It is possible to access inputs, outputs, flags and enabled DBs with QuickHMI. Access to an S7-1200, 1500 or ET200 controller is deactivated by default. You must carry out the following steps to enable access to the controller:

If you use absolute addressing (Put/Get) for access, you can only access non-optimized blocks. If you use symbolic addressing, however, you can access non-optimized and optimized areas.

Prerequisites for put/get access

Access to an S7-1200- 1500- or ET200 is deactivated by default. To activate it, you must carry out the following steps:

Up to firmware version 3.0 (S7-1500 and ET200) or 4.6 (S7-1200)

  1. Allow the general access. Activate in the property settings section protection the option 'Connection mechanism - Allow access PUT/GET communication from remote partner.
  2. Enable access to your DBs. Go to DB properties and deactivate 'optimized access'.
  3. Load to PLC, done!
    If the changes don't have any effect, use 'extended download to device' to load to PLC.

Firmware version 3.1 (S7-1500 and ET200) or 4.7 (S7-1200) and higher:

  1. Go to “Security settings” in the project navigation.
  2. Double-click on “Users and roles”.
  3. Select the “Roles” tab.
  4. Create a new role and assign a name, for example “HMI_Access”.
  5. Open the “Runtime rights” tab.
  6. Select the corresponding PLC from the “Functional rights categories”.
  7. Activate the “HMI access” access level in the “Function rights”.
  8. Go to the “Users” tab in the “Users and roles” area.
  9. Activate the user “Anonymous”.
  10. Confirm the displayed message with “OK”.
  11. Assign the newly created role to the anonymous user under “Assigned roles”.
  12. Open the “Device view”.
  13. Go to the “Properties” of the CPU.
  14. Select “Protection & Security > Connection mechanisms” in the area navigation.
  15. Activate the option “Allow access via PUT/GET communication by remote partner”.
  16. Save the configuration, translate the project and transfer the changes to the CPU.

Certain requirements must also be met for symbolic access:

  1. The controller software must have been created with at least TIA version 17.
  2. If software components were created with an earlier version, they must be recompiled and transferred with TIA version 17 or higher. The same applies to the hardware configuration of the PLC.
  3. At least the following firmware versions are required:
    • S7-1200 series with firmware versions V4.5 to 4.6
    • S7-1500 series from firmware version V2.9 to 3.1
    • S7-ET200 series from firmware version V2.9 to 3.1
  4. If a password has been assigned at controller level, you must have it. The password can be transferred up to firmware version 3.0 (1500 and ET200 series) or 4.6 (S7-1200 series). For higher firmware versions, the login mechanism has changed on the PLC side; the new “Anonymous” user must be configured and enabled in the PLC.

Important, firmware version 3.1 (S7-1500 and ET200) or 4.7 (S7-1200) and higher: Configuration of the “Anonymous” user for symbolic access.

  1. Go to “Security settings” in the project navigation.
  2. Double-click on “Users and roles”.
  3. Select the “Roles” tab.
  4. Create a new role and assign a name, for example “symb_Access”.
  5. Open the “Runtime rights” tab.
  6. Select the corresponding PLC from the “Functional rights categories”.
  7. Activate the desired access level “Full access”, “HMI access” or “Read access” in the “Function rights”.
  8. Go to the “Users” tab in the “Users and roles” area.
  9. Activate the user “Anonymous”.
  10. Confirm the displayed message with “OK”.
  11. Assign the newly created role to the anonymous user under “Assigned roles”.
  12. Save the configuration, translate the project and transfer the changes to the CPU.