Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Installation Manual | TM-111022

iProtect Access / Security | Intergration|

This manual represents the knowledge at the above-mentioned time. TKH security works non-stop to improve her products. For the most recent technical information please contact your consultant or dealer.

1. Introduction

This document is the installation and operation manual of the connection between the iProtect system and the TANlock cabinet lock

2. Support and license

Below is an overview of support for both the hardware and the software, including the necessary license:

Support

Version

Max. readers per line

License number

Per TANlock

Suported card technologies

iProtect

>= 10.0.xx

505-3101 online card reader license

Pluto / ApolloN

32

  • 250 calamity cards

  • 250 offline events

  • Mifare DESFire EV1, 2 or 3 (cards coded by TKH or in consultation with TKH)

Only use calamity cards for the purpose for which it was made. It is recommended to use as few emergency cards as possible.

3. TANlock

The TANlock is a mechanical server cabinet lock, which is available in various versions for many different cabinets. All TANlock locks are provided with a network connection and are exclusively powered by PoE (Power over Ethernet). iProtect has a deep integration with TANlock locks. The TANlock cabinet locks are provided with a card reader (suitable for DESFire cards) and optional with a keypad. 

4. Functionalities TANlock in iProtect

The connection between iProtect and the TANlock system offers the following functionalities:

Details

Full integrated, provisioning of TANlock settings, firmware and keystore

Secure connection

Log events from the TANlock in iProtect

Local stored cards for calamity openings by lost network connection

Support of handle locked and door position input

Intrusion detection (guarded area)

Remote opening

Brings you all the benefits of a normal wired card reader

Support of FQDN (Full Qualified Domain Name)

If a * is placed in front of the date / time stamp for an event, this means that the time is not certain or old (eg Jan 1, 1970), iProtect will change the time into the current time marked with a *. This in order not to lose these events.

5. Setup

5.1 TANlock device

Use the TANlock manual to setup the device

Device

Software

Firmware

TANlock

<= 07x28

0.0.4

>= 07x31b

5.1.1 TANlock defaults (depending on order):

IP address

Username

Password

192.168.0.90

username: tkh

123

DHCP

username: tkh

123

5.2 Configure the TANlock

5.2.1 Connect the TANlock to your network and login with your computer.

By using a new device, take care that your computer is in the same subnet as the TANlock device.

When DHCP is enabled it has priority over the static ethernet settings. So if the Tanlock is connected to a network with DHCP it will not use the default static address.

5.2.2 Browse to the TANlock and select Websocket menu

Use a Firefox Browser browser. Then open the TANlock maintenance page

This menu is used to setup network configuration of the TANlock.

If DHCP is enabled be aware that in the Pluto the DNS server is assigned.

Changes of network settings requires an reboot of the device

5.2.3 Select Websocket menu

This menu is used to setup the connection between the TANlock and iProtect.

  • Default Web user: tkh

  • Default socket password: 123

When changing the defaults, iProtect should also be changed

5.2.4 Select Auth menu

This menu is used to setup login credentials for the TANlock.

  • Default Web user: tkh

  • Default socket password: 123

5.2.5 Select Status menu

This menu is used to show the current date / time and the network settings.

5.2.6 Select Reboot menu

This menu is used to reboot the device. Any adjustments will be made after the reboot

5.3 Line

Determine to which Pluto or ApolloN (line) the TANlock should be connected. If it doesn't already exist, create a new line. Otherwise, continue to chapter 5.3

  • In iProtect, browse to menu: Installation | Hardware | Line

Field

Content

Name

Logical name e.g. Pluto

Features

Type

Network device

Host type

Pluto or ApolloN

Communication

Active

Selection option to activate

Active (with nodes)

Selection option to activate

Status

Function of the line

Physical line

Address

IP address

Enter the IP address

5.4 Node

Determine to which Pluto or ApolloN (line) the TANlock should be connected.

  • In iProtect, browse to menu: Installation | Hardware | Line.

  • Select the controller where the TANlock should be connected

  • Right click on the controller and add a Node

Field

Content

Name

Logical name e.g. Tanlock cabinet 1

Features

Node type

TANlock rack handle

MAC address

Depending if FQDM (Fully Qualified Domain Name) is used fill in the MAC address

Login

tkh (default). Change it if desired

Password

123 (default). Change it if desired

Provisioner group

TANlock rack handle (system default)

SSL

Use SSL

Default on

Allow self signed

Default on

Allow expired

Default on

No Hostname check

Default on

Client communication type

Less secure client communication

Status

Node online

Selection option to activate

Address

HTTP port

Port number that is used by the TANlock (default 443 HTTPS)

IP address

Mandatory

If FQDM (fully qualified domain name) is used the TANlock must be set to DHCP

NOTE: When DHCP is enabled it has priority over the static ethernet settings. So if the Tanlock is connected to a network with DHCP it will not use the default static address.

When using iProtect <=10.2 SSL settings are in de Node dialog. These settings can be determined depending on the situation.

When using iProtect > 10.2 SSL settings are moved to: Installation | Hardware | Secure communication type. These settings can be determined depending on the situation.

5.5 Automatic process (provisioner)

At the moment you have pressed save in chapter 5.3, iProtect will try to connect to the TANlock device. As soon that the connection is established, iProtect will provision the TANlock device with default firmware of:

  • TANlock rack handle software

  • TANlock rack handle keystore

  • TANlock rack handle settings

When the system uploads these files, it may take a few minutes for the lock to register with this version.

If different firmware is required, a new provisioner group must be added with the desired firmware media elements. This group with different firmware must be selected on the node.

  • After the provisioner process is ready, present a card to the TANlock rack handle. The following items will be added to the TANlock node:

Hardware

Description

Reader

Card-reader  <logical number>.<reader>

Input

Doorposition 

  • format <logical number>.< doorposition (11)>

  • uses input: door position (11)  (input 11 on the TANlock

Handle locked

  • format <logical number>.< handle turned>

  • uses an internal switch in the TANlock handle

Handle turned

  • format <logical number>.< handle locked>

  • uses an internal switch in the TANlock handle

Motor in lockable position

  • format <logical number>.< motor in lockable position>

  • uses an internal switch in the TANlock handle

Logical number site panel

  • format <logical number>.< side panel (13))>

  • uses input: side panel (13)  (Input 13 on the TANlock)

  • In iProtect, it looks like this:

5.6 Guarded area

The purpose of a Guarded area is to monitor a group of inputs e.g. detectors, door contacts, etc.

For more information, please consult the iProtect™ Guarded Area manual

When the items of the TANlock are created automatically, a Guarded area will also be generated with the name the Lock followed with the IP address. For example: Tanlock cabinet 1, 192.168.3.169

The following inputs are added to the guarded area:

  • Doorposition  (11)

  • Handle locked

  • Handle turned

  • Motor in lockable position

  • Side panel (13) (default Omitted)

  • No labels