Release Notes

ControlLogix EtherNet/IP Module
Version 10.007 (Signed) (released 4/2014)

Catalog Number 1756-EN2T Signed (series D)

These release notes describe version information for 1756-EN2T Signed, version 10.007 (Signed) (released 4/2014).

Security

This release includes security enhancements as a part of our ongoing efforts to improve security. For information regarding Rockwell Automation's vulnerability disclosure process, please reference the Rockwell Automation Vulnerability Policy.

Improved Product Resiliency for Firmware Revision 12.001

Product improvements have been made to increase product resiliency to potentially disruptive activities. These enhancements have been verified not to affect product safety, performance, expected life, configuration, or operation of the product. Rockwell Automation recommends that you follow good Industrial Control System (ICS) security practices that include regular product updates. To maintain authenticity, obtain product updates and new releases directly from Rockwell Automation.



Features

This release includes the following system features.

Product Resiliency Improvement

System Feature Identified as of:

This release includes enhancements that are intended to improve product resiliency to potentially disruptive activities. These enhancements do not affect product safety, performance, expected life, configuration, or operation of the product. Rockwell Automation advises customers to follow good Industrial Control System (ICS®) security practices that include regular product updates. To be sure of authenticity, obtain product updates and new releases directly from Rockwell Automation.


How Logix Ethernet Modules Handle Leading Zeros in IP Addresses

Product Updates and Replacements


When entering IP addresses, if you enter leading zeros in the module configuration screen or message configuration screen of the Logix programming software, they are removed by the software. However, the leading zeros are not removed if they are typed into an L5K import file or if they are typed directly into the message path string. Different versions of the Logix Ethernet module treat the leading zeros differently.

Leading zeros show in the I/O tree with the mouse tool tip when imported from an L5K file.

graphic


Leading zeros can be entered directly into the message path string tag.

graphic

These leading zeros cause some modules to interpret those numbers as octal. For example, 192.168.001.013 is interpreted as 192.168.1.11 (1 octal is equal to 1 decimal, and 13 octal is 11 decimal). This causes the connection attempt to be made to IP 192.168.1.11 instead of 192.168.1.13. If 192.168.1.11 is not there, then the result is a 16#0204 timeout error.

If the IP address is 192.168.001.090, for example, the Ethernet module returns an error 16#0312 Invalid Link Address instead because 90 is not a valid octal number.

The same goes for message instructions. A message instruction attempts to connect to the equivalent octal node. If the node is not there, a timeout error is generated. If the value is not a valid octal value (such as 090), a return error 16#0001 with extended error 16#0312 is generated.

The following modules interpret a leading 0 to mean an octal value.

The following modules ignore the leading zero and interpret the values as decimal.

The leading zeros can be removed to force decimal interpretation.

For more information and for how other Ethernet modules handle leading zeroes, see KB 623220.



  

Improved Messaging Performance

System Feature Identified as of:

With these modules, message performance has been improved over earlier versions.

Corrected Anomalies in This Release

This release corrects the following anomalies.

TCP Window Size (Lgx00145648)

Corrected: Revision 10.007/10.009

Known Anomaly Identified as of:

If the application software that communicates with the module indicates a TCP window size of 0 when establishing the TCP connection, the module does not open the TCP connection.

This issue does not generally occur with standard software packages, but can occur when using MSG instructions and the open sockets feature of the module.


Replace Remote Module (Lgx00149145)

Corrected: Firmware Revision 10.007

Known Anomaly as of Firmware Revision 10.006

Catalog Number 1756-EN2T, 1756-EN2T, 1756-EN2TXT Series D

When you replace a 1756-EN2T module in a remote chassis (there is no controller in the chassis that communicates through the 1756-EN2T), the module does not respond to requests. This lack of response is because the Ethernet switch does not recognize that another MAC ID is on the port of the switch.

Cycle power to the switch to correct the issue.

Known Anomalies in This Release

This release has the following known anomalies.

Connection drop between controller and 1756 Ethernet module during cable break

Corrected Anomaly with Firmware Revision 10.010

Known Anomaly First Identified as of Firmware Revision 10.007

Catalog Numbers:

Following a cable break and reconnection of the CompactLogix™ 5370 controller, it cannot communicate with the 1756 Ethernet module (Lgx00210701). Workaround is to cycle power or manually disconnect and reconnect the controller to re-establish communication.

  

Rack-optimized Connections Can Cause an Ethernet Module to Assert (1186272, 1186282, 942336)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T, 1756-EN2TR
10.007
12.001 and later
1756-EN3TR
10.007
12.001 and later
1756-EN4TR, 1756-EN4TRK,
1756-EN4TRXT
2.001
4.001


Five or more rack-optimized connections that are targeted to an Ethernet module cause the module to assert immediately. The module status display shows ‘RackInput.cpp LineXXX’ information in the assert message.



Known Anomalies from Previous Releases

These anomalies are from previous releases but are still known in this release.


Duplicate IP Address State (Lgx00144830)

Known Anomaly Identified as of:

When a Cisco switch with IP Device Tracking enabled (Cisco IOS firmware that is released after August 2013) is used within the layer 2 broadcast domain, the following can occur:

For more information, see Tech Note 568750. The Tech Note is available at https://rockwellautomation.custhelp.com/app/answers/detail/a_id/568750. A separate login is required.

By default, Stratix™ Ethernet switches do not exhibit this behavior.



EDS File Availability (Lgx00139712)

Corrected: Revision 10.010

When you install RSLinx® Classic software, the EDS files for these modules are not necessarily available. You can use RSLinx Classic software to upload EDS files from the module or download EDS files from the Product Compatibility and Download Center website, http://www.rockwellautomation.com/global/support/pcdc.page.


Using MSG Instruction to Send Email Messages (Lgx00131500)

Corrected: Revision 10.010

You can get an error if you use a MSG instruction to send emails through the module when communicating with a SMTP server. If an error occurs, the error string that is reported in the MSG instruction is missing the first four characters.


Not Valid Device Error

Known Anomaly Identified as of:

In the Studio 5000 Logix Designer® application, a Not Valid Device error can occur. This error occurs when you change the module type from one of the previously listed modules to any of the other listed modules in the Change Type dialog box.

An Internal Timing Anomaly Can Cause an Assert/MNRF (2181425, 2335795, 2335804, 2195446)
  
Device
First Known in Firmware Revision
Corrected in Firmware Revision
CompactLogix® 5380
28.011
34.014, 35.013, 36.011 and later
Compact GuardLogix® 5380 SIL 2
31.011
34.014, 35.013, 36.011 and later
Compact GuardLogix 5380 SIL 3
32.013
34.014, 35.013, 36.011 and later
CompactLogix 5380 Process
33.011
34.014, 35.013, 36.011 and later
CompactLogix 5480
32.011
34.014, 35.013, 36.011 and later
ControlLogix® 5580
28.011
34.014, 35.013, 36.011 and later
GuardLogix 5580
31.011
34.014, 35.013, 36.011 and later
ControlLogix 5580 Process
33.011
34.014, 35.013, 36.011 and later
1756-EN4TR
2.001
6.001 and later
1756-EN3TR/B, 1756-EN2TR/C
10.007
12.001 and later
1756-EN2TP
10.020
12.001 and later
1756-EN2T/D
10.006
12.001 and later
1756-EN2F/C
10.009
12.001 and later

A timing anomaly exists within the device which results in an assert/major non-recoverable fault (MNRF). The program and hardware configuration does not influence the likelihood of occurrence.

The probability of this anomaly occurring is extremely low. Historically, if a module experiences this assert, it only occurs one time.

An escalation to Rockwell Automation Technical Support is required to confirm the root cause of an assert/major non-recoverable fault.


Gratuitous ARP Not Sent by the Ethernet Communication Module (4169055, 4169125)
  
Module
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN4TR
4.001
8.011 and later
1756-EN2T, 1756-EN2TR
2.007

When qualifying after a network disruption, the Ethernet communications module in a Redundancy System or Safety Instrumented System (Logix SIS) does not send a gratuitous ARP.
This anomaly does not have an impact on the Rockwell Automation control system.

For more information, see Knowledgebase Article Gratuitous ARP not sent by comms card after a switchover in a Redundancy System.



CPU Utilization Error (00179391)

Corrected Anomaly with Firmware Revision 11.001

Known Anomaly First Identified in Catalog Numbers:

When accessing Web pages, CPU utilization is 100%.


Increased ICMP message per second capacity (00191724)

Corrected Anomaly with Firmware Revision 11.001

Known Anomaly First Identified in Catalog Numbers:

ICMP message per second capacity increased. 





Ethernet module sends incorrect ARP at switchover (00194847)

Corrected Anomaly with Firmware Revision 11.001

Known Anomaly First Identified in Catalog Numbers:

Ethernet module sends Address Resolution Protocol (ARP) to gateway address with source IP 0.0.0.0 at ControlLogix Redundancy switchover.


GoAhead Web Server Vulnerabilities – EtherNet/IP Communication Devices (1693483)

Products Affected by CVE 2019-5096, the EmbedThis GoAhead Web Server Code Execution Vulnerability
Product
First Known in Firmware Revision
Corrected in Firmware Revision
1747-AENTR
2.002
--
1769-AENTR
1.001
1.003 and later
1756-EN2T/D
10.006
11.002 and later
1756-EN2TR/C
10.007
11.002 and later
1756-EN2TSC/B (discontinued)
10.01
--
5069-AEN2TR (discontinued)
3.011
--

Products Affected by CVE 2019-5097, the EmbedThis GoAhead Web Server Denial-of-service Vulnerability
Product
First Known in Firmware Revision
Corrected in Firmware Revision
1747-AENTR
2.002
--
1769-AENTR
1.001
1.003 and later
1756-EN2F/C
11.001
11.002 and later
1756-EN2T/D
11.001
11.002 and later
1756-EN2TP
11.001
11.002 and later
1756-EN2TR/C
11.001
11.002 and later
1756-EN2TSC/B (discontinued)
10.01
--
5069-AEN2TR (discontinued)
3.011
--
1756-EN3TR/B
11.001
11.002 and later

For a full list of the potentially affected Rockwell Automation products and a description of the vulnerabilities and additional mitigations, see Knowledgebase Product Notice, CVE-2019-5096 and CVE 2019-5097 Vulnerabilities Impact Multiple Products.


  


MNRF/Assert can Occur on a Module After RCP Switchover (1955194)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


After a switchover due to a cable break, the redundant system may not recover to a synchronized state. This can lead to the module experiencing a major nonrecoverable fault/assert.



A ReadSocket Service Request of the TCP/IP Socket Object Returns Incorrect Values (3096193)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


When a Socket Object instance is used for a TCP connection, the response to a ReadSocket service request returns 0 for the Family, Port, and IP address.




Incorrect Product Type String in EDS files (3297343)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


The ProdTypeStr keyword in EDS files had the incorrect value of ‘Communication Module’. The correct value is ‘Communications Module’.



Module does not get IP Address Assigned from a DHCP Server (2188094, 2233611)

Modules
First Known in Firmware Revision
Corrected in Firmware Revision
CompactLogix™ 5370
20.011
36.011
Compact GuardLogix® 5370
28.011
36.011
1756-EN2F
 5.028 (Signed)
2.005 (Unsigned)
12.001 and later
1756-EN2T
5.028 (Signed)
12.001 and later
1756-EN2TP
10.020
12.001 and later
1756-EN2TR
 5.028 (Signed)
1.003 (Unsigned)
12.001 and later
1756-EN3TR
 5.028 (Signed)
3.004 (Unsigned)
12.001 and later
1756-ENBT
1.061
1768-ENBT
1.003


This anomaly was due to a change in the Dynamic Host Configuration Protocol (DHCP) standard, RFC 6842. This anomaly results in the module not being able to obtain an IP address through DHCP with some Stratix® switches that follow the updated standard.

For more information, see Knowledgebase Technote Some Ethernet devices do not obtain DHCP lease from Stratix 5800 as DHCP Server.



  

IP Address is Manually Configurable in DHCP Mode (1665460)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


When a module is in DHCP mode, attempts to change the IP address manually are accepted, but the actual address remains the same.




Incorrect Delay Before Sending a Response to a Broadcast ListIdentity Request (1592443)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


A module responds immediately to broadcast ListIdentity requests instead of delaying for a random period before responding.


PTP Announce Messages Have Incorrect PTP_TIMESCALE Value (1428782)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


When a module is in the same chassis as the PTP Grandmaster, it sends PTP Announce Messages with an incorrect value for PTP_TIMESCALE.



Invalid IP Subnet Mask Allowed on Module (1418381)

Communication Modules
First Known in Firmware Revision
Corrected in Firmware Revision
1756-EN2T/D
10.006
12.001 and later
1756-EN2TR/C
10.007
12.001 and later
1756-EN3TR/B
10.007
12.001 and later
1756-EN2F/C
10.009
12.001 and later
1756-EN2TP/A
10.020
12.001 and later


The module does not check the validity of the subnet mask; therefore, an invalid subnet mask can be set on the module.



Functional Changes

This release has the following functional changes from the previous release.


Precision Time Protocol (PTP) Enabled

Functional Change Identified as of Firmware Version 10.006

Catalog Number 1756-EN2T, 1756-EN2TXT Series D


Important: Series D modules come with firmware version 10.006, and cannot be used with earlier firmware versions.


Firmwareversion 2.007 defaults to having PTP enabled. All later versions default to disabled. If youreplaceversion 2.007 withversion 10.006, PTP will be disabled, which may affect the application.


Out-of-box Switch (888) Behavior Change

Functional Change Identified as of:

·Firmware Version 10.006, 1756-EN2T, 1756-EN2TXTSeries D

·Firmware Version 10.007, 1756-EN2TR, 1756-EN2TRXT Series C

·Firmware Version 10.007, 1756-EN3TRSeries B

·Firmware Version 10.009,1756-EN2F Series C


With these modules,when the switches are set to 888 to do an out-of-box reset, the module does not become active on the backplane, and other modules do not recognize when the module has been inserted.

Also, when these moduleswith switches set to 888are inserted in the primary chassis of a qualified redundant chassis pair, a switchover does not occur.

Exact Match Keying and Firmware Supervisor

Functional Change Identified asof:

·FirmwareVersion 10.006, 1756-EN2T, 1756-EN2TXTSeries D

·FirmwareVersion 10.007, 1756-EN2TR, 1756-EN2TRXT Series C

·FirmwareVersion 10.007, 1756-EN3TRSeries B

·FirmwareVersion 10.009,1756-EN2F Series C


If you are using Exact Match Keying with these modules, firmware version 5.028 or earlier, the controller program must be changed to support these modules and firmware versions. With RSLogix 5000 software, version 17 and earlier, you must use Compatible Keying. Exact Match Keying is not supported.

Additionally, if you are using the Firmware Supervisor feature of the Logix5000 controller, the Firmware Supervisor configuration must be updated to support these firmware versions.




Gateway Address Setting When Using Switches

Functional Change Identified as of Redundancy Bundle Versions 16.081 Enhanced

Firmware Versions 2.007,1756-EN2T, 1756-EN2TXT


Important: Series D modules come with firmware version 10.006, and cannot be used with earlier firmware versions.


When you use rotary switches for setting an IP address, modules with firmware version 2.007 default to gateway address 0.0.0.0. When you use the series D module, firmware version 10.006, the default gateway address is 192.168.1.1. This change impacts redundant systems. For more information, refer to ControlLogix Enhanced Redundancy System User Manual, publication 1756-UM535.


I/O in Redundancy Bundle Version 16.081


Functional Change Identified as of: Redundancy Bundle, Version 16.081

Firmware Version 10.006,1756-EN2T, 1756-EN2TXT Series D


Important: Series D modules come with firmware version 10.006, and cannot be used with earlier firmware versions.

Using the Series Dmodule to control I/O with redundancy bundle 16.081 is not supported or tested.



Maintaining SIL2 Certified Systems


Functional Change Identified as of Firmware Version 10.006

Catalog Number 1756-EN2T, 1756-EN2TXT Series D


Important: Series D modules come with firmware version 10.006, and cannot be used with earlier firmware versions.


The existingmodule specification sheet does list the module as SIL2 certified; however, new polices put in place by TUV require that only the 1756-EN2TR modules be used for SIL2 applications as part of the safety loop.


For more information on configurations for SIL2 applications, refer to Using ControlLogix in SIL 2 Applications Reference Manual, publication 1756-RM001.




Precision Time Protocol (PTP) Version Incompatibilities

Functional Change Identified as of Firmware Version 10.006

Catalog Number 1756-EN2T, 1756-EN2TXT Series D


Important: Series D modules come with firmware version 10.006, and cannot be used with earlier firmware versions.


The module, firmware version 2.007, uses PTP version 1 on the backplane, while the series D module, firmware version 10.006, uses PTP version 2. These versions are incompatible on the backplane. When you replace a module at firmware version 2.007 in a chassis, replace all other modules in the backplane at firmware version 2.xxx.




Redundancy Bundle Support

Functional Change Identified as of:

·Firmware Version 10.006, 1756-EN2T, 1756-EN2TXTSeries D

·Firmware Version 10.007, 1756-EN2TR, 1756-EN2TRXT Series C

·Firmware Version 10.009,1756-EN2F Series C


These modules are not supported in all redundancy bundles. See the Product Compatibility and Download Center for updated information on which redundancy bundles include these modules.



RSLogix 5000 Software Support


Functional Change Identified as of:

·Firmware Version 10.006, 1756-EN2T, 1756-EN2TXTSeries D

·Firmware Version 10.007, 1756-EN2TR, 1756-EN2TRXT Series C

·Firmware Version 10.007, 1756-EN3TRSeries B

·Firmware Version 10.009,1756-EN2F Series C


When using RSLogix 5000 software, version 16.00, choose Compatible Keying when you are using redundant modules.

See the table below for RSLogix 5000 software version support information, including Add-on Profile information.



 

Catalog Number
Minimum RSLogix 5000 Software Version Supported
Minimum RSLogix 5000 Software Version With Add-on Profile Supported
1756-EN2T/D
1756-EN2F/C
15.00
18.00
1756-EN2TR/C
17.00
17.00 (versions 17.00 or earlier do not have RSNetWorx software integrated. Versions 18.00 and later have RSNetWorx softwareintegrated)
1756-EN3TR/B
18.00
18.00 (supports RSNetWorx software integration in all releases)


Rockwell Automation recognizes that some of the terms that are currently used in our industry and in this publication are not in alignment with the movement toward inclusive language in technology. We are proactively collaborating with industry peers to find alternatives to such terms and making changes to our products and content. Please excuse the use of such terms in our content while we implement these changes.

Copyright © 2025 Rockwell Automation, Inc. All rights reserved.
Rockwell Automation, Allen-Bradley, and FactoryTalk are trademarks of Rockwell Automation, Inc.
To view a complete list of Rockwell Automation trademarks please click here.
Trademarks not belonging to Rockwell Automation are property of their respective companies.