Separate Mode

A network configured to separate mode allows two sub-nets to access the gateway via separate ports and utilizes the native firewall. In this setup, a local network of home devices remains isolated from devices with lower levels of protection located on an internet connected WAN network.

Single Mode

A network configured to single mode directs all gateway traffic along a single pathway via a shared router. In this setup, vulnerable devices would be exposed to incoming attacks from external internet traffic. Because of this, administrators must set up additional security measures such as firewalls to establish protected subnets.

Siemens recommends using the separate network mode for the following reasons:

1. Enhanced security using the native firewall.

2. Security level 2 (SL2 ) compliance.

After you sign in to the F200 device, complete the following instructions:

  1. Select a network connection mode.
  • If you plan to use distributed architecture features, spanning multiple subnets, then you must select separate network mode.
  • If you do not plan to use distributed architecture features and your building controls network is isolated from your internet access and firewall protected, select single network mode.
CAUTION

This selection is not reversible. Verify your building’s network connection mode before making a selection. A configuration reset is required to change this selection, which will result in loss of existing network configuration and project data.

CAUTION
Single network mode and cybersecurity

If you select Single network mode, you are responsible for securing your network with proper protection mechanisms.

  1. To configure alternative IP and proxy settings, click the IP settings tab under the Network tab.
    NOTE: To configure the Subnet mask, define the number of masked bits. See Appendix A for more information.
  1. (Optional) If you need to configure a proxy setting for an alternative WAN IP address, do so by clicking the Network tab, then Proxy.
  1. (Optional) Toggle on the proxy server button. Then type to enter the appropriate values in the spaces provided.
  1. In the Operation tab, copy the activation key. Proceed to the Devices application to complete activating your gateway.

Device cloud connection may appear as offline.

 

Troubleshooting

If your F200 device does not properly register or the Cloud connection state shows disconnected, follow these steps:

  1. Power off the gateway device.
  1. Power on the gateway device.
  1. Press the SVC button one to two times.
  1. Directly connect your PC to the LAN port via 169.254.169.254.
  • The F200 device is now properly registered, and the Cloud connection state shows connected.