Siemens CPU1215C Remote Control Setup & Configuration Guide

Understanding the CPU1215C Communication Capabilities

The CPU1215C features an integrated PROFINET interface with RJ45 connector, supporting TCP/IP, ISO-on-TCP, and UDP protocols. It also has two additional communication modules slots for RS485/RS232 or additional Ethernet ports. This built-in Ethernet port is the primary gateway for remote connectivity. The PLC can be programmed and monitored via Siemens TIA Portal, and with proper configuration, it can communicate with remote HMIs, SCADA systems, or cloud platforms.

Method 1: VPN-Based Remote Access

A Virtual Private Network (VPN) creates a secure tunnel between the remote user and the local network where the CPU1215C resides. This is the most secure method because it encrypts all traffic and makes the PLC appear as if it’s on the local network.

Using a VPN Router

Install a VPN-capable router (e.g., Siemens SCALANCE M876, eWON Cosy, or industrial OpenVPN routers) at the machine site. Configure the router to connect to a central VPN server or use a cloud-based VPN service. The remote engineer runs VPN client software on their PC to establish a connection. Once connected, they can access the CPU1215C using its local IP address via TIA Portal or any SCADA software.

Method 2: Cellular Routers with Cloud Services

For machines in remote locations without fixed internet, a 4G/LTE cellular router provides connectivity. Many industrial cellular routers come with integrated cloud platforms that simplify remote access without complex VPN setup.

Devices like the Siemens M876-4 or third-party options (e.g., Digi WR series) connect to a cloud server. The user logs into a web portal, and the cloud service brokers a secure connection to the router and its connected devices. This method often includes features like data logging, alarm notifications, and multi-user access control.

Method 3: Remote Desktop or Jump Server

A less direct but simple method is to have a local PC connected to the CPU1215C network, and then remotely control that PC using Windows Remote Desktop, VNC, or team viewer. This approach is suitable for occasional maintenance but may introduce latency and security risks if not properly secured.

Configuring the CPU1215C for Remote Connections

Regardless of the remote access method, the PLC itself needs proper network settings. In TIA Portal, under Device Configuration, set the IP address, subnet mask, and default gateway. Ensure the gateway matches the router’s LAN IP. Enable PUT/GET communication if needed for third-party HMIs or SCADA systems. For enhanced security, disable unused protocols and set up access passwords.

Security Best Practices

Remote access exposes industrial control systems to cyber threats. Always implement these measures:

• Use strong, unique passwords for PLC and network devices.
• Enable firewall rules to restrict access to only necessary IP addresses and ports.
• Keep firmware and software updated.
• Use encrypted protocols (HTTPS, VPN) for all remote sessions.
• Consider network segmentation to isolate the control network from the corporate network.

Troubleshooting Common Issues

If you cannot connect remotely, check the following:

• Verify the PLC’s IP configuration and that the gateway is correct.
• Ensure the VPN tunnel is established and the remote PC can ping the PLC.
• Check firewall settings on the router and any intermediate networks.
• In TIA Portal, confirm that the PG/PC interface is set to the correct network adapter.

Remote control of a CPU1215C is achievable through various methods, each with its own advantages. VPN solutions offer high security, while cloud-based cellular routers provide ease of use and additional features. By carefully planning the network architecture and following security guidelines, you can safely monitor and program your PLC from anywhere in the world.