1756-EN4TR Module Requirements and Restrictions

IMPORTANT:
To prevent unauthorized security policy deployments, configure the 1756-EN4TR module to be used for
CIP Security
communication in a secure environment.
For other 1756-EN4TR modules in the chassis, such as those used for I/O communication, disable the
CIP Security
configuration.
The following topologies are supported on CIP Security-enabled 1756-EN4TR communication modules:
  • Device Level Ring (DLR) for single fault tolerance
  • Parallel Redundancy Protocol (PRP) for multi-fault tolerance
Understand the following guidelines for the IP addresses of
CIP Security
-enabled 1756-EN4TR modules:
  • Configure static, non-swapping IP addresses.
  • Configure the IP addresses before you deploy the security policy.
  • Do not change IP addresses after you deploy the security policy:
    • If you change IP addresses after you deploy the security policy,
      FactoryTalk® Policy Manager
      software cannot recognize the new addresses and the certificate becomes invalid
    • If you must change IP addresses, first remove the security policy from the module, change the IP addresses, and then redeploy the security policy.
These recommendations are specific to the
CIP Security
-enabled 1756-EN4TR modules that are used for secure remote access to the redundant chassis. Other communication modules in the redundant chassis can have different recommendations and requirements, especially for communication to remote I/O. For more information about network settings, see Configure the EtherNet/IP Network.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal