-
Cisco Connected Grid Ethernet Switch Module Interface Card Software Configuration Guide
-
Overview
-
Command Line Interface
-
Access the Switch Module from the Host Router
-
Assign the Switch Module IP Address and Default Gateway
-
Cisco IOS Configuration Engine
-
Administer the Switch Module
-
Switch Module Authentication
-
Interface Configuration
-
EtherChannel Configuration Between the Switch Module and the Host Router
-
Smartports Macros Configuration
-
VLAN Configuration
-
Private VLAN Configuration
-
IEEE 802.1Q and Layer 2 Protocol Tunneling Configuration
-
Quality of Service Configuration
-
EtherChannel Configuration and Link State Tracking
-
MODBUS TCP Configuration
-
SDM Template Configuration
-
Troubleshooting
-
Initial Configuration with the CLI Setup Program
-
Cisco IOS File System, Configuration Files, and Software Images
-
MODBUS TCP Registers
-
Unsupported Commands in Cisco IOS Release 12.2(58)EZ
-
Feedback
Table Of Contents
Configuring the Switch Module as the MODBUS TCP Server
Enabling MODBUS TCP on the Switch Module
Displaying MODBUS TCP Information
MODBUS TCP Configuration
This chapter provides the following sections:
•
Configuring the Switch Module as the MODBUS TCP Server
•
Understanding MODBUS TCP
Use Modicon Communication Bus (MODBUS) TCP over an Ethernet network when connecting the switch module to devices such as intelligent electronic devices (IEDs), distributed controllers, substation routers, Cisco IP Phones, Cisco Wireless Access Points, and other network devices such as redundant substation switches.
MODBUS is a serial communications protocol for client-server communication between a switch module (server) and a device in the network running MODBUS client software (client). You can use MODBUS to connect a computer to a remote terminal unit (RTU) in supervisory control and data acquisition (SCADA) systems.
The client can be an IED or a human machine interface (HMI) application that remotely configure and manage devices running MODBUS TCP. The switch module functions as the server.
The CGR 2010 ESM encapsulates a request or response message in a MODBUS TCP application data unit (ADU). A client sends a message to a TCP port on the switch module. The default port number is 502.
Note
MODBUS and Security
If a firewall or other security services are enabled, the switch module TCP port might be blocked, and the switch module and the client cannot communicate.
If a firewall and other security services are disabled, a denial-of-service attack might occur on the switch module.
•
interface Ethernet0/0ip address 10.1.1.1 255.255.255.0ip access-group 1 in!access-list 1 permit 10.1.1.0 0.0.0.255
•
interface FastEthernet0/1ip address 10.1.1.1 255.255.255.0ip access-group 1 inrate-limit input access-group 101 8000 8000 8000 conform-action transmit exceed-action drop!access-list 101 permit tcp 10.1.1.0 0.0.0.255 any eq 502Multiple Request Messages
The switch module can receive multiple request messages from clients and respond to them simultaneously.
You can set the number of client connections from 1 to 5. The default is 1.
Configuring the Switch Module as the MODBUS TCP Server
•
Defaults
•
•
•
Enabling MODBUS TCP on the Switch Module
Beginning in privileged EXEC mode:
To disable MODBUS on the switch module and return to the default settings, enter the no scada modbus tcp server global configuration command.
To clear the server and client statistics, enter the clear scada modbus tcp server statistics privileged EXEC command.
After you enable MODBUS TCP on the switch module, this warning appears:
WARNING: Starting Modbus TCP server is a security risk.
Please understand the security issues involved before
proceeding further. Do you still want to start the
server? [yes/no]:
To add security when using MODBUS TCP, configure an ACL to permit traffic from specific clients or configure QoS to rate-limit traffic.
Displaying MODBUS TCP Information
