Release Notes

1756-EN4TR
Version 3.001 (released 4/2020) - 5.002 (released 4/2023)

Catalog Number 1756-EN4TR (series A)

These release notes describe version information for 1756-EN4TR, version 3.001 (released 4/2020) - 5.002 (released 4/2023).

Security

This release includes security enhancements as a part of our ongoing efforts to improve security. For information regarding Rockwell Automation's vulnerability disclosure process, please reference the Rockwell Automation Vulnerability Policy.

CVE 2024-5659: Multicast Request Causes Major Nonrecoverable Fault on Select Controllers

Controllers and Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
CompactLogix™ 5380
34.011
V34.014, V35.013, V36.011 and later
Compact GuardLogix® 5380 SIL 2
34.011
V34.014, V35.013, V36.011 and later
Compact GuardLogix 5380 SIL 3
34.011
V34.014, V35.013, V36.011 and later
CompactLogix 5380 Process
34.011
V34.014, V35.013, V36.011 and later
CompactLogix 5480
34.011
V34.014, V35.013, V36.011 and later
ControlLogix® 5580
34.011
V34.014, V35.013, V36.011 and later
GuardLogix 5580
34.011
V34.014, V35.013, V36.011 and later
ControlLogix 5580 Process
34.011
V34.014, V35.013, V36.011 and later
1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT
4.001
6.001 and later


For a full list of the potentially affected Rockwell Automation products and a description of the vulnerability, see Security Advisory ControlLogix and GuardLogix Vulnerable to Multicast Request Causes major nonrecoverable fault on Select Controllers.



  

Security

This release includes security enhancements as a part of our ongoing efforts to improve security. For information regarding Rockwell Automation's vulnerability disclosure process, please reference the Rockwell Automation Vulnerability Policy.

CVE-2024-3493: Logix Controllers and Communication Modules Vulnerable to MNRF Due to Invalid Header Value

Controllers and Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
CompactLogix™ 5380
35.011
35.013, 36.011 and later
Compact GuardLogix® 5380 SIL 2
35.011
35.013, 36.011 and later
Compact GuardLogix 5380 SIL 3
35.011
35.013, 36.011 and later
CompactLogix 5380 Process
35.011
35.013, 36.011 and later
CompactLogix 5480
35.011
35.013, 36.011 and later
ControlLogix® 5580
35.011
35.013, 36.011 and later
GuardLogix 5580
35.011
35.013, 36.011 and later
ControlLogix 5580 Process
35.011
35.013, 36.011 and later
1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT
5.001
6.001 and later


For a full list of the potentially affected Rockwell Automation products and a description of the vulnerability, see Security Advisory ControlLogix and GuardLogix Vulnerable to major nonrecoverable fault due to Invalid Header Value.


  

Requirements

This release has the following requirements.

Spanning Tree Protocol used with Redundant Adapters
Requirement Identified as of Firmware Revision 3.001
In a network using spanning tree protocol, port fast edge must be configured on the switch ports that connect to the redundant adapters. This is not a consideration for DLR ring networks.

Dynamic ARP in Stratix Switches
Requirement First Identified as of Firmware Revision 3.001
For Stratix switches, Dynamic ARP Inspection must be disabled in the path between the controller and the redundant adapter.

Flashing the Firmware
Requirement First Identified as of Firmware Revision 3.001
ControlFlash™ version 15.03.00 is required in order to flash this firmware.
  

Features

This release includes the following system features.

Redundant Adapter
This firmware allows two adapters to be used redundantly in one ControlLogix I/O chassis, providing additional resiliency to the system. CIP Security is not supported with the 1756-EN4TR in this release while redundant adapter functionality is being used. In future releases of the 1756-EN4TR redundant adapter, CIP Safety modules, PRP, CIP Security will be available.

In the redundant adapter chassis, only I/O modules are supported. Motion, communication modules, and controllers in the chassis with redundant adapters are not supported.

The redundant adapters must only reside in slots 0 and 1. The rotary switch on the redundant 1756-EN4TR modules must be set to 7 for redundant adapter with DLR.

For more information, see 1756-UM004.
  

Features

This release includes the following system features.


Improved Product Resiliency for ControlLogix® EtherNet/IP™ Communications Modules

Product improvements have been made to increase product resiliency to potentially disruptive activities. These enhancements have been verified not to affect product safety, performance, expected life, configuration, or operation of the product. Rockwell Automation recommends that you follow good Industrial Control System (ICS) security practices that include regular product updates. To maintain authenticity, obtain product updates and new releases directly from Rockwell Automation.


  

Corrected Anomalies in This Release

This release corrects the following anomalies.

VxWorks Vulnerabilities That Affect 1756 ControlLogix® EtherNet/IP™ Communication Modules
Corrected Anomaly with Firmware Revision 3.001

Catalog Numbers:

For a full list of the potentially affected Rockwell Automation products and a description of the vulnerabilities, see Rockwell Automation Knowledgebase Answer ID 1088561.


1756-EN4TR cannot be configured to appear in SNMP scan (Lgx00229065)

Corrected Anomaly with Firmware Revision 3.001
Known Anomaly First Identified as of Firmware Revision 2.001
Catalog Numbers:
•           1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT
In the 1756-EN4TR, SNMP is disabled by default. SNMP can be enabled/disabled as described in the following steps.

To turn on SNMP, the following MSG must be used:
graphic
graphic

Content of onArray must be:
graphic


To switch off SNMP, the following MSG must be used:
graphic
graphic


Content of offArray must be:

graphic

There are two additional tables to store result of IANA port admin state change operation.

graphic

Corrected Anomalies in This Release

This release corrects the following anomalies.

Improved Product Resiliency for VxWorks Vulnerabilities 1756 ControlLogix EtherNet/IP Communication Modules

Corrected Anomaly in firmware revisions 3.002 for these catalog numbers:

Known Anomaly First Identified in firmware revision 3.001 for these catalog numbers:

Product improvements have been made to increase resiliency. See Product Security Vulnerabilities for more information.

For a full list of the potentially affected Rockwell Automation products and a description of the vulnerabilities, see Rockwell Automation Knowledgebase article VxWorks Vulnerabilities affect Programmable Automation Controllers, EtherNet/IP Communication Modules, I/O Modules, Kinetix 6500 Servo Drive, High-Frequency RFID Interface Block.

  

Known Anomalies in This Release

This release has the following known anomalies.

Double Cable Break on Secondary Adapter Can Lead to Longer Qualification Times

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
3.001


When two 1756-EN4TR modules are used in remote chassis as a redundant adapter pair, and there are double-cable breaks on the secondary adapter, requalification can take a long time after the cables are reinserted.



Restrictions when the 1756-IB16SOE is used with Redundant Adapters (CVBCLXHSE-353)

Known Anomaly First Identified As of 1.006

Catalog Number 1756-IB16SOE
If you use a unicast connection, the RPI must be 10 ms or greater. There is no restriction on the RPI if you use multicast connections.
Restrictions when the 1756-IF4FXOF2F is used with Redundant Adapters (Lgx00225301)
Known Anomaly in Catalog Numbers: 1756-IF4FXOF2F
RPI must be 100 ms or greater and an RTS of 25 ms or greater. The RTS must be greater than or equal to ¼ of the RPI.

Listen Only Disruptions when in Redundant Adapter Mode (Lgx00232454, Lgx00232604, Lgx00232589)

Known Anomaly First Identified as of Firmware Revision 3.001

Catalog Numbers: 1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT

In a bridged multicast connection (not rack-optimized) "Listen-only" (one PLC with a normal connection, and a second with "listen only"):

In rack-optimized connections where a "listen-only" connection is used (one PLC with normal connection, and a second with "listen only"):


  

CIP Security Configuration Not Retained on Power Cycle with SD Card Slot Reconfigured (Lgx00232273)

Known Anomaly First Identified as of Firmware Revision 3.001

Catalog Numbers: 1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT

If the SD Card slot was configured to be disabled, and then configured again to enabled state, the CIP Security configuration is lost after power-cycling the chassis. If the SD Card slot was configured only once to be disabled, and no further re-configurations were made, then CIP Security configuration is still applied.

Workarounds:


  


Removing Security Policy Can Result in Lost Access to the EtherNet/IP Communication Module (00233815)

Known Anomaly First Identified as of Firmware Revision 3.001

Catalog Numbers: 1756-EN4TR

If you remove a security policy from a ControlLogix® EtherNet/IP™ communication module in FactoryTalk® Policy Manager, version 1.0.0, and then download a project with Studio 5000 Logix Designer® application, you also cannot change the communication module's IP address, or related communication parameters, with FactoryTalk Linx or RSLinx® software.

To resolve the anomaly, reset the controller to the factory default state.

Known Anomalies in This Release

This release has the following known anomalies.

Safeboot in 1756-EN4TR Always Boots in a DLR Configuration Regardless of the Mode Rotary Switch Position (3333484)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
4.001

When the 1756-EN4TR enters Safeboot during a reset to factory default settings, the module boots up in a DLR configuration regardless of the Mode Rotary Switch position. In PRP mode, this can cause heavy traffic and bridging LAN A and LAN B networks until the module is updated with standard firmware. This can happen if the update process fails during a firmware update on the module.



1756-EN4TR Can Provide Incorrect PRP Network Health Status (1517443)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
4.001
5.001


When a packet is received only on one PRP LAN (either LAN A or LAN B), then the PRP Warning flag is not set and the counter for missing packets is not incremented. This results the 1756-EN4TR module providing the incorrect PRP network health status.



After A Power Cycle, Connection Can Take Time to Establish

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
4.001


After a power cycle, establishing an Ethernet connection between two 1756-EN4TRs can take longer than 50 seconds. To work around this issue, you can power cycle the 1756-EN4TR module, or remove and replace the Ethernet cable.



1756-EN4TR Becomes Unresponsive in PRP Configuration Mode

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
4.001


After a power cycle, a 1756-EN4TR module that is configured for PRP can become unresponsive. If this occurs, power cycle the 1756-EN4TR module again.



1756-EN4TR Can Provide Incorrect PRP LAN Status (1516251)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
4.001
5.001


When there are cable breaks on both PRP LAN networks (LAN A and LAN B), it can take up to 13 seconds for the PRP Fault flags to update properly after one LAN is reconnected. This results in 13 seconds of incorrect PRP LAN status provided by the 1756-EN4TR module.



Known Anomalies in This Release

This release has the following known anomalies.

Open Socket Functionality Not Behaving as Expected (1957130, 1957175)

Controllers and Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
CompactLogix™ 5380
35.011
35.013, 36.011 and later
Compact GuardLogix® 5380 SIL 2
35.011
35.013, 36.011 and later
Compact GuardLogix 5380 SIL 3
35.011
35.013, 36.011 and later
CompactLogix 5380 Process
35.011
35.013, 36.011 and later
CompactLogix 5480
35.011
35.013, 36.011 and later
ControlLogix® 5580
35.011
35.013, 36.011 and later
GuardLogix 5580
35.011
35.013, 36.011 and later
ControlLogix 5580 Process
35.011
35.013, 36.011 and later
1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT
5.001


In a Socket Read Message, when reading an empty TCP Ethernet Buffer (buffer length of 0), the expectation is that a 12 byte header will be returned for the Socket Read Message’s .DN_LEN ([MessageTag].DN_LEN=12).

Instead, 0 bytes are returned by the message ([MessageTag].DN_LEN=0).

This anomaly affects the Rockwell Automation® Sample Code Add-On Instructions and Applications. For more information and a workaround for this anomaly, see the Knowledgebase Technote Socket functionality may not behave as expected in specific Logix controllers at version 35.011 and 1756-EN4TR version 5.001.


Disqualification of Redundant Chassis Pair Due to Concurrent Connection Timeout (1895856)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
5.001
5.003

In a ControlLogix® 5580 Redundancy system, if 1756-EN4TR modules in the redundant chassis pair (RCP) are configured for Concurrent Communication, then the RCP can experience a disqualification due to a concurrent connection timeout.
  

Known Anomalies from Previous Releases

These anomalies are from previous releases but are still known in this release.

Sent Bytes Per Second Displays a Larger Incorrect Value (1548181)

Controllers and Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
CompactLogix™ 5380
28.011
35.011 and later
Compact GuardLogix® 5380 SIL 2
31.011
35.011 and later
Compact GuardLogix 5380 SIL 3
32.013
35.011 and later
CompactLogix 5380 Process
33.011
35.011 and later
CompactLogix 5480
32.011
35.011 and later
ControlLogix® 5580
28.011
35.011 and later
GuardLogix 5580
31.011
35.011 and later
ControlLogix 5580 Process
33.011
35.011 and later
1756-EN4TR, 1756-EN4TRK, 1756-EN4TRXT
2.01
5.001 and later


Under HMI/MSG Connected (EtherNet/IP Port) on the device Diagnostic webpages, Sent Bytes Per Second displays a much larger incorrect value, not the actual sent bytes per second.




Cannot Disable the Socket Object on 1756-EN4TR With a MSG Instruction (1804575)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
2.001
5.001


When using a MSG instruction to disable the socket object on a 1756-EN4TR module, setting Attribute 9 to a source element value of 0 does not disable the socket object.


  

Rack-optimized Connections Can Cause an Ethernet Module to Assert (1186272, 1186282, 942336)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T, 1756-EN2TR
10.007
12.001 and later
1756-EN3TR
10.007
12.001 and later
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
2.001
4.001


Five or more rack-optimized connections that are targeted to an Ethernet module cause the module to assert immediately. The module status display shows ‘RackInput.cpp LineXXX’ information in the assert message.



1756-EN4TR May Not Switchover After Reconnection

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
2.001


After both primary and secondary 1756-EN4TR modules are disconnected from the network, the redundant chassis pair may not switchover after the previously secondary module is reconnected to the network.

If this issue occurs, then manually reset the primary chassis.




Simultaneous Listen-Only and Rack-optimized Connections to the Same Module Can Lead To I/O Fault

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
2.001


If two controllers connect to the same I/O module through a 1756-EN4TR module, an I/O fault can occur if one controller uses listen-only connections and the other controller uses rack-optimized connections.

The controller that uses listen-only connections displays a Module Fault: (Code 0x0203) Connection Timed Out.



Cannot Update 1756-EN4TR Using Firmware Supervisor

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
2.001


If a Studio 5000 Logix Designer® application project with a ControlLogix® 5580 controller and a 1756-EN4TR module is saved to the SD card with the device firmware, then the ControlLogix 5580 controller cannot restore the firmware to the 1756-EN4TR module using Firmware Supervisor if the 1756-EN4TR module goes into safe boot.

While this occurs infrequently, if this happens, then use ControlFLASH™ or ControlFLASH Plus™ software to upgrade the 1756-EN4TR



Rockwell Automation recognizes that some of the terms that are currently used in our industry and in this publication are not in alignment with the movement toward inclusive language in technology. We are proactively collaborating with industry peers to find alternatives to such terms and making changes to our products and content. Please excuse the use of such terms in our content while we implement these changes.

Copyright © 2024 Rockwell Automation, Inc. All rights reserved.
Rockwell Automation, Allen-Bradley, and FactoryTalk are trademarks of Rockwell Automation, Inc.
To view a complete list of Rockwell Automation trademarks please click here.
Trademarks not belonging to Rockwell Automation are property of their respective companies.