Mod functions 18.12 firewall – HEIDENHAIN TNC 640 (34059x-04) ISO programming User Manual

MOD functions

18.12 Firewall

18

574

TNC 640 | User's Manual for DIN/ISO Programming | 3/2014

Firewall settings

Option

Meaning

Active

Switching the firewall on or off

Interface:

Selection of the

eth0

interface usually

corresponds to X26 of the MC main

computer.

eth1

corresponds to X116. You

can check this in the network settings in

the Interfaces tab. On main computer units

with two Ethernet interfaces, the DHCP

server is active by default for the second

(non-primary) interface for the machine

network. With this setting it is not possible

to activate the firewall for

eth1

because

the firewall and the DHCP server exclude

themselves mutually

Report other

inhibited

packets:

Firewall active with high safety level. (All

services except for the SSH are blocked)

Inhibit ICMP

echo answer:

If this option is set, the control no longer

answers to a PING request.

Service

This column contains the short names

of the services that are configured with

this dialog. For the configuration it is not

important here whether the services

themselves have been started

LSV2

contains the functionality for

TNCRemoNT and Teleservice, as well as

the HEIDENHAIN DNC interface (ports

19000 to 19010)

SMB

only refers to incoming SMB

connections, i.e. if a Windows release

is made on the NC. Outgoing SMB

connections (i.e. if a Windows release

is connected to the NC) cannot be

prevented.

SSH

stands for the Secure Shell protocol

(port 22). As of HEROS 504, the LSV2

can be executed safely tunneled via this

SSH protocol.

VNC

protocol means access to the

screen contents. If this service is

blocked, the screen content can no

longer be accessed, not even with the

Teleservice programs from HEIDENHAIN

(e.g. screenshot). If this service is

blocked, the VNC configuration dialog

shows a warning from HEROS that VNC

is disabled in the firewall.