Communications protocols and port numbers used for Ethernet communication

PROFINET protocols

DCP

Not relevant

(2) Ethertype 0x8892 (PROFINET)

PROFINET Discovery and Basic Configuration Protocol.

DCP determines PROFINET devices and enables the basic settings.

Default: Up to FW version V3.0 enabled, as of FW version V3.1 write protection enabled.

DCP does not allow DCP Set commands from the outside in write-protection mode during an active communication relationship.

Function can be deactivated in the CPU properties by Boundary "End of detection of accessible nodes" of the interface.

DHCP

Client

68

(4) UDP

Dynamic Host Configuration Protocol.

The IP address suite is obtained from a DHCP server during the startup of the PROFINET interface.

Default: Deactivated.

Can be changed in the CPU properties (as of FW version 2.9).

LLDP

Not relevant

(2) Ethertype 0x88CC (LLDP)

PROFINET Link Layer Discovery Protocol.

LLDP determines and manages neighborhood relations between PROFINET devices.

Default: Activated.

Send function can be deactivated by Boundary "End of topology discovery" in the CPU properties; readiness to receive remains active.

LLDP uses the special multicast MAC address: 01-80-C2-00-00-0E.

MRP

Not relevant

(2) Ethertype 0x88E3 (IEC 62493-2-2010)

Media Redundancy Protocol.

MRP enables control of redundant transmission paths in a ring topology.

Default: "Manager (Auto)".

Can be changed in the CPU properties. If you configure the CPU and connect the PN interface with a subnet, the default setting in the TIA Portal is "Not device in the ring".

MRP uses standard-compliant Multicast MAC addresses.

PROFINET IO data

Not relevant

(2) Ethertype 0x8892 (PROFINET)

PROFINET Cyclic IO Data Transfer

With PROFINET IO telegrams, IO data is transferred cyclically between the PROFINET IO controller and IO devices via Ethernet.

Default: Deactivated.

The protocol is only activated for PROFINET IO data traffic.

PROFINET

Context Manager

34964

(4) UDP

PROFINET connection without RPC.

Management of application and communication relationships between IO controller and IO devices.

Default: Enabled (UDP port open).

This function cannot be deactivated.

PTCP

Not relevant

(2) Ethertype 0x8892 (PROFINET)

PROFINET Precision Transparent Clock Protocol, based on IEEE 1588.

PTCP provides a time delay measurement between RJ45 ports and thus the send clock and time synchronization.

Default: Deactivated.

Can be enabled by the following configurations:

• IRT with a sync domain.

• Port interconnection with a specified cable length.

Function can be deactivated in the CPU properties by "End of sync domain" Boundary of the interface.

PTCP uses standard-compliant multicast MAC addresses.

Connection-oriented communications protocols

HTTP

Server

80

(4) TCP

Hypertext Transfer Protocol.

HTTP is used for communication with the CPU-internal web server.

Default: Deactivated.

Can be enabled in the CPU properties.

Requirement: Web server in the CPU properties is enabled.

HTTPS

Server

443

(4) TCP

Hypertext Transfer Protocol Secure.

HTTPS is used for communication with the CPU-internal Web server via Secure Socket Layer (SSL).

Default: Deactivated.

Can be enabled in the CPU properties.

Requirement: Web server in the CPU properties is enabled.

IGMPv2

Not relevant

(3) Network layer

Internet Group Management Protocol.

IGMPv2 is a network protocol for the organization of multicast groups (UDP multicast only).

IGMPv2 is a functionality of the IP stack. This system function is activated by the multicast function.

ISO-on-TCP

Server

102

(4) TCP

ISO-on-TCP protocol (according to RFC 1006).

The S7 protocol uses ISO-on-TCP according to RFC 1006 for PG/HMI communication with the engineering system (TIA Portal).

Default: Activated.

This function cannot be deactivated.

MODBUS

TCP

Server / Client

502

(4) TCP

MODBUS Transmission Control Protocol.

MODBUS/TCP is used by MB_CLIENT/MB_SERVER instructions in the user program.

Default: Deactivated.

Can be activated via Modbus instructions in the user program.

NTP

Client

123

(4) UDP

Network Time Protocol.

NTP is used for synchronization of the CPU system time with the time of an NTP server.

Default: Deactivated.

Can be enabled in the CPU properties.

OPC UA

Server / Client

4840

(4) TCP

Open Platform Communications Unified Architecture (based on TCP/IP protocol).

A communication standard ranging from the enterprise level to the field level.

Default: Deactivated.

Server and client function can be enabled in the CPU properties.

Client access can be configured in the user program.

OUC¹

Secure OUC

Server / Client

1 ... 1999

can be used to limited extent²

(4) TCP

(4) UDP

(4) ISO-on-TCP (Port: 102)

Open User Communication (TCP/UDP).

Secure Open User Communication (TLS).

OUC instructions enable connection establishment, connection termination and data transfer via the user program.

Default: Deactivated.

You activate the respective protocol with the corresponding Open User Communication instruction in the user program or with the configuration of connections in the network view.

The following applies to FW versions lower than V3.0:

• Programmed connections: 5001 ... 49152

• Configured connections: 5001 ... 65535

2000 ...

5000

Recommended

As of FW version V3.0, the following applies to programmed and configured connections:

5001 ... 65535

can be used to limited extent²

SMTP

Client

25

(4) TCP

Simple Mail Transfer Protocol.

SMTP is used for sending emails.

Default: Deactivated.

Can be enabled via TMAIL_C instruction in the user program.

SMTPS (SMTP over TLS)

Client

465

(4) TCP

Simple Mail Transfer Protocol Secure.

SMTP is used for sending emails over secure connections.

Default: Deactivated.

Can be enabled via TMAIL_C instruction in the user program.

SMTP with STARTTLS

Client

25

587

(4) TCP

Simple Mail Transfer Protocol with the SMTP command "STARTTLS"

SMTP is used for sending emails.

Default: Deactivated.

Can be enabled via TMAIL_C instruction in the user program.

SNMP

Agent

161

162 (trap)

(4) UDP

Simple Network Management Protocol.

SNMP is used for reading and setting of network management data (SNMP-managed objects) by the SNMP Manager.

Default: Activated up to FW version V2.9, deactivated as of FW version V3.0.

Can be enabled via data record in the user program.

Can be enabled in the CPU properties as of FW version V3.0.

As of FW version V3.1, can additionally be enabled as write-protected in the CPU properties.

Syslog (system logging)

6514

514

(4) TCP

(4) UDP

Syslog is an IETF standard protocol (RFC 5424) for the transmission of events that a CPU detects.

Default: Deactivated.

Can be enabled in the CPU properties.

You can configure the forwarding of syslog messages to a syslog server in the CPU properties. The collection of system logging events within a CPU cannot be disabled as of FW version V3.1.

Reserved

49152 ...

65535

(4) TCP

(4) UDP

If an application does not address a local port, then the CPU uses this port range for the active connection point.

-

PROFINET protocols

DCP

Not relevant

(2) Ethertype 0x8892 (PROFINET)

PROFINET Discovery and Basic Configuration Protocol.

DCP determines PROFINET devices and enables the basic settings.

Default: Enabled up to version V30.0. Write-protection enabled as of version V30.1 .

DCP does not allow DCP Set commands from the outside in write-protection mode during an active communication relationship.

Function can be disabled with Boundary "End of detection of accessible nodes" in the CPU properties.

DHCP

Client

68

(4) UDP

Dynamic Host Configuration Protocol.

The IP address suite is obtained from a DHCP server during the startup of the PROFINET interface.

Default: Deactivated.

Can be changed in the CPU properties (as of FW version 2.9).

Connection-oriented communications protocols

HTTP

Server

Adjustable ¹

(4) TCP

Hypertext Transfer Protocol.

HTTP is used for communication with the CPU-internal web server.

Default: Deactivated.

Can be changed in the CPU properties.

Adapt the port number to avoid conflicts with other web servers under Windows. If you use the Web server access of the S7-1500 software controller, you must enable the assigned port in the Windows firewall.

IGMPv2

Not relevant

(3) Network layer

Internet Group Management Protocol.

IGMPv2 is a network protocol for the organization of multicast groups (UDP multicast only).

IGMPv2 is a functionality of the IP stack. This system function is activated by the multicast function.

ISO-on-TCP

Server

102

(4) TCP

ISO-on-TCP protocol (according to RFC 1006).

The S7 protocol uses ISO-on-TCP according to RFC 1006 for PG/HMI communication with the engineering system (TIA Portal).

Default: Deactivated.

OUC²

and

Secure OUC

1 ... 1999

can be used to limited extent^{3, 4}

(4) TCP

(4) UDP

(4) ISO-on-TCP (Port: 102)

Open User Communication (TCP/UDP).

Secure Open User Communication (TLS).

OUC instructions enable connection establishment, connection termination and data transfer based on the socket layer.

Default: Deactivated.

Can be enabled via data record in the user program.

If you want to use OUC, you must activate the ports in the Windows Firewall.

2000 ...

5000

recommended⁴

5001 ...

49151

can be used to limited extent^{3, 4}

SMTP

Client

25

(4) TCP

Simple Mail Transfer Protocol.

SMTP is used for sending emails.

Default: Deactivated.

Can be activated by calling the block in the user program or as of version V3.0 via CPU settings.

Syslog (system logging)

6514

514

(4) TCP

(4) UDP

Syslog is an IETF standard protocol (RFC 5424) for the transmission of events that a CPU detects.

Default: Deactivated.

Can be enabled in the CPU properties.

You can configure the forwarding of syslog messages to a syslog server in the CPU properties. The collection of system logging events within a CPU cannot be disabled as of FW version V3.1.

Reserved

49152 ...

65535

(4) TCP

(4) UDP

If the application does not specify the local port number, this dynamic port range is used for the active connection end point.

If you want to use this communication, you must activate the ports in the Windows Firewall.