Mod functions 17.12 firewall – HEIDENHAIN TNC 620 (81760x-02) ISO programming User Manual

MOD functions

17.12 Firewall

17

554

TNC 620 | User's ManualDIN/ISO Programming | 2/2015

Firewall settings

Option

Meaning

Active

Switching the firewall on or off

Interface:

Selection of the

eth0 interface usually

corresponds to X26 of the MC main
computer.

eth1 corresponds to X116. You

can check this in the network settings in

the Interfaces tab. On main computer units

with two Ethernet interfaces, the DHCP

server is active by default for the second

(non-primary) interface for the machine

network. With this setting it is not possible
to activate the firewall for

eth1 because

the firewall and the DHCP server exclude

themselves mutually

Report other

inhibited

packets:

Firewall active with high safety level. (All

services except for the SSH are blocked)

Inhibit ICMP

echo answer:

If this option is set, the control no longer

answers to a PING request.

Service

This column contains the short names

of the services that are configured with

this dialog. For the configuration it is not

important here whether the services

themselves have been started

LSV2 contains the functionality for

TNCRemoNT and Teleservice, as well as

the HEIDENHAIN DNC interface (ports

19000 to 19010)
SMB only refers to incoming SMB

connections, i.e. if a Windows release

is made on the NC. Outgoing SMB

connections (i.e. if a Windows release

is connected to the NC) cannot be

prevented.
SSH stands for the Secure Shell protocol

(port 22). As of HEROS 504, the LSV2

can be executed safely tunneled via this

SSH protocol.
VNC protocol means access to the

screen contents. If this service is

blocked, the screen content can no

longer be accessed, not even with the

Teleservice programs from HEIDENHAIN

(e.g. screenshot). If this service is

blocked, the VNC configuration dialog

shows a warning from HEROS that VNC

is disabled in the firewall.