It is recommended to use a firewall between the Internet and the MindConnect Nano, this is also recommended for communication to the automation network.
In the direction to Automation Network a firewall supporting NAPT (in case of DMZ, see section “List of abbreviations”) or supporting the “Ghost-Mode” is required. Siemens offers many types of Firewalls for fulfilling these requirements.
① Corporate / Office Network with route to the internet or direct internet access, e.g. via a DSL modem
② Production / Machine Network
“Ghost-Mode”, also known as “Transparent Mode”, is used to protect individual, event alternating, devices by dynamically taking over the IP address.
Firewall/Proxy rules for MindConnect Nano¶
MindConnect Nano require open HTTPS and DNS ports for communication with MindSphere. You can open port 443 to enable this.
To communicate agent only, you will only need the
For region eu2, please add the following port exception to enable the online firmware download:
Any questions left?
Except where otherwise noted, content on this site is licensed under the MindSphere Development License Agreement.