme
● Data throughput rates up to 450 Mbps (gross)
This is not possible on all SCALANCE W700 devices.
Description
2.4 IEEE 802.11n
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 25
MIMO antenna technology
MIMO (Multiple Input - Multiple Output) is based on an intelligent multiple antenna system.
The transmitter and the receiver have several spatially separate antennas. The spatially
separate antennas transmit the data streams at the same time. Up to four data streams are
possible. The data streams are transmitted over spatially separate paths and return over
different paths due to diffraction, refraction, fading and reflection (multipath propagation).
The multipath propagation means that at the point of reception a complex, space- and time-
dependent pattern results as a total signal made up of the individual signals sent. MIMO
uses this unique pattern by detecting the spatial position of characteristic signals. Here, each
spatial position is different from the neighboring position. By characterizing the individual
senders, the recipient is capable of separating several signals from each other.
Description
2.4 IEEE 802.11n
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
26 Configuration Manual, 08/2018, C79000-G8976-C323-09
Maximum ratio combining (MRC)
In a multiple antenna system, the wireless signals are received by the individual antennas
and combined to form one signal. The MRC method is used to combine the wireless signals.
The MRC method weights the wireless signals according to their signal-to-noise ratio and
combines the wireless signals to form one signal. The signal-to-noise ratio is improved and
the error rate is reduced.
Spatial mutliplexing
With spatial multiplexing, different information is sent using the same frequency. The data
stream is distributed over n transmitting antennas; in other words, each antenna sends only
1/n of the data stream. The division of the data stream is restricted by the number of
antennas. At the receiver end, the signal is reconstructed.
Due to the spatial multiplexing, there is a higher signal-to-noise ratio and a higher data
throughput.
Channel bonding
With IEEE 802.11n, data can be transferred via two directly neighboring channels. The two
20 MHz channels are put together to form one channel with 40 MHz. This allows the channel
bandwidth to be doubled and the data throughput to be increased.
To be able to use channel bonding, the recipient must support 40 MHz transmissions. If the
recipient does not support 40 MHz transmissions, the band is automatically reduced to 20
MHz. This means that IEEE 802.11n can also communicate with IEEE 802.11a/b/g devices.
The channel bundling is set on the "AP" WBM page with the "HT Channel Width [MHz]"
parameter.
Description
2.4 IEEE 802.11n
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 27
Frame aggregation
With IEEE 802.11n, it is possible to group together individual data packets to form a single
larger packet; this is known as frame aggregation. There are two types of frame aggregation:
● Aggregated MAC Protocol Data Unit (A-MPDU)
With A-MPDU, multiple MPDU data packets with the same destination address are
bundled and sent as one large A-MPDU.
● Aggregated Mac Service Data Unit (A-MSDU)
With A-MSDU, multiple MSDU data packets with the same destination address are
chained together and sent.
The SCALANCE W devices support both types of frame aggregation. You make the settings
on the WBM page "AP 802.11n".
Accelerated guard interval
The guard interval prevents different transmissions being mixed together. In
telecommunications, this mixing is also known as intersymbol interference (ISI).
When the send time has elapsed, a send pause (guard interval) must be kept to before the
next transmission begins.
The guard interval of IEEE 802.11a /b/g is 800 ns. IEEE 802.11n can use the reduced guard
interval of 400 ns. You specify the guard interval on the WBM page "AP 802.11n".
Modulation and coding schemes
The IEEE 802.11n standard supports different data rates. The data rates are based on the
number of spatial streams, the modulation method and the channel coding. The various
combinations are described in modulation and coding schemes.
Description
2.5 Requirements for installation and operation of SCALANCE W devices
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
28 Configuration Manual, 08/2018, C79000-G8976-C323-09
2.5
Requirements for installation and operation of SCALANCE W
devices
A PG/PC with network connection must be available in order to configure the SCALANCE W
devices. If no DHCP server is available, a PC on which the Primary Setup Tool (PST) is
installed is necessary for the initial assignment of an IP address to the SCALANCE W
devices. For the other configuration settings, a computer with Telnet or a Web browser is
necessary.
Description
2.6 C-PLUG and KEY-PLUG
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 29
2.6
C-PLUG and KEY-PLUG
Configuration information on the C-PLUG / KEY-PLUG
The C-PLUG or KEY-PLUG stores the configuration of a device and can therefore transfer
the configuration of the old device to the new device.
NOTICE
Do not remove or insert a C-PLUG / KEY-PLUG during operation!
A PLUG may only be removed or inserted when the device is turned off.
The device checks whether or not a PLUG is present at one second intervals. If it is
detected that the PLUG was removed, there is a restart. If a valid KEY-PLUG was inserted
in the device, the device changes to a defined error state following the restart. With
SCALANCE W, the available wireless interfaces are deactivated in this case.
If the device was configured at some time with a PLUG, the device can no longer be used
without this PLUG. To be able to use the device again, reset the device to the factory
settings.
When the new device starts up with the PLUG, it then continues automatically with exactly
the same configuration as the old device. One exception to this can be the IP configuration if
it is set using DHCP and the DHCP server has not been reconfigured accordingly.
A reconfiguration is necessary if you use functions based on MAC addresses.
Note
In terms of the PLUG, the SCALANCE devices work in two modes:
•
Without PLUG
The device stores the configuration in internal memory. This mode is active when no
PLUG is inserted.
•
With PLUG
The configuration stored on the PLUG is displayed over the user interfaces. If changes
are made to the configuration, the device stores the configuration directly on the PLUG
and in the internal memory. This mode is active as soon as a PLUG is inserted. As soon
as the device is started with a PLUG inserted, the SCALANCE W700 starts up with the
configuration data on the PLUG.
Note
Incompatibility with previous versions with PLUG inserted
During the installation of a
previous version of the firmware, the configuration data can be
lost. In this case, the device starts up with the factory settings after the firmware has been
installed. In this situation, if a PLUG is inserted in the device, following the restart, this ha
s
the status "NOT ACCEPTED" since the PLUG still has the configuration data of the previous
more up
-to-date firmware. This allows you to return to the previous, more up-to-date
firmware without any loss of configuration data. If the original configuration
on the PLUG is
no longer required, the PLUG can be deleted or rewritten manually using "System > PLUG".
Description
2.6 C-PLUG and KEY-PLUG
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
30 Configuration Manual, 08/2018, C79000-G8976-C323-09
License information on the KEY-PLUG
In addition to the configuration, the KEY-PLUG also contains a license that allows the use of
the iFeatures.
PLUG with preset function (PRESET-PLUG)
With PRESET-PLUG it is possible to install the same configuration and the firmware
belonging to it on several devices.
Note
Using configurations with DHCP
Create a PRESET
-PLUG only from device configurations that use DHCP. Otherwise
disruptions will occur in network operation due to multiple identical IP addresses.
You assign fixed IP addresses extra following the basic installation.
In a PLUG that was configured as a PRESET-PLUG, the device configuration, user
accounts, certificates and the firmware are stored.
Note
Restore factory defaults and restart with a PRESET PLUG inserted
If you reset a device to the factory defaults, when the device restarts an inserted PRESET
PLUG is formatted and the PRESET PLUG
functionality is lost. You then need to create a
new PRESET PLUG.
We recommend that you remove the PRESET PLUG before you reset the device to the
factory settings.
For more detailed information on creating and using a PRESET PLUG refer to the section
Upkeep and maintenance (Page 415).
Description
2.7 Power over Ethernet (PoE)
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 31
2.7
Power over Ethernet (PoE)
General
"Power over Ethernet" (PoE) is a power supply technique for network components according
to IEEE 802.3af or IEEE 802.3at. The power is supplied over the Ethernet cables that
connect the individual network components together. This makes an additional power cable
unnecessary. PoE can be used with all PoE-compliant network components that require little
power (max. 12.95 W).
Which Ethernet connectors of a device are capable of PoE can be found in the operating
instructions of the relevant device.
Cable used for the power supply
●
Variant 1 (redundant wires)
In Fast Ethernet, the wire pairs 1, 2 and 3, 6 are used to transfer data. Pairs 4, 5 and 7, 8
are then used to supply power. If there are only four wires available, the voltage is
modulated onto the wires 1, 2 and 3, 6 (see variant 2). This alternative is suitable for a
data transmission rate of 10/100 Mbps. This type of power supply is not suitable for 1
Gbps since with gigabit all 8 wires are used for data transfer.
●
Variant 2 (phantom power)
With phantom power, the power is supplied over the pairs that are used for data transfer,
in other words, all eight (1 Gbps) or four (10/100 Mbps) wires are used both for the data
transfer and the power supply.
Whether a device supports variant 1 and variant 2 or only variant 2 can be found in the
operating instructions of the relevant device.
A PoE-compliant switch can supply the end device either using:
● Variant 1 or
● Variant 2 or
● Variant 1 and variant 2.
Endspan
With endspan, the power is supplied via a switch that can reach a device over an Ethernet
cable. The switch must be capable of PoE, for example a SCALANCE X108PoE,
SCALANCE X308-2M POE, SCALANCE XR552-12M.
Midspan
Midspan is used when the switch is not PoE-compliant. The power is supplied by an
additional device between the switch and end device. In this case, only data rates of 10/100
Mbps can be achieved because the power is supplied on redundant wires.
Description
2.7 Power over Ethernet (PoE)
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
32 Configuration Manual, 08/2018, C79000-G8976-C323-09
A Siemens power insert can also be used as the interface for the power input. Since a power
insert supports a power supply of 24 VDC, it does not conform with 802.3af or IEEE 802.3at.
The following restrictions relating to the use of power inserts should be noted:
WARNING
Operate the power insert only when the following conditions apply:
• with extra low voltages SELV, PELV complying with IEC 60364-4-41
• in USA/CAN with power supplies complying with NEC class 2
• in USA/CAN, the cabling must meet the requirements of NEC/CEC
• Power load maximum 0.5 A.
Cable lengths
Table 2- 1 Permitted cable lengths (copper cable - Fast Ethernet)
Cable type
Accessory (plug, outlet,
TP cord)
Permitted cable length
IE TP torsion cable with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 45 m
+ 10 m TP cord
with IE FC RJ-45 Plug 180
0 to 55 m
IE FC TP Marine Cable
IE FC TP Trailing Cable
IE FC TP Flexible Cable
with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 75 m
+ 10 m TP cord
with IE FC RJ-45 Plug 180
0 to 85 m
IE FC TP standard cable with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 90 m
+ 10 m TP cord
with IE FC RJ-45 Plug 180
0 to 100 m
Table 2- 2 Permitted cable lengths (copper cable - gigabit Ethernet)
Cable type
Accessory (plug, outlet,
TP cord)
Permitted cable length
IE FC standard cable, 4×2, 24
AWG
with IE FC RJ-45 Plug 180, 4x2 0 to 90 m
IE FC flexible cable, 4×2, 24
AWG
with IE FC RJ-45 Plug 180, 4x2 0 to 60 m
IE FC standard cable, 4×2, 22
AWG
with IE FC Outlet RJ-45
+ 10 m TP cord
0 to 100 m
+ 10 m TP cord
Description
2.7 Power over Ethernet (PoE)
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 33
Table 2- 3 Fitting connectors
PIN
Color of the
wire
CAT5
Color of the
wire
CAT6a
Use
Power over
unused wires
(10/100 Mbps
only)
Phantom power
1
Yellow
Green/white
Data
Data/power
2
Orange
Green
Data
Data/power
3 White Orange/white Data Data/power
6
Blue
Orange
Data
Data/power
4
Blue
Power
unused at 10/100 Mbps
5
Blue/white
Power
unused at 10/100 Mbps
7
Brown/white
Power
unused at 10/100 Mbps
8
Brown
Power
unused at 10/100 Mbps
LEDs for PoE on the SCALANCE W700 device
When the SCALANCE W700 device is supplied by PoE, the green "PoE" LED is lit on the
SCALANCE W700 device.
Description
2.7 Power over Ethernet (PoE)
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
34 Configuration Manual, 08/2018, C79000-G8976-C323-09
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 35
Security recommendations
3
To prevent unauthorized access, note the following security recommendations.
General
● You should make regular checks to make sure that the device meets these
recommendations and/or other security guidelines.
● Evaluate your plant as a whole in terms of security. Use a cell protection concept with
suitable products (https://www.industry.siemens.com/topics/global/en/industrial-
security/pages/default.aspx).
● When the internal and external network are disconnected, an attacker cannot access
internal data from the outside. Therefore operate the device only within a protected
network area.
● For communication via non-secure networks use additional devices with VPN functionality
to encrypt and authenticate the communication.
● Terminate management connections correctly (WBM. Telnet, SSH etc.).
Physical access
● Restrict physical access to the device to qualified personnel.
● The memory card or the PLUG (C-PLUG, KEY-PLUG, security PLUG) contains sensitive
data such as certificates, keys etc. that can be read out and modified.
Software (security functions)
● Keep the firmware up to date. Check regularly for security updates of the product.
You will find information on this on the Internet pages "Industrial Security
(https://www.siemens.com/industrialsecurity)".
● Inform yourself regularly about security advisories and bulletins published by Siemens
ProductCERT (https://www.siemens.com/cert/en/cert-security-advisories.htm).
● Only activate protocols that you really require to use the device.
● Use the security functions such as address translation with NAT (Network Address
Translation) or NAPT (Network Address Port Translation) to protect receiving ports from
access by third parties.
● Restrict access to the device with a firewall or rules in an access control list (ACL -
Access Control List).
● If RADIUS authentication is via remote access, make sure that the communication is
within the secured network area or is via a secure channel.
● The option of VLAN structuring provides good protection against DoS attacks and
unauthorized access. Check whether this is practical or useful in your environment.
Security recommendations
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
36 Configuration Manual, 08/2018, C79000-G8976-C323-09
● Use a central logging server to log changes and access operations. Operate your logging
server within the protected network area and check the logging information regularly.
● Use WPA2/ WPA2-PSK with AES to protect the WLAN. If iPCF or iPCF-MC is used, use
the AES encryption.
Passwords
● Define rules for the use of devices and assignment of passwords.
● Regularly update passwords and keys to increase security.
● Change all default passwords for users before you operate the device.
● Only use passwords with a high password strength. Avoid weak passwords for example
password1, 123456789, abcdefgh.
● Make sure that all passwords are protected and inaccessible to unauthorized personnel.
● Do not use the same password for different users and systems or after it has expired.
Keys and certificates
This section deals with the security keys and certificates you require to set up HTTPS
(HyperText Transfer Protocol Secured Socket Layer).
● We strongly recommend that you create your own HTTPS certificates and make them
available.
There are preset certificates and keys on the device. The preset and automatically
created HTTPS certificates are self-signed.
We recommend that you use HTTPS certificates signed either by a reliable external or by
an internal certification authority. The HTTPS certificate checks the identity of the device
and controls the encrypted data exchange. You can install the HTTPS certificate via the
WBM (System > Load and Save).
● Handle user-defined private keys with great caution if you use user-defined SSH or SSL
keys.
● Use the certification authority including key revocation and management to sign the
certificates.
● Verify certificates and fingerprints on the server and client to avoid "man in the middle"
attacks.
● We recommend that you use certificates with a key length of 2048 bits.
● Change keys and certificates immediately, if there is a suspicion of compromise.
Security recommendations
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 37
Secure/non-secure protocols and services
● Avoid and disable non-secure protocols, for example Telnet and TFTP. For historical
reasons, these protocols are still available, however not intended for secure applications.
Use non-secure protocols on the device with caution.
● Check whether use of the following protocols and services is necessary:
– Non-authenticated and unencrypted ports
– LLDP
– Syslog
– DHCP options 66/67
– TFTP
● The following protocols provide secure alternatives:
– SNMPv1/v2 → SNMPv3
Check whether use of SNMPv1 is necessary. SNMPv1 is classified as non-secure.
Use the option of preventing write access. The product provides you with suitable
setting options.
If SNMP is enabled, change the community names. If no unrestricted access is
necessary, restrict access with SNMP.
Use SNMPv3 in conjunction with passwords.
– HTTP → HTTPS
– Telnet → SSH
● Use secure protocols when access to the device is not prevented by physical protection
measures.
● To prevent unauthorized access to the device or network, take suitable protective
measures against non-secure protocols.
● If you require non-secure protocols and services, operate the device only within a
protected network area.
● Restrict the services and protocols available to the outside to a minimum.
● For the DCP function, enable the "Read Only" mode after commissioning.
Security recommendations
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
38 Configuration Manual, 08/2018, C79000-G8976-C323-09
Available protocols per port
The following list provides you with an overview of the open ports on this device.
The table includes the following columns:
●
Protocol
All protocols that the device supports
●
Port number
Port number assigned to the protocol
●
Port status
– Open
The port is always open and cannot be closed.
– Open (when configured)
The port is open if it has been configured.
●
Factory setting
– Open
The factory setting of the port is "Open".
– Closed
The factory setting of the port is "Closed".
Security recommendations
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 39
●
Authentication
Specifies whether the protocol authenticates the communications partner during access.
Protocol
Port number
Port status
Factory setting of
the port
Authentication
SSH
TCP/22 Open
(when configured)
Open Yes
TELNET
TCP/23 Open
(when configured)
Open Yes
HTTP
TCP/80 Open
(when configured)
Open Yes
HTTPS
TCP/443 Open
(when configured)
Open Yes
SNTP
NTP
UDP/123 Open
(when configured)
Closed No
SNMP
UDP/161 Open
(when configured)
Open Yes
PROFINET
UDP/34964,
UDP/49154, 49155
Open Open No
Syslog
UDP/514 Open
(when configured)
Open No
EtherNet/IP
TCP/44818,
UDP/2222,44818
Open
(when configured)
Open No
DHCP
UDP/67,68 Open
(when configured)
Closed No
RADIUS
UDP/1812,1813 Open
(when configured)
Closed No
TFTP
UDP/69 Open
(when configured)
Closed No
Security recommendations
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
40 Configuration Manual, 08/2018, C79000-G8976-C323-09
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 41
Technical basics
4
4.1
Configuration limits for WBM and CLI
Configuration limits of the device
The following table lists the configuration limits for Web Based Management and the
Command Line Interface of the device.
Depending on your device, some functions are not available.
Configurable function
Maximum number
System
Syslog server 3
DNS server
manual (IPv4/IPv6)
3
learned (IPv4/IPv6)
2
in total
7
SMTP server
3
SNMPv1 trap recipient
10
SNTP server
2
NTP server
1
DHCP pools
1
IPv4 addresses managed by the DHCP server (dy-
namic + static)
100
DHCP static assignments per DHCP pool
20
DHCP options
20
Inter-
faces
Force destination addresses for roaming
10
Connected clients per VAP
126
Layer 2
Virtual LANs (port-based; including VLAN 1)
16
Multiple Spanning Tree instances
16
Technical basics
4.1 Configuration limits for WBM and CLI
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
42 Configuration Manual, 08/2018, C79000-G8976-C323-09
Configurable function
Maximum number
Security
IP addresses from RADIUS servers • AAA: 4
• WLAN: 2
Management ACLs (access rules for management)
10
MAC ACL rule configuration
20
Ingress and egress rules for MAC ACL (total) 40 per interface (20 ingress rules /
20 egress rules)
• Client: 80 (P1, WLAN)
• Access point: 680 (P1, WDS
1.Y, VAP 1.Y)
IP ACL rule configuration
20
Ingress and egress rules for port ACL IP (total) 40 per interface (20 ingress rules /
20 egress rules)
• Client: 120 (P1, WLAN, man-
agement VLAN)
• Access point: 720 (P1, WDS
1.Y, VAP 1.Y, management
VLAN)
User roles
28
User groups
32
Users
28
Technical basics
4.2 Interfaces and system functions
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 43
4.2
Interfaces and system functions
Availability of the interfaces
The following table shows the availability of the physical and logical interfaces. Note that in
this table all interfaces are listed. Depending on the system function, some interfaces are not
available. On the WBM pages you can only select the available interfaces.
We reserve the right to make technical changes.
Client device
SCALANCE W734-1 RJ-45
SCALANCE W738-1 M12
Access points
SCALANCE W774-1 RJ45
SCALANCE W774-1 M12 EEC
SCALANCE W778-1 M12
SCALANCE W778-1 M12 EEC
Wireless interface (WLAN)
WLAN 1
WLAN 1
IP interface:
LAN interface
VLAN
P1
ManagementVLAN
P1
ManagementVLAN
VAP interface 1) - VAP 1.Y
Y = 1 ... 8
WDS interface 1) _ WDS 1.Y
Y = 1 ... 8
VLAN
16
16
1) only in access point mode
Technical basics
4.2 Interfaces and system functions
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
44 Configuration Manual, 08/2018, C79000-G8976-C323-09
Availability of the system functions
The following table shows the availability of the system functions on the devices. Note that
all functions are described in this configuration manual and in the online help. Depending on
the mode and the KEY-PLUG, some functions are not available.
We reserve the right to make technical changes.
Access point mode
Access points in
client mode
Client devices
Information
Security
Inter AP blocking ✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
W700 Security (MLFB
6GK5907-0PA00)
-
WLAN
Overview AP
✓
-
Client List
✓
-
WDS List
✓
-
Overlap AP
✓
-
Force Roaming
✓
-
Overview Client
-
✓
Available AP
-
✓
IP Mapping
-
✓
WLAN Statis-
tics
Faults
✓
✓
Management Sent
✓
✓
Management Re-
ceived
✓ ✓
Data Sent
✓
✓
Data Received
✓
✓
WLAN iFea-
tures
iREF Client List ✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
-
iREF WDS List ✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
-
AeroScout ✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
-
System
PROFINET
✓
-✓
EtherNet/IP
✓
✓
Technical basics
4.2 Interfaces and system functions
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 45
Access point mode
Access points in
client mode
Client devices
Interfaces
WLAN
Basic
✓
-✓
Expansions ✓ ✓
Antennas
✓
✓
Allowed Channels ✓ ✓
802.11n
✓
✓
AP
✓
-
AP WDS
✓
-
AP 802.11a/b/g
Rates
✓ -
AP 802.11n Rates
✓
-
Client 802.11a/b/g
Rates
- ✓
Client 802.11n
Rates
- ✓
Force Roaming
✓
✓
Signal recorder
-
✓
Spectrum Analyzer
✓
-
Layer 3
NAT
Basic
-
✓
NAPT
-
✓
Security
WLAN
Basic
✓
✓
AP Communication
✓
-
AP RADIUS Authen-
ticator
✓ -
Client RADIUS Sup-
plicant
- ✓
Keys
✓
✓
Inter AP Block-
ing
Basic ✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
W700 Security (MLFB
6GK5907-0PA00)
-
Allowed Addresses ✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
W700 Security (MLFB
6GK5907-0PA00)
-
Technical basics
4.2 Interfaces and system functions
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
46 Configuration Manual, 08/2018, C79000-G8976-C323-09
Access point mode
Access points in
client mode
Client devices
iFeatures
iPCF
iPCFv1
✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
✓
Access point in client
mode:
W780 iFeatures
(MLFB 6GK5 907-
8PA00
Client: W740 iFea-
tures (MLFB 6GK5
907-4PA00)
iPCF-MC
✓
Only dual APs
W780 iFeatures (MLFB
6GK5 907-8PA00)
✓
Access point in client
mode:
W780 iFeatures
(MLFB 6GK5 907-
8PA00
Client: W740 iFea-
tures (MLFB 6GK5
907-4PA00)
iPRP
✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
✓
Access point in client
mode:
W780 iFeatures
(MLFB 6GK5 907-
8PA00
Client: W740 iFea-
tures (MLFB 6GK5
907-4PA00)
iREF
✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
-
AeroScout
✓
W780 iFeatures (MLFB
6GK5 907-8PA00)
-
Support of IPv6
The following system functions do not support IPv6 addresses:
● Inter AP blocking
● Force roaming
● IP ACL
Technical basics
4.3 EtherNet/IP
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 47
4.3
EtherNet/IP
EtherNet/IP
EtherNet/IP (Ethernet/Industrial Protocol) is an open industry standard for industrial real-time
Ethernet based on TCP/IP and UDP/IP. With EtherNet/IP, Ethernet is expanded by the
Common Industrial Protocol (CIP) at the application layer. In EtherNet/IP, the lower layers of
the OSI reference model are adopted by Ethernet with the physical, network and transport
functions.
You configure EtherNet/IP in "System > EtherNet/IP".
Common Industrial Protocol
The Common Industrial Protocol (CIP) is an application protocol for automation that supports
transition of the field buses in Industrial Ethernet and in IP networks. This industry protocol is
used by field buses/industrial networks such as DeviceNet, ControlNet and EtherNet/IP at
the application layer as an interface between the deterministic fieldbus world and the
automation application (controller, I/O, HMI, OPC, ...). The CIP is located above the transport
layer and expands the pure transport services with communications services for automation
engineering. These include services for cyclic, time-critical and event-controlled data traffic.
CIP distinguishes between time-critical I/O messages (implicit messages) and individual
query/response frames for configuration and data acquisition (explicit messages). CIP is
object-oriented; all data "visible" from the outside is accessible in the form of objects. CIP
has a common configuration basis: EDS (Electronic Data Sheet).
Electronic Data Sheet
Electronic Data Sheet (EDS) is an electronic datasheet for describing devices.
The EDS required for EtherNet/IP operation can be found in "System > Load&Save
(Page 189)".
Technical basics
4.4 PROFINET
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
48 Configuration Manual, 08/2018, C79000-G8976-C323-09
4.4
PROFINET
PROFINET
PROFINET is an open standard (IEC 61158/61784) for industrial automation based on
Industrial Ethernet. PROFINET uses existing IT standards and allows end-to-end
communication from the field level to the management level as well as plant-wide
engineering. PROFINET also has the following features:
● Use of TCP/IP
● Automation of applications with real-time requirements
– Real-Time (RT) communication
– Isochronous Real-Time (IRT) communication
● Seamless integration of fieldbus systems
You configure PROFINET in "System > PROFINET (Page 247)".
PROFINET IO
Within the framework of PROFINET, PROFINET IO is a communications concept for
implementing modular, distributed applications. PROFINET IO is implemented by the
PROFINET standard for programmable controllers (IEC 61158-x-10).
Technical basics
4.5 VLAN
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 49
4.5
VLAN
Network definition regardless of the spatial location of the nodes
VLAN (Virtual Local Area Network) divides a physical network into several logical networks
that are shielded from each other. Here, devices are grouped together to form logical groups.
Only nodes of the same VLAN can address each other. Since multicast and broadcast
frames are only forwarded within the particular VLAN, they are also known as broadcast
domains.
The particular advantage of VLANs is the reduced network load for the nodes and network
segments of other VLANs.
For the identifier which frame is assigned to which VLAN, the frame is expanded by 4 bytes
(VLAN tagging). Apart from the VLAN-ID this expansion also includes priority information.
Options for the VLAN assignment
There are various options for the assignment to VLANs:
● Port-based VLAN
Each port of a device is assigned a VLAN ID. You configure port-based VLAN in "Layer 2
> VLAN (Page 320)".
● Protocol-based VLAN
Each port of a device is assigned a protocol group.
● Subnet-based VLAN
The IP address of the device is assigned a VLAN ID.
Doubly tagged frame (Q-in-Q)
There are devices e.g. SCALANCE XR500 that support the Q-in-Q function. With the Q-in-Q
function the incoming data traffic is treated as if it were untagged. With frames that are
already tagged ①, this means they are expanded by a second VLAN tag, the outer VLAN
tag ②.
When a SCALANCE W device receives a doubly tagged frame, it uses the VLAN ID from the
outer VLAN tag ②. The frame is then forwarded to the relevant VLAN.
Technical basics
4.6 MAC-based communication
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
50 Configuration Manual, 08/2018, C79000-G8976-C323-09
4.6
MAC-based communication
Frames sent by the client to the access point always have the MAC address of the WLAN
client as the source MAC address. In the "learning table" of the access point there is
therefore only the MAC address of the WLAN client.
MAC mode "Automatic", "Manual" and "Own"
If the MAC address of a device connected to the client is adopted (Automatic) or is set
manually (Manual), both the MAC-based and the IP-based frames find their destination for
precisely this device. If the MAC address of the Ethernet interface of the WLAN client is used
(Own), the MAC-based and IP-based frames only reach the WLAN client.
The access point checks whether the destination MAC address matches the MAC addresses
of the connected clients. Since a WLAN client can only use a MAC address, communication
at the MAC address level (ISO/OSI layer 2) can be to a maximum of one node downstream
from the client or the client itself.
With IP Mapping, several nodes downstream from a client can be addressed based on the IP
protocol. The IP packets are broken down according to an internal table and forwarded to the
connected devices.
Maximum possible number of Ethernet nodes with layer 2 communication downstream from
the client: 1
Notes on the "Automatic" setting:
● As long as there is no link on the Ethernet interface, the device uses the MAC address of
the Ethernet interface so that it can be reached in this status. In this status, the device
can be found using the Primary Setup Tool and configured with WBM or CLI.
● As soon as there is a link on the Ethernet interface, the device adopts the source MAC
address of the first received frame.
Note
From the moment that
the device adopts another MAC address (manually or
automatically), the device no longer responds to queries of the Primary Setup Tool when
the query is received over the WLAN interface. Queries of the PST over the Ethernet
interface continue to be replied
to.
MAC mode "Layer 2 Tunnel"
The WLAN client uses the MAC address of the Ethernet interface for the WLAN interface.
The access point is also informed of the MAC addresses connected to the Ethernet interface
of the WLAN client. This makes it possible to enter the MAC addresses of these devices in
the "learning table" of the access point. The access point can forward MAC-based frames for
the devices downstream from the client to the appropriate client.
In much the same way as with WDS, a separate port is created for the L2T client over which
the Ethernet frames are sent without changing the destination MAC address.
Maximum possible number of Ethernet nodes downstream from the client: 8
Technical basics
4.7 iPCF / iPCF-HT / iPCF-MC
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 51
4.7
iPCF / iPCF-HT / iPCF-MC
The wireless range of an IWLAN system can be expanded by using multiple access points. If
a client moves from the area covered by one access point to the area covered by another
access point, the wireless link is maintained after a short interruption (roaming).
If very fast update times are required, for example for PROFINET communication, access
points and client modules need to be used that use the proprietary methods iPCF / iPCF-HT
or iPCF-MC for fast roaming and deterministic data traffic.
iPCF / iPCF-HT / iPCF-MC can only be operated alone. A combination with each other is not
possible, e.g. iPCF with iPCF-HT or iPCF-MC.
How it works
iPCF
With iPCF the access point checks all nodes in the wireless cell cyclically. At the same time,
the scan includes the downlink traffic for this node. In the reply, the node sends the uplink
data. The access point scans a new node at least every 5 ms.
The scan of a node is seen by all other nodes in the cell. This allows a client to detect the
quality of the wireless link to the access point even when it is not communicating with the
access point itself. If the client does not receive any frames from the access point for a
certain time, it starts to search for a new access point.
In iPCF mode, both the search for a new access point and the registration with this access
point have been optimized in terms of time. Handover times significantly below 50 ms are
achieved.
The "Legacy Free (iPCF-LF)" setting is available to prevent the performance from being
slowed down by the IEEE 802.11 a/b/g device generation. When enabled, only the devices
that communicate with the IEEE 802.11n standard and have the "Legacy Free (iPCF-LF)"
setting enabled are accepted. WLAN mode IEEE 802.11n need not be enabled for this,
however.
Stable PROFINET communication is only possible when a WLAN client is in a wireless cell
with more than 60 % or -65 dBm signal strength at all times. This can be checked by
activating and deactivating the various wireless cells.
This does not mean that the client needs to change when there is a signal strength < 60 %
(< -65 dBm). Make sure that access points are available with adequate signal strength.
You configure iPCF in "iFeatures > iPCF > iPCF (Page 396)".
iPCF-HT
If a higher data throughput is required for iPCF, iPCF-HT is used. With this you can, for
example, alongside PROFINET also transfer video data. This is achieved by more effective
transfer of data packets using frame-bursting (A-MPDU). The individual data packets are
grouped together that are intended for the same receiver station (client) and that have the
same prioritization.
You configure iPCF-HT in "iFeatures > iPCF > iPCF-HT (Page 400)".
iPCF-MC
For freely moving nodes that communicate independently of a RCoax cable or directional
antennas, iPCF-MC should be used. With iPCF-MC, the client also searches for potentially
Technical basics
4.7 iPCF / iPCF-HT / iPCF-MC
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
52 Configuration Manual, 08/2018, C79000-G8976-C323-09
suitable access points when it receives iPCF queries from the access point and the existing
connection to an access point is working problem-free. This means that if a change to a
different access point is necessary, this is achieved extremely quickly. In contrast to iPCF,
the handover times for iPCF-MC are not dependent on the number of wireless channels
being used.
It is necessary to use an access point with two wireless interfaces a so-called dual access
point. The one interface operates as management channel and sends short frames
(beacons) with administrative information (e.g. channel setting of the data channel and
SSID). The other interface (data channel) exclusively transfers the user data.
The "Legacy Free (iPCF-LF)" setting is available to prevent the performance from being
slowed down by the IEEE 802.11 a/b/g device generation. When enabled, only the devices
that communicate with the IEEE 802.11n standard and have the "Legacy Free (iPCF-LF)"
setting enabled are accepted. WLAN mode IEEE 802.11n need not be enabled for this,
however.
You configure iPCF-MC in "iFeatures > iPCF > iPCF-MC (Page 404)".
Technical basics
4.7 iPCF / iPCF-HT / iPCF-MC
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 53
The following graphic shows a configuration example for iPCF-MC.
①
Wireless cell of access point 1
②
Wireless cell of access point 2
③
Wireless cell of access point 3
④
Wireless cell of access point 4
⑤
Plant
Technical basics
4.7 iPCF / iPCF-HT / iPCF-MC
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
54 Configuration Manual, 08/2018, C79000-G8976-C323-09
Restrictions
● iPCF / iPCF-HT and iPCF-MC are developments of Siemens AG and function only with
nodes on which iPCF / iPCFv2 / iPCF-MC is implemented.
● With an access point with several WLAN interfaces, it is possible to use both iPCF / iPCF-
HT as well as standard WLAN at the same time.
● Access points with a WLAN interface cannot take part in the iPCF-MC procedures, iPCF
is, however, possible.
● iPCF-HT is available only on WLAN interface 1 and can only be used in the 5 GHz band
with WLAN mode "(only) IEEE 802.11n".
Requirements for iPCF-MC
iPCF-MC uses the two wireless interface of the access point in different ways: One interface
works as the management interface and sends a beacon every five milliseconds. The other
interface transfers the user data.
The following requirements must be met before you can use iPCF-MC:
● Only SCALANCE W700 devices with two WLAN interfaces can be used as access points
● The data interface (WLAN1) and management interface (WLAN2) must be operated in
the same frequency band and must match in terms of their wireless coverage. iPCF-MC
will not work if the two wireless interfaces are equipped with directional antennas that
cover different areas.
● The management interfaces of all access points to which a client can change must use
the same channel. A client scans only this one channel to find accessible access points.
● Transmission based on IEEE 802.11h (DFS) cannot be used for the management
interface. 802.11h (DFS) is possible for the data interface.
● A client must support this feature on its WLAN interface.
Technical basics
4.8 iREF
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 55
4.8
iREF
How it works
If an access point has several activated antennas, the transmit power is distributed equally
on these antennas. The transmit power is subject to country-specific legal restrictions. The
maximum permitted power depends on the gain of the connected antennas. If the connected
antennas have different gains, the maximum antenna gain effectively restricts the permitted
transmit power.
iREF (industrial Range Extension Function) ensures that the data traffic from the access
point to each individual client is handled via the most suitable antenna. Which antenna is
most suitable is determined by the access point based on the RSSI values of received
packets.
Taking into account antenna gain and possible cable losses, packets are only sent via the
antennas with which the maximum signal strength at the client end can be expected.
During this time the other antennas are inactive and the legally permitted transmit power is
available for the selected antenna. The inactive antennas do not restrict the permitted
transmit power.
In particular in applications in which MIMO cannot be used or brings no advantage, this
allows data to be transmitted at the highest possible data transmission rate.
You configure iREF in "iFeatures > iREF (Page 411)"
Technical basics
4.8 iREF
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
56 Configuration Manual, 08/2018, C79000-G8976-C323-09
Requirement
● To be able to use iREF, the SCALANCE W700 device must have at least 2 activated
antennas.
Restrictions
● A maximum data rate of only up to 150 Mbps (MCS 0 - 7 or 1 x spatial stream) is possible
● iREF cannot be used along with other iFeatures (for example iPCF or iPCF-MC)
Advantages
● Due to the directional data transmission and dynamic deactivation of antennas that do not
radiate in the direction of the particular client, interference can be reduced.
● The signal strength is improved because the active antenna always has the maximum
permitted transmit power available.
Technical basics
4.9 iPRP
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 57
4.9
iPRP
The "Parallel Redundancy Protocol" (PRP) is a redundancy protocol for cabled networks. It
is defined in Part 3 of the IEC 62439 standard.
With the "industrial Parallel Redundancy Protocol" (iPRP) the PRP technology can be used
in wireless networks. This improves the availability of wireless communication.
How it works
A PRP network consists of two completely independent networks. If one network is
disrupted, the frames are sent without interruption/reconfiguration via the parallel redundant
network. To achieve this the Ethernet frames are sent to the recipient in duplicate via both
networks. Devices capable of PRP have at least two separate Ethernet interfaces that are
connected to independent networks.
With devices not capable of PRP a redundancy box (RedBox) is connected upstream. This
allows access for so-called Single Attached Nodes (SAN) to PRP networks. The RedBox
duplicates every Ethernet frame to be sent and adds a PRP trailer to the frame that among
other things contains a sequence number. The RedBox simultaneously sends a copy of the
frame to the PRP A and PRP B network. At the receiving end the duplicate frame is
discarded by the RedBox. For this the RedBox requires certain transfer times designed for
Ethernet networks. For this reason using PRP in WLAN networks results in duplicate and
delayed frames.
With iPRP this problem is solved and the use of PRP in WLAN with SCALANCE W700
devices becomes possible
Technical basics
4.9 iPRP
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
58 Configuration Manual, 08/2018, C79000-G8976-C323-09
The access points (AP 1, AP 2 and AP 3) and the RedBox at the AP end are connected to
each other via a switch. PRP network A und B are separated from each other via VLANs.
If SAN1 sends a frame to SAN2, the frame is duplicated by the RedBox at the AP end and
the two redundant frames are transferred via the switch to the access points. Via the two
different wireless paths the redundant PRP frames are transferred to the RedBox at the
client end. The clients are also connected to their RedBox via a switch. This forwards the
first PRP frame to arrive to SAN2 and discards the second one.
Note
On the interfaces of the switches to the SCALANCE W700 devices, only the VLANs th
at are
also set on the VAP or WLAN interfaces of the SCALANCE W700 devices may be
configured.
Technical basics
4.9 iPRP
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 59
With iPRP the redundant partners (here: AP1 and AP3 or client A and client B) communicate
with each other via a switch to prevent the two redundant PRP frames from arriving at the
RedBox with too great a time difference.
If for example the communication between AP1 and client A is very slow, the slower frame is
discarded at the receiving end.
You configure iPRP in "iFeatures > iPRP".
Requirement
● The base bridge mode "802.1Q VLAN Bridge" is set.
● The VLANs have been created.
● Access point mode: The VAP interface is enabled.
● Client mode: In MAC mode "Layer 2 Tunnel" is set.
● Depending on the configuration the clients can communicate with every access point.
Technical basics
4.10 AeroScout
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
60 Configuration Manual, 08/2018, C79000-G8976-C323-09
4.10
AeroScout
AeroScout tags
SCALANCE W700 devices support tags of the AeroScout company. Tags are battery-
operated RFID sensors that send their data cyclically as multicast frames.
Among other things, AeroScout tags have the following features:
●
Ambient temperature
If a tag is fitted to a SCALANCE W700 device or material, it is possible to monitor
whether a selected ambient temperature is being maintained.
●
Motion
Here, a tag can also supply information indicating whether it is in motion or stationary.
The areas of material flow and material handling engineering represent possible
applications for this function.
●
Button
Regardless of the frames sent cyclically, a user can also send a message by pressing a
button.
●
LED
This provides information on the operating status of the tag.
Note
For more detailed information, please refer to the AeroScout documentation
(www.aeroscout.com).
How it works
The tag sends its data as AeroScout frames. The tags and the access points communicate
in the 2.4 GHz band.
If the WLAN interface of the access point receives the AeroScout frame, this is converted
into a UDP datagram. The SCALANCE W700 device forwards the UDP datagram along with
the information about the signal strength (RSSI) to a PC. The AeroScout Engine runs on the
PC and evaluates the received information.
Note
It is not
advisable to use PROFINET communication and AeroScout together on one
wireless interface.
Technical basics
4.10 AeroScout
SCALANCE W770/W730 to IEEE 802.11n Web Based Management
Configuration Manual, 08/2018, C79000-G8976-C323-09 61
Accuracy of localization
To achieve optimum precision in the localization of AeroScout Tags,
● we recommend the use of antennas with omnidirectional characteristics
● if the signals should be received by at least three access points.
