Siemens SiPass integrated User manual
Access Control
SiPass integrated
Controller and Device Installation Guide
MP 2.80
A6V11164550
Smart Infrastructure
07.09.2020
Copyright
2 | 38
A6V11164550
Copyright
Technical specifications and availability subject to change without notice.
We reserve all rights in this document and in the subject thereof. By acceptance of
the document the recipient acknowledges these rights and undertakes not to
publish the document nor the subject thereof in full or in part, nor to make them
available to any third party without our prior express written authorization, nor to
use it for any purpose other than for which it was delivered to him.
Edition: 07.09.2020
Document ID: A6V11164550
© Siemens Switzerland Ltd, 2020
Firmware Configuration Tools
ACC USB Client Application
1
A6V11164550
3 | 38
Table of Contents
1 Firmware Configuration Tools ..................................................................... 5
1.1 ACC USB Client Application ...........................................................................5
1.1.1 Installing the USB RNDIS Driver .....................................................5
1.1.2 Configuring the ACC USB Client Application ..................................6
1.2 ACC and FLN Field Service Network Tool......................................................7
1.2.1 Installation........................................................................................7
1.2.2 Downloading Firmware for Device...................................................7
1.2.3 Network Discovery for Access Controllers ......................................8
1.2.4 Enhanced FLN Communication.......................................................9
1.3 Built-in ACC Tools .........................................................................................10
1.3.1 User Security for ACC Console .....................................................10
1.3.2 User Security for ACC-Lite LCD / Keypad Menu...........................10
2 Access Controllers.................................................................................... 11
2.1 Common Firmware Update Procedure .........................................................11
2.1.1 Updating Controller Application via Firmware Download ..............11
2.1.2 Updating Controller Platform via Firmware Download...................12
2.2 AC5102 (ACC-G2) ........................................................................................14
2.2.1 Configuring the AC5102 Controller using
USB Client Application...................................................................14
2.2.2 Network Discovery of AC5102.......................................................14
2.2.3 Configuring the AC5102 Port Mapper ...........................................14
2.2.4 RS232 mode on FLN 2 and FLN 3 ................................................15
2.2.5 Restoring Default Network and Password Settings.......................15
2.2.6 Recovering a Non-responsive Board.............................................16
2.2.7 ACC-G2 Firmware Update Procedures .........................................16
2.2.8 Restoring/Updating Platform via SD Card .....................................16
2.2.8.1 Preparing the SD Card ...................................................16
2.2.8.2 SD-Card Upgrade Procedure .........................................17
2.2.8.3 SD Card Update Troubleshooting ..................................18
2.2.9 Network Security............................................................................18
2.3 ACC-AP.........................................................................................................19
2.3.1 General Information .......................................................................19
2.3.2 Configuring the ACC-AP Controller ...............................................19
2.3.3 Onboard Door (DRIe) Interfaces....................................................20
2.3.3.1 Dual OSDP Reader Door Configuration.........................20
2.3.3.2 2 Single OSDP Reader Doors Configuration .................20
2.3.3.3 OSDP Reader Turnstile,
Single Door Contact Configuration.................................21
2.3.3.4 OSDP Reader Turnstile, Dual Door Contact
Configuration..................................................................................21
2.3.3.5 Dual Wiegand Reader Door Configuration.....................22
2.3.3.6 2 Single Wiegand Reader Doors Configuration .............22
2.3.3.7 Wiegand Reader Turnstile,
Single Door Contact Configuration.................................23
Firmware Configuration Tools
ACC USB Client Application
1
4 | 38
A6V11164550
2.3.3.8 Wiegand Reader Turnstile,
Dual Door Contact Configuration....................................23
2.3.4 Extension Interfaces ......................................................................24
2.3.4.1 Extension Option ............................................................24
2.3.4.2 Aperio Wireless Doors Extension Option .......................24
2.3.5 Power Monitoring Limits.................................................................24
2.3.6 Factory Reset Button .....................................................................24
2.3.7 Restoring/Updating Platform via SD Card .....................................25
2.3.7.1 Preparing the SD Card ...................................................25
2.3.7.2 Updating the AP Controller with Micro SD Card ............25
2.3.8 Platform Upgrade via Firmware Download ....................................26
2.3.9 LED Indications..............................................................................26
2.3.9.1 During SD Card Update..................................................26
2.3.9.2 During ACC-Application (Run-Time) ..............................26
2.4 4101-3 (ACC-Granta)....................................................................................27
2.4.1 Configuring using USB Client Application......................................27
2.4.2 Network Discovery .........................................................................27
2.4.3 Restoring Default Network and Password Settings.......................27
2.4.4 Recovering a Non-responsive Board.............................................28
2.4.5 Network Security............................................................................29
2.5 AC5100 (ACC-G1) ........................................................................................30
2.5.1 Restoring Default Network and Password Settings.......................30
2.6 AC5200 (ACC-Lite) .......................................................................................31
2.6.1 Restoring Default Network, Password and PIN Settings...............31
3 FLN Devices and Readers.........................................................................32
3.1 ADD5100 Dual Reader Interface (DRI).........................................................32
3.2 ADE5300 Eight Reader Interface (ERI) ........................................................32
3.3 ADS5200, ADS5210 Single Reader Interface (SRI) .....................................32
3.4 AFI5100 (IPM) ...............................................................................................32
3.5 AFO5100 (OPM) ...........................................................................................32
3.6 AFO5200 (8IO)..............................................................................................32
3.7 ATI5100 (IAT)................................................................................................32
3.8 OSDP Reader Devices..................................................................................32
3.9 ARxxx-MF / VRxxx-MF Reader.....................................................................33
3.9.1 RIM Settings ..................................................................................33
3.9.2 Required Settings for Reading the UID Number
of a MIFARE Card..........................................................................33
3.10 Wiegand Reader on ACC-AP........................................................................34
3.11 Multi-Function Interface (MFI) .......................................................................35
3.12 Aperio Wireless Lock Technology .................................................................36
3.12.1 SiPass Card Technologies in Aperio Locks...................................36
3.12.2 Connecting Aperio Hub with ACC-AP............................................37
3.13 Help and Documentation...............................................................................37
Firmware Configuration Tools
ACC USB Client Application
1
A6V11164550
5 | 38
1Firmware Configuration Tools
1.1 ACC USB Client Application
The network settings of the ACC Controllers can be configured using a Windows
application, and an appropriate USB cable. This configuration needs the USB
RNDIS driver (an Ethernet-over-USB driver) to be installed.
The pre-requisites required for this configuration are listed below.
Prerequisites
●Relevant ACC Controller
●Host PC with a spare USB port (running the Windows Operating System)
●USB A-B Cable
●
AccG2UsbClient
application for the Windows host (available under Tools\ACC-
G2_USB_Tool\ in SiPass integrated installation bundle)
●USB RNDIS driver (available under Tools\ACC-G2_USB_Tool\RNDIS_Driver\
in SiPass integrated installation bundle)
1.1.1 Installing the USB RNDIS Driver
Ensure that the power for the ACC controller unit is connected and ON.
1. Insert the B plug end of the A-B USB cable into the USB PC port of the ACC
unit.
2. Insert the A plug end of the A-B USB cable into the USB port of the host PC. If
the USB RNDIS driver is not available on the host PC already, it will prompt
you to install the same. You can choose to install the USB RNDIS driver either
from an Installation CD (if available), or from a specific location.
If you wish to install the driver from a specific location, follow the instructions
provided below.
1. A
Found New Hardware Wizard
dialog will pop-up prompting the user to install
the USB RNDIS driver if it has not been previously installed on the host PC.
2. Select the No, not this time option, and click the Next button.
3. Select the Install from a list, or specific location (Advanced) option.
4. Click Next.
5. Select the Search for the best driver in these locations option.
6. On the same dialog, tick the Include this location in the search: checkbox, and
click the Browse button.
7. Navigate to the location of the driver, and click OK.
8. Click Next.
The wizard will now proceed to install the software.
◈When the installation is complete, click Finish.
The USB RNDIS Driver should now be installed on the host PC.
Firmware Configuration Tools
ACC USB Client Application
1
6 | 38
A6V11164550
1.1.2 Configuring the ACC USB Client Application
First time that the ACC is plugged in via the USB-B port, it may take a minute or
two to configure the USB to Ethernet interface. This is normal, and the delay
should not occur again.
1. Run the ACC USB client application.
The
ACC USB Client Login
dialog is displayed.
2. Enter the default user name and password to start the Telnet session for
configuring the ACC network parameters.
If you are using MP2.70 (or later) version of the ACC and the default (or
weak) password is set, you will be prompted to enter a new password
before configuring the network settings.
If you are using MP2.70 SP1 (or later) version, when you change the
SIEMENS user password, the password for the “root” user for a SSH
connection will also be changed to the same password that was set for the
SIEMENS user.
3. Set the following parameters for the ACC in
Network Settings
section:
–Ethernet IP address
–Subnet mask
–Gateway IP address
–Host IP address
–Port
4. Click Apply
Firmware Configuration Tools
ACC and FLN Field Service Network Tool
1
A6V11164550
7 | 38
1.2 ACC and FLN Field Service Network Tool
For devices in an access control and security system to function as intended, they
must be programmed with the correct instruction set, or “firmware”. It is also
important to test your selected settings on a device before the device goes live.
The ACC and FLN Field Service Tool has been designed to assist in the
installation of Field Level Network devices for use with the SiPass integrated
Access Control and Security System. This includes:
●Dual Reader Interfaces (DRI)
●Single Reader Interfaces (SRI)
●Eight Reader Interface (ERI)
●Output Point Modules (OPM)
●Input Point Modules (IPM)
●Eight Input Output Module (8IO)
●Intrusion Arming Terminals (IAT-010)
The ACC and FLN Service Tool can also assist in discovering Access Controllers
in the local Ethernet segment, and configuring the network parameters of these
discovered controllers.
The Field Service Tool is designed to help you perform these tasks.
1.2.1 Installation
Run
setup.exe
(available under Tools\ACC and FLN Field Service Tool\Setup Disk\
in SiPass integrated Installation bundle) to install this tool.
1.2.2 Downloading Firmware for Device
Devices can be connected to a COM Port on a PC running the Field Service Tool
via a RS232 –RS485 Bus converter.
The process to download firmware and test devices is as follows:
1. Configure the FLN Bus.
2. Select an image file for download.
3. Detect all devices on the FLN Bus.
4. Download firmware to a device.
5. Configure the device.
Firmware Configuration Tools
ACC and FLN Field Service Network Tool
1
8 | 38
A6V11164550
1.2.3 Network Discovery for Access Controllers
It is possible to configure Access Controllers via Ethernet, without prior
configuration of any settings.
The ACC and FLN Field Service Tool uses UDP Broadcasts to identify ACC
controllers that have their Quickstart feature enabled. Once identified, the network
parameters can be configured such that the controller can now connect to the
SiPass server.
CAVEAT ! This can only work in the local Ethernet segment as UDP Broadcasts
cannot cross routers.
Make sure that the SiPass server is running before using the Network Discovery
tool.
Make sure Ethernet cable is plugged in, and the PC/laptop is on the same physical
Ether network as the ACCs that are to be discovered.
Click the Network Search button –a list of not yet configured ACCs should appear.
Select one unit, and examine its network settings.
If the tool is being run from the SiPass server, select the correct network interface
and then use the Copy As Host, Copy Subnet and Copy Gateway settings.
If the tool is just being run from a laptop, configure the host network settings in the
Default Controller Network Configuration
pane.
Choose a unique IP address for the controller (consult with your IT if required).
Finally, click the Download Configuration button, and the controller is configured.
See below for an example screen shot showing a range of controllers, including
one ACC-G2 being configured to operate on the local network.
Note: the IP addresses are for example only, be sure to use values applicable to
your network.
Firmware Configuration Tools
ACC and FLN Field Service Network Tool
1
A6V11164550
9 | 38
1.2.4 Enhanced FLN Communication
With SiPass integrated MP 2.70 SP1 onwards, the standard communication of
firmware uses added security measures. You can add a device with Legacy
Firmware to an existing FLN bus that contains devices with the new Standard
Communication.
Special case when ACC is running MP 2.70 SP1 and FLN Devices are on MP 2.70
●When you add a device with Legacy Firmware to an existing FLN bus that
contains devices with the new Standard Communication:
–Discovering this device with the
FLN Configuration Tool
will show the
device but it will be reported as Offline.
–Latest Firmware can still be downloaded to this device after which,
selecting Refresh Display will show the device as online in the
FLN
Configuration Tool
.
–When this device is saved to the database using the Save New Device
button, the device will be reported as using the new Standard
Communication.
●If you do not upgrade the Legacy Firmware of this new device:
–The device can be saved to the database using the Save New Device
button. In this case, all devices on the same bus (including the ones with
new Standard Communication) will drop to Legacy Communication.
–When the Firmware of the Legacy Device is upgraded to the new
Firmware, all devices will automatically start using the new Standard
Communication.
Firmware Configuration Tools
Built-in ACC Tools
1
10 | 38
A6V11164550
1.3 Built-in ACC Tools
The Core parameters such as network settings can also be configured using ACC
Console which is available for all Access Controller types, and accessible via
Telnet session to controller IP address.
In addition to this, ACC-Lite controller offers configuration via LCD / Keypad menu
interface.
1.3.1 User Security for ACC Console
These additional security measures have been introduced in ACC version 2.70.x
After the first login to the ACC Console with the default password, you will be
asked to change the password for security purpose. The password must be secure
with at least one of upper and lower case characters, digits, and one or more
special character, e.g. *&#$. Record this new password in a secure place after
setting.
If you changed the password and then install an earlier version of the ACC
firmware, the ACC will revert back to the password set before MP2.70 was
installed. (If you still had the default password when the MP2.70 version of ACC
was installed, and then the MP2.65 version of the ACC is installed, you must logon
on with the default password, not the password entered during MP2.70 version
installation).
If you then re-install the MP2.70 build, the new password that was set when
MP2.70 was first installed, will still be valid.
This also applies to login via the ACC-G2 standalone USB configuration tool.
1.3.2 User Security for ACC-Lite LCD / Keypad Menu
These additional security measures were introduced in ACC version 2.70.x
The default PIN is '1111'.
If you upgrade from an earlier version of ACC-Lite to the MP2.70 version, the first
time you open the keypad and login with the default PIN, you will be asked to Set a
new PIN for security purposes. The PIN must be secure and not just a simple
sequence of numbers such as 1111, 1234, 4321 or similar. The PIN length must be
4-10 digits. Record this new PIN in a secure place after setting it.
If you change the ACC-Lite PIN and forget, it can be changed with an ACC telnet
Console command. If both PIN and Telnet passwords are lost, then the device
must be returned to the manufacturer or Siemens.
If you changed the PIN using SiPass integrated MP2.7, install an earlier version of
the ACC-Lite firmware, then again re-install MP2.7, you must logon with the PIN
that was previously set (because the PIN has already been changed using the
MP2.7 build, setting a new PIN is not required again).
Access Controllers
Common Firmware Update Procedure
2
A6V11164550
11 | 38
2Access Controllers
2.1 Common Firmware Update Procedure
This procedure applies for both ACC-G2 and ACC-AP controllers.
Controller firmware releases include three types of firmware images:
1. Firmware Application Image
For example,
acc-g2-ccp2_2.76.25_release.bin
is ACC-G2 application version
2.76.25.
2. FirmwarePlatform (downloadable) Image
For example,
accg2-platform_ccp2.17.5_update_acc2.76.25.bin
contains a
complete ACC-G2 platform version 2.17.5 with ACC-G2 application version
2.76.25
3. Firmware Platform SD-Card Image
For example,
accg2-platform_ccp2.17.5_sdcard.wic.gz
contains a complete
ACC-G2 platform version 2.17.5 with ACC-G2 application version 2.76.25
Release folder is structured as follows:
Product Type (ACC-AP or ACC-G2)
●ACC application image is stored at this level.
●
SD_Card
: This folder includes the SD-Card platform image.
●
System_Update
: This folder includes the step by step downloadable images for
each supported upgrade path.
–From_Platform_v1
- Step1
…
- Step N
–From_Platform_vX
- Step
…
- Step M
2.1.1 Updating Controller Application via Firmware Download
Note: Current version of the controller’s platform and application are shown in the
Initialize System
dialog of SiPass integrated
If the controller is already running the latest platform version, update by using the
Image Download option in the
Initialize System
dialog of SiPass integrated to
download the firmware application image.
●Subject to the network load, download is expected to take a few minutes.
●During installation, the ACC application is expected to restart.
●Downtime depends on the database size and fragmentation (can take a few
seconds to few minutes)
Access Controllers
Common Firmware Update Procedure
2
12 | 38
A6V11164550
2.1.2 Updating Controller Platform via Firmware Download
Note: Current version of the controller’s platform and application are shown in the
Initialize System
dialog of SiPass integrated.
●In case it is required to control the timing of the downtime caused by the
platform installation process, automatic platform update can be disabled by
sending the following command via the ACC console:
platform autoUpgrade 0
–An audit trail message will be displayed to indicate that Auto-Upgrade has
been disabled.
Note: If the ACC is reset before platform image has been completely
downloaded to the ACC, the Auto-Upgrade feature will be enabled again.
–To re-enable automatic update, use the command:
platform autoUpgrade 1
●Make a note of current platform major version.
–For example, 2.17.5 means that the major version is 2.
●In the Firmware Release, locate the folder named
<Controller
Type>\System_Update\From_Platform_v<Major Version>
.
–For example,
ACC-G2\System_Update\From_Platform_v2
●Download images one by one by following the order of
StepX
sub-folders. If the
StepX
sub-folders do not exist, it means only single image must be
downloaded.
Note: Multiple download steps are required to ensure that the controller is
running the latest application capable of receiving and installing the platform
update image.
–Use the Image Download option in the
Initialize System
dialog of SiPass
integrated to download firmware image(s).
●In case automatic platform update was disabled:
–When platform image download is completed, the Audit Trail will display the
message -
“Manually initiate ACC-Platform upgrade”
.
●Installation of the downloaded platform should be launched manually by
sending the following command via the ACC console:
platform initUpgrade
Access Controllers
Common Firmware Update Procedure
2
A6V11164550
13 | 38
More about Platform Update:
●Platform image is a large file that contains complete Operating System
distribution and it will take at least 30 minutes to download to the ACC.
However, the ACC will remain fully operational during the download phase.
●After ACC Platform image has been successfully written to the flash memory,
the “
Download succeeded. ACC flash programming OK
” message will be
displayed in the audit trail.
●If auto update is enabled, the "
Upgrade of ACC Platform has been initiated.
ACC will reset after completion!
" message will be displayed in the audit trail,
and the ACC will restart to initiate the platform upgrade.
●During platform installation, the controller is expected to reboot at least twice.
Database configuration and system settings will be kept. Overall downtime is
expected to be between 1 and 10 minutes, depending on the size and
fragmentation of database.
●Recovery from unsuccessful System Update: If System Update fails or ACC
Application fails to start after System Update, the system will automatically
revert to the previous state.
●Recovery from corrupted database: If ACC Application fails while loading the
database, the database will be deleted and initialization from SiPass integrated
will be required.
Access Controllers
AC5102 (ACC-G2)
2
14 | 38
A6V11164550
2.2 AC5102 (ACC-G2)
See the
AC5102 Hardware Technical Manual
in the SiPass integrated
software bundle.
2.2.1 Configuring the AC5102 Controller using
USB Client Application
See section ACC-G2 USB Client Application for more details.
2.2.2 Network Discovery of AC5102
See section ACC and FLN Field Service Network Tool for details.
2.2.3 Configuring the AC5102 Port Mapper
Port Mapper is needed when configuring an AC5102 with SiPass MP2.5 or earlier.
If you are using MP2.6, be sure that the AC5102 Port Mapper has been disabled
with the console command “
portmap default
” followed by a “
reboot
” or a “
portmap
restart
” command.
The primary purpose of the Port Mapper is to redirect a logical port, like the IS port
or a FLN –to a different physical port. This is needed specifically when replacing
an ACC and the IS ports is being used for connection to a Gateway service, like a
Sintony panel, a Securitel Alarm dialler, or is being used to connect to a HLI (High
level Lift Interface).
It is also possible to redirect logical FLN ports to different physical ports, e.g. FLN
3b (which does not exist on the AC5102). This is not normally needed since SiPass
allows renumbering a FLN (it will work after an initialise).
To modify the port mapping: telnet to the controller, or use the USB Config tool.
Login as user SIEMENS.
Type the following:
portmap
- the output should look as follows:
1. FLN1 = 1
2. FLN2 = 2
3. FLN3 = 3
4. FLN4 = 4
5. FLN5 = 5
6. IS = 6
- Note that the first digit on each line is the line number.
To swap the IS port and FLN 2, such that the logical IS port is connected to the
FLN 2 physical port and the logical FLN2 is routed to port 6, type the following:
portmap replace 6 IS = 2 portmap replace 2 FLN2 = 6
- Type portmap again to list the changes:
1. FLN1 = 1
2. FLN2 = 6
3. FLN3 = 3
4. FLN4 = 4
5. FLN5 = 5
6. IS = 2
And finally, apply the changes by rebooting the application:
reboot
Access Controllers
AC5102 (ACC-G2)
2
A6V11164550
15 | 38
2.2.4 RS232 mode on FLN 2 and FLN 3
Using FLN 2 or FLN 3 in RS232 mode (for Securitel or Sintony integration) requires
that the EOL jumpers be set to OFF. This entails powering down the ACC-G2,
removing the FLN expansion module and then setting all the jumpers for the
appropriate ports to OFF.
A torx screwdriver bit of size T10 is required to remove the FLN expansion module.
A magnifying glass and a small screwdriver are useful for setting the EOL dip
switches.
See the
AC5102 Technical Manual
in the SiPass integrated software bundle for
more information.
Note: Disregard connections for FLN 2 & 3 shown in Section “Bus Termination of
the FLNs” in
AC5102 Technical Manual
and follow as shown in the table below:
FLN2
FLN3
X600, X601
Each dip switch consists of two switches
X602, X603
Each dip switch consists of two switches
2.2.5 Restoring Default Network and Password Settings
The X992 jumper is near the battery for the Real Time Clock (RTC).
Short the pins of X992 for 3 seconds (using a jumper), until the orange ERROR led
is blinking quickly. Remove the short, and wait about 10 seconds for application to
restart and reset the network settings.
The default network settings are:
IP Address : 192.168.251.1
Subnet Mask : 255.255.255.0
Default Login Credentials: SIEMENS/spirit
All other settings are zeroed, including the SiPass host address and modem
configuration is disabled. The Telnet server is re-enabled.
Use either Telnet, the USB Client Application or the Network Configurator tool to
restore the network settings.
Access Controllers
AC5102 (ACC-G2)
2
16 | 38
A6V11164550
2.2.6 Recovering a Non-responsive Board
See section Restoring/Updating Platform via SD Card [➙ 16] for details.
2.2.7 ACC-G2 Firmware Update Procedures
See section Common Firmware Update Procedure [➙ 11] for details.
2.2.8 Restoring/Updating Platform via SD Card
2.2.8.1 Preparing the SD Card
Before you begin, prepare the SD Card by following the steps below:
1. Insert the SD card into the computer (512MB minimum - 2 GB maximum,
512MB recommended for compatibility with older ACC revisions).
2. Find compressed
.gz
image in
SD_Card
folder. Unzip to extract the
.wic
file.
3. Use
Win32DiskImager
(in
Tools\ACC-G2 SD-Card Creator Tool
folder) to write
the
~.wic
file to the SD Card.
Win32DiskImager
defaults to open a file of extension type
*.img
, so select
*.*
,
browse to the location of the SD card image file and load it, then click the Write
button.
Note: Win32DiskImager must be installed on your computer, not on the SD card.
Access Controllers
AC5102 (ACC-G2)
2
A6V11164550
17 | 38
2.2.8.2 SD-Card Upgrade Procedure
Note: In case of SD Card update, the database configuration and system settings
will be lost.
To perform the SD-Card upgrade, the following steps should be taken -:
1. Having written the SD Card, power down the ACC-G2 and insert the SD Card
into the ACC SD-Card slot –removing the dust cover insert first, if fitted.
2. Fit the X120 jumper, which tells the boot loader to boot from the SD Card.
1. Power up the ACC.
2. Wait for it to program –the LEDs will stop blinking after about 30 seconds,
which indicates that programming has completed. If the ACC-G2 was
manufactured before the year 2012, you might need to press the reset switch
between the CPU and Ethernet connector to initiate the upgrade.
3. Power down the ACC-G2 and remove the SD Card and Jumper.
4. Power up the ACC-G2 and check if the new CCP2 platform has been installed.
5. If the ACC-G2 has not been upgraded, repeat the SD-Card Upgrade
Procedure. This may be necessary as some versions of the ACC-G2 have a
single-boot UBOOT installed in them, which requires the SD-Card Upgrade
Procedure to be performed twice for the upgrade to take effect.
Note: Doing an SD Card upgrade will also set the network parameters to the
following default values:
IP Address
192.168.251.1
Subnet Mask
255.255.255.0
Ethernet Gateway Address
0.0.0.0
Host IP Address
0.0.0.0 : 4343
Access Controllers
AC5102 (ACC-G2)
2
18 | 38
A6V11164550
2.2.8.3 SD Card Update Troubleshooting
For SD Card Updates, the ACC-G2 only supports non-HC type SD Cards. This
means SD Cards in the range of 512MB to 2GB only can be used.
1. There is an issue with using 1GB and 2GB SD Cards on the older ACCs with
the 32kB EEPROM - when loaded with a CCP2 update image, the cards are
not recognized by RomBOOT. The 1GB and 2GB SD Cards are only
recognized on the newer ACCs with the SPI Data Flash fitted. Both ACC
variants recognized 1GB and 2GB cards with update images for the CCP1
platform.
2. Also, the SD Cards with CCP2 Update images needed to be run twice in order
to actually perform the update on the older ACCs if they are currently running
an older CCP1 platform build. On the first instance they just booted the existing
CCP1 image - press the RESET button or power up again for the update to
take effect.
2.2.9 Network Security
The ACC-G2 uses Linux as an operating system, which provides both an
increased level of security and reliability, but also requires some extra care in
security.
Summary: disable both SSH and telnet for maximum security, and set a root
password.
SSH
A SSH server is by default running on the ACC-G2. This allows for access to the
linux shell console for maintenance purposes and trouble shooting, but in normal
operation should be disabled so that it is not bound to the Ethernet interface, but
instead restricted to just the local USB Ethernet interface.
Note: After the upgrade to CCP2 Platform, SSH access is no longer available for
end user.
Disable external access to the SSH server with the console command:
“ set ssh usb “
SSH access can be enabled with the console command:
“ set ssh all “
The TCP port number that the SSH server listens on us 10022. This can be
changed with the console command:
“set ssh port xyz “
Where xyz is a valid and unique TCP port number.
The standard port number for SSH is port 22, but many network probing tools
attack port 22 by default.
Root Password
The username for gaining access to the linux shell is “root”, the password is the
default root password –“spirit”.
The root password can be changed within the application via telnet, using the
command:
“ set rootpassword Large_String “
where Large_String should be long phrase that meets the requirements for a
strong password. Use double quotes if the string contains spaces, but don’t use
double quotes when entering the password via SSH login.
Telnet
The ACC-G2 still offers a simple telnet server for allowing user access to the
application. Telnet is not encrypted, so any password used to gain access to the
ACC-G2 can be “seen” on the network.
We recommend that telnet should be disabled from SiPass after the initial setup of
the ACC-G2.
Access Controllers
ACC-AP
2
A6V11164550
19 | 38
2.3 ACC-AP
2.3.1 General Information
The IP-based AP door controller offers the latest technology, better cost-
effectiveness, and easy installation.
It supports:
●2 OSDP Readers: Controller for one or 2 doors (depending on configuration)
●4 Monitored or Unmonitored Inputs
●2 Relay Outputs
●4 Open-collector Outputs
●1 general-purpose FLN bus to connect to IPM, OPM, 8IO devices and Aperio®
AH30
●Capacity for 500,000 cards
●Maximum 5 cards per user
●Large offline event buffer with up to 200,000 events
●Anti-passback
●Linux O/S
Note: Only Input/Output devices and IAT are supported on the FLN Bus. No RIM
device support available.
The onboard Dual Reader Interface (DRIe) on the ACC-AP can be programmed to
function as any one of the door sets (Dual Reader, Two Single Readers, Dual
Reader Turnstile Contact, Single Reader Turnstile Contact) at one time.
2.3.2 Configuring the ACC-AP Controller
See section ACC-G2 USB Client Application for more details.
Access Controllers
ACC-AP
2
20 | 38
A6V11164550
2.3.3 Onboard Door (DRIe) Interfaces
NOTICE
IMPORTANT
Before connecting the Wiegand readers to the ACC AP DRIe, the End of Line
(EOL) jumper for the readers MUST BE DISABLED.
If the EOL jumpers are On (default setting), the Wiegand reader will not work.
2.3.3.1 Dual OSDP Reader Door Configuration
Label on AP Controller
SiPass Point Function
IN 1
REX
IN 2
D/C
IN 3
In 1
In case of ACC-APM 12V/24V PSU Kit, the pre-wiring is
already done for power monitoring.
IN 4
In 2
In case of ACC-APM 12V/24V PSU Kit, the pre-wiring is
already done for cabinet tamper.
RLY 1
Door 1 LK
RLY 2
Out 1
OUT 1
Door 1 AUX
OUT 2
Out 2
OUT 3
Out 3
OUT 4
Out 4
READER 1
Port for connecting both OSDP Readers
READER 2
NOT USED
2.3.3.2 2 Single OSDP Reader Doors Configuration
Label on AP Controller
SiPass Point Function
IN 1
Door 1 REX
IN 2
Door 1 D/C
IN 3
Door 2 REX
IN 4
Door 2 D/C
RLY 1
Door 1 LK
RLY 2
Door 2 LK
OUT 1
Door 1 AUX
OUT 2
Door 2 AUX
OUT 3
Out 3
OUT 4
Out 4
READER 1
Port for connecting both OSDP Readers
READER 2
NOT USED
ACC-APM can be used for this door mode if IN3 and IN4 are not used for power
monitoring and cabinet tamper.
Other manuals for SiPass integrated
1
Table of contents
Other Siemens IP Access Controllers manuals
