Scalance Router in FS720 Fire Network
When the creation of routing tables with a set of static routes are not allowed for IT restrictions, you can use a Scalance router to grant connectivity to SAFEDLINK fire panels in a protected network segment.
The Scalance unit acts as a network separator and firewall.
The system settings depend very much on the network topology. As an example, we discuss here a typical topology.
The figure below shows a fire network with management station connectivity over a Scalance unit.
Note the three subnets:
- VLAN 1a: Internal fire panels subnet to the GAP station
- VLAN 1b: GAP subnet to the Scalance unit
- VLAN 2:. Management Station subnet to the Scalance unit
Configuration Guidelines
In general, the configuration process includes the following steps:
- BACnet driver configuration in Desigo CC:
- Configure the Instance Number that matches a Client ID configured in the fire panels.
- Configure BBMD with a Broadcast Distribution Table (BDT) entry for VLAN 1 (GAP station).
- Network configuration in the fire panel tool:
- Configure a BDT entry for VLAN 2 (management station).
- Scalance unit configuration, to allow the BACnet traffic across the firewall:
- Configure VLAN 1 and VLAN 2 Layer3 Subnets.
- Enable the required Predefined IPv4 services for VLAN1 and VLAN 2 across the Firewall.
- Enable ICMP services across the firewall: Echo Reply (0), Echo Request (8) and Trace Route (30).
- Enable IP services across the firewall for UDP ports 47808 - 47823 for the management station.
NOTE: The fire panel tool requires ports 51000 - 51064. - Configure Firewall Rules to enable traffic from VLAN1a and VLAN 1b to VLAN2 and vice versa for all services.
NOTE: To reduce the number of rules and simplify the configuration, define suitable IP addresses and use a masking technique to include both VLAN 1a and VLAN 1b in the allowed IP range from VLAN 2. - Configure the Layer 3 Static Route for the GAP to be identified as a gateway to the fire panels.
For detailed instructions about the Scalance S615 configuration, see the document Scalance S615 Router for SAFEDLINK Fire Networks (A6V13357580).