WBM access and first steps
Each PLCnext Technology controller features a Web-based Management (WBM). In the WBM, you can access static and dynamic controller information and modify certain controller settings. You can call WBM via every Ethernet interface of the controller.
The WBM systems of controllers with PLCnext Technology all have the same structure and are generally described in the following. Device-specific additions and deviations are optional and described in the corresponding device user manual.
Note: Tutorial videos are embedded from the Phoenix Contact Technical Support YouTube channel. With playing an embedded YouTube video in this platform, you accept the YouTube Terms & Conditions.
Even showing the video previews on this page depends on your personal settings in the Cookie consent dialog. To watch YouTube videos, you have to allow cookies for marketing purposes which will remain on your device. The data gained through these cookies will be used by YouTube to provide video suggestions and advertisements based on your browsing habits, and may be made available to other parties.
05m:03s | HDTV 720p | English | English |
05m:05s | HDTV 720p | Deutsch | ‒ |
Establishing a connection to WBM
Initial access: Connecting
To establish a connection to WBM on the device, proceed as follows:
- Connect the device to your PC via one of the devices' Ethernet interfaces (assuming that the https port 443 has not been blocked by a firewall rule).
- Make sure your PC and the device are in the same network.
- Open a web browser on your PC.
- In the address field, enter the URL https://ip.address.of.interface (example: https://192.168.1.10 - see the respective hardware documentation for default values).
Find the default setting for your device in the ... and/or the additional data sheet or manual.
Initial access: TLS certificate
For secure communication, the controller's web server uses a self-signed TLS certificate automatically generated by the controller. Before the controller's web server can be accessed, you must authorize the TLS certificate in your web browser.
Note:
- The controller generates the TLS certificate during the boot phase.
- The certificate uses the IP address of the Ethernet interface with PROFINET controller function.
- The certificate is used for all Ethernet interfaces of the controller.
- Each IP address of the controller must be authorized in the web browser before a PLCnext Engineer HMI application can be accessed via this address and therefore via the corresponding Ethernet interface.
- The certificate is regenerated after the controller is reset to factory settings.
Note: Certificate setting
From firmware 2021.0 LTS
Up to firmware 2020.6, the HTTPS certifcate and its related private key were located as files on the file system of the controller. These files have been replaced by symbolic links. Therefore, when updating the firmware, the existing certificate and key files are moved to /opt/plcnext/Security/IdentityStores/HTTPS-self-signed-Backup/*.* and symbolic links are created at the original location pointing to this backup.
On the WBM Certificate Authentication page you can either select to use an existing IdentityStore or to use self-signed certificates.
When using an existing IdentityStore the symbolic links are changed and refer now to the specified IdentityStore.
When using self-signed certificates a self-signed certificate is generated at /opt/plcnext/Security/IdentityStore/HTTPS-self-signed/*.* and the symbolic links refer to that IdentityStore.
When creating a self-signed certificate via the Certificate Authentication WBM page, the /opt/plcnext/Security/IdentityStores/HTTPS-self-signed-Backup directory is not modified.
Up to firmware 2020.6
The HTTPS certificate and its related private key are located as files in the following directories of the controller file system:
- /opt/plcnext/Security/Certificates/https/https_cert.pem
- /opt/plcnext/Security/Certificates/https/https_key.pem
You can exchange these files by your own certificate and key.
Initial access: Welcome page
The Welcome page is shown when the web server on the controller is accessed for the first time.
The Welcome page contains links to the following web content:
- WBM on the controller
- PLCnext Community
- PLCnext Technology website
- Enable the Do not show this page in the future and go directly to the WBM checkbox at the bottom.
The next time you access the controller web server, the login page of WBM opens immediately, see Login to WBM.
The Welcome page remains accessible via URL https://IP.address.of.controller/welcome.
Alternatively, you can enter the URL https://IP.address.of.controller/wbm (example: https://192.168.1.10/wbm) in your browser's address field. This way the WBM is displayed immediately but doesn't skip the Welcome page for new users entering just the IP address.
Login to Web-based Management
The WBM login page is displayed when:
- ...you access WBM for the first time.
- ...you have enabled the WBM user authentication function, see User Authentication page.
If you disable user authentication, login is not necessary to access WBM. In this case, the WBM start page is displayed when WBM is accessed.
Initial access as an administrator
When you access WBM for the first time, log in as the administrator.
- Enter the user name admin in the Username input field.
- Enter the administrator password in the Password input field.
The administrator password is printed on the controller. For more detailed information, refer to the user manual for your controller. - To open WBM, click on the button.
The WBM start page opens.
Recommended:
- Only use the administrator password for initial login.
- Once you have logged in successfully, change the administrator password to prevent unauthorized administrator access (Setting a password).
admin
and the administrator password printed on the controller.The password printed on the controller is valid again after resetting the controller to default settings. For information on how to perform the reset, refer to the manual for your controller.
Logging in as a user
If WBM user authentication is enabled, log in using your user credentials.
- Enter your user name in the Username input field.
- Enter your password in the Password input field. The password can be obscured (not displayed as plain text).
- To open WBM, click on the Login button.
The WBM start page opens.
Password expiration notification
Available from 2022.6
When the user password is about to expire, the following note is displayed in the header after logging into the WBM:
For further information on how to set an expiration date for a password, refer to Password Policy.
Session timeout notification
Available from 2022.6
Two minutes before the current WBM session expires, a corresponding note is displayed in the header.
- If you want to extend the current session, click the button.
For further information on how to set the maximum session time, refer to Session Configuration.
Start page – areas and functions
Changing the language
1 You can change the language for the WBM user interface in the top left of the web browser window.
- Click the Deutsch or English link to change the language.
WBM then immediately switches to the desired language.
Help menu
Available from 2021.0 LTS
2 From firmware version 2021.0 LTS on, the header of the WBM has the menu item Help.
The Help menu contains links to Phoenix Contact PSIRT, further information, support, etc.
Security state
Available from 2022.0 LTS
3 In the head section, the security state is displayed by these markers:
Security Profile activation state
If the controller is used in a security context according to IEC 62443, a Security Profile may be active or prepared to be activated. Then the activation state is displayed in the header of each WBM page. Otherwise, this section is empty.
See Security Profile WBM topic for more information.
Integrity Check outcome
If a Security Profile is active, the boot-up Integrity Check outcome is in the header of each WBM page. Otherwise this field in the section is empty.
Navigation panel
4 The WBM is split into the following main areas:
- Information: General device information, current Ethernet configuration
- Diagnostics: PROFINET, Local Bus (Axioline, Interbus (Inline))
- Configuration: Proficloud, PROFIsafe®
- Security: User authentication, certificate authentication and firewall
- Administration: Firmware update of the non-safety-related device firmware, license and app management, PLCnext Apps
To show all pages in a main area click on at its name.
Tip of the day
5 From firmware version 2021.0 LTS the start page of the WBM contains the section Tip of the day. In this area helpful messages and hints are displayed.
Licensing information on open source software
6 PLCnext Technology controllers work with a Linux operating system. All license information can be called up via the Legal Information link on every page of WBM:
- Click on the Legal Information link on the bottom left of each WBM page.
Licenses for all of the open source software used are shown.