Professional Documents
Culture Documents
Third Party Equipment Connectivity - Service Manual - SM - 5788727-1EN - 2
Third Party Equipment Connectivity - Service Manual - SM - 5788727-1EN - 2
Service Manual
5788727-1EN
Rev 2
© 2022, General Electric Company,
All Rights Reserved
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
2/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Revision History
Part / Rev Date Reason for Change
5788727-1EN Rev 1 2017-09-08 Initial release of document
5788727-1EN Rev 2 2022-01-28 Updated for AutoRight and Allia IGS products
3/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
4/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
5/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
このサービスマニュアルには英語版しかありません。
(JA) サービスを担当される業者が英語以外の言語を要求される場合、翻訳作業はその業者の責任
で行うものとさせていただきます。
このサービスマニュアルを熟読し理解せずに、装置のサービスを行わないでください。
この警告に従わない場合、サービスを担当される方、操作員あるいは患者 さんが、感
電や機械的又はその他の危険により負傷する可能性があります。
본 서비스 매뉴얼은 영어로만 이용하실 수 있습니다.
경고 고객의 서비스 제공자가 영어 이외의 언어를 요구할 경우, 번역 서비스를 제공하는 것은
(KO) 고객의 책임입니다.
본 서비스 매뉴얼을 참조하여 숙지하지 않은 이상 해당 장비를 수리하려고 시도하지
마십시오.
본 경고 사항에 유의하지 않으면 전기 쇼크, 기계적 위험, 또는 기타 위험으로 인해 서비스
제공자, 사용자 또는 환자에게 부상을 입힐 수 있습니다.
6/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
7/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Table of contents
8/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
1 Configuration procedure
WARNING
1.4 Purpose
The purpose of this Job Card is to provide proper connectivity between the IGS system and a third party
equipment using the System Bus protocol and/or the DICOM protocol.
Connectivity is ensured by configuring the IGS system to enable the communication between the two
systems. The configuration of the 3rd party equipment is not in the scope of this Job Card.
Before executing this Job Card, you need to ensure the IGS System has been configured to allow basic
communication with external devices whereas fine tuning may be required as specified in this manual.
9/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
1.5 Pre-requisites
1.5.1 Compatibility of the IGS systems
HW Compatibility:
SW Compatibility:
10/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
1.5.3 Configuration
Typical site configuration is depicted below.
IGS Release name IGS Acronym CISCO Firewall Windows Firewall DICOM Host
Configuration Configuration Configuration
Underscore SP2/BP6/CFG5 1.6.3
1.6.6.1
AutoRight SP3/BP7/CFG6 0
1.6.4
Allia IGS7, Allia IGS7OR CFG7
1.6.6.2
Allia IGS3, Allia IGS5 SP4 1.6.2* 1.6.5*
(*) New Access Control rules apply now on these IGS Products and configuration of Cisco Firewall has
become GE Proprietary. Customization of Inbound/Outbound rules for Third Party devices are now
performed on Windows firewall.
11/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Note: If Outbound Filtering box has been checked during CNF0292, all outbound traffic will be
blocked. It is necessary to manually authorize each IP address & port used by any DICOM host
(DICOM communication listening port) through ASDM application (refer to CNF0332 procedure).
12/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-1:
4. Click [Continue].
Illustration 2-2:
13/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
5. Enable the I accept the risk and want to run this application checkbox and click [Run].
Illustration 2-3:
6. If CNF0292 has been previously run (authorization has been configured on the firewall), enter the
username and password provided by the Hospital IT admin manager.
If CNF0291 has been previously run (Telnet / Enable passwords have been set), enter the password
for privilege mode (leave Username field empty).
Click [OK].
Illustration 2-4:
14/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-5:
8. Once software loading is complete, the ASDM loads the configuration. The following window is
displayed. Wait until configuration loading is complete.
Illustration 2-6:
15/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-7:
16/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-8:
In Source Criteria, enter the Third Party Equipment IP address to authorize Inbound connection.
In Destination Criteria, enter the DL IP address (192.168.1.2 or 172.16.0.2 for custom configuration),
select the TCP protocol, and enter the DL port number to open Inbound connection. Refer to
Illustration below.
17/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-9: TCP inbound connection from Third Party Equipment IP 3.249.173.51 on port 4004
4. Check that the new access rule has been created in the list of outside access rules.
Illustration 2-10:
18/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-11:
Illustration 2-12:
19/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-13:
7. Select the first NAT rule (which should be selected by default), click the [+ Add] button. Enter the
following values in the Add NAT Rule window:
In the Make Criteria: Original Packet area:
o Source interface: inside
o Source Address: obj-192.168.1.2 or obj-172.16.0.2 for custom configuration (the DL internal
address)
o Destination Address: any
o Service: obj-4004
In the Action: Translated Packet area:
o Source NAT Type: Static
o Source Address: outside
o Destination Address: -- Original --
o Service: -- Original --
20/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-14:
8. Click [OK] to validate. The NAT rule has been added to the list.
Illustration 2-15:
21/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-16:
Illustration 2-17:
22/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
2. Click [Browse Local] and select C:\Backup. Name the backup file Firewall_Backup.zip.
Illustration 2-18:
3. Make sure the Backup All checkbox is selected. Click [Backup] to start the backup process.
4. Click [OK] in the Certificate Passphrase window (if displayed).
Illustration 2-19:
23/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Follow the steps below to allow inbound traffic on port TCP/4004 for System Bus.
1. Log in as DLService.
2. Click Start → All Programs → Administrative Tools → Windows Firewall with Advanced Security.
Illustration 2-20:
24/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
3. Click [Yes] in the User Access Control window. The following window is displayed.
Illustration 2-21:
4. Select [Inbound Rules]. The following screen showing the Inbound ports opened by default by the DL
application is displayed.
Illustration 2-22:
25/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-23:
Illustration 2-24:
26/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-25:
d. Click [Next].
e. In the Protocol and Ports tab, select the protocol type TCP. Select Specific local ports and
enter the port number 4004.
Illustration 2-26:
f. Click [Next].
27/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Illustration 2-27:
h. Click [Next].
i. In the Profile tab, check that all three options are selected.
Illustration 2-28:
j. Click [Next].
28/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
k. In the Name tab, enter the name of the Inbound connection (4004 – System Bus in this
example). You can also enter a description (optional step).
Illustration 2-29:
l. Click [Finish]. The new port is added to the list of Inbound rules.
Illustration 2-30:
29/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
Follow the steps below to allow inbound traffic on port TCP/4004 for System Bus.
1. Log in as DLService.
2. Click Start > Windows Administrative tools > Windows Firewall with Advanced Security.
3. Click Yes in the User Access Control window. The following window is displayed.
30/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
4. Select Inbound Rules. The following screen showing the Inbound ports opened by default by the DL
application is displayed.
5. Check that ICMP, tcp 104 and tcp 2762 are listed. The ALLOW state means they are configured for
Inbound connection.
6. To configure a new port for Inbound connection, follow the steps below. The example will show you
how to configure port TCP/4004 (for System Bus communication).
31/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
32/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
d. Click Next.
e. In the Protocol and Ports tab, select the protocol type (TCP in this example). Select Specific
local ports and enter the port number (4004 in this example).
33/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
f. Click Next.
g. In the Action tab, select Allow the connection.
34/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
h. Click Next.
i. In the Profile tab, check that all three options are selected.
j. Click Next.
k. In the Name tab, enter the name of the Inbound connection (4004 – System Bus in this
example). You can also enter a description (optional step).
35/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
l. Click Finish. The new port is added to the list of Inbound rules.
Therefore, to enable System Bus and DICOM communication for a new third party equipment:
The Inbound port TCP/4004 must be opened for System Bus communication.
o Follow the steps of section “Create Inbound Rules” in CNF0430 - Windows 10 Firewall
Inbound/Outbound and DNS Configuration to allow inbound traffic on port TCP/4004.
If Outbound traffic has been blocked on the Windows firewall, it is necessary to manually authorize
Outbound traffic on each IP address & port used by the Third Party equipment that acts as a DICOM
host (i.e. the third party DICOM communication listening IP address and port).
o Follow the steps related to opening Outbound ports from the CNF0430 - Windows 10
Firewall Inbound/Outbound and DNS Configuration.
36/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
1. The DL is logged in to the application with GE Service user credentials at the Authentication login
window.
2. Click Swiss Knife to ensure you are logged in as a Service user. Your username is displayed between
brackets after Logout. If you are not logged in as a Service user, click Logout and log back in.
6. Click [Add].
7. Fill in the following parameters in the Image Transfer column to configure the new host for DICOM
image transfer:
Illustration 3-1:
o Network Address: The IP address of the DICOM image host on the hospital network
o Port number: The DICOM port number of the DICOM image host
o AE-Title: The DICOM AETitle (Application Entity Title) of the DICOM image host
o Connection Type: Select [Secure] in the dropdown menu if the DICOM image host accepts
DICOM TLS. Otherwise, select [Non-secure].
37/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
NOTE: If you have selected [Secure], the DICOM TLS certificates must be installed on the DL. Refer
to:
Windows 7: CNF0306 - Install DICOM TLS Certificates.
Windows 10: CNF0388 – Install DICOM TLS Certificates with Windows 10
8. Enter the name or alias that will be displayed in the Host list in Host Label .
1. The DL is logged in to the application with GE Service user credentials at the Authentication login
window.
2. Click Swiss Knife to ensure you are logged in as a Service user. Your user name is displayed between
brackets after Logout. If you are not logged in as a Service user, click Logout and log back in.
3. Click the Net tab at the top of the DL Browser screen.
4. Click Select Host.
5. Click the Image tab.
6. Click Add.
7. On the upper section Edit Selected Host, fill in the following parameters in the Image
Transfer column to configure the new host for DICOM image transfer:
Illustration 3-2:
o Network Address: The IP address of the DICOM image host on the hospital network
o Port number: The DICOM port number of the DICOM image host
o AE-Title: The DICOM AETitle (Application Entity Title) of the DICOM image host
o Connection Type: Select Secure in the dropdown menu if the DICOM image host accepts
DICOM TLS. Otherwise, select Non-secure.
o Smart Push: Whether the images are pushed with all the processing burned into the
DICOM file (“Processed” setting), with some processing to be performed on an AW or
CA1000 review station (“Not processed” setting), or both the processed and the not
processed images are pushed to this host (“Both” setting). Unless instructed differently by
38/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
the application specialist, leave it as default: Processed for DSA and Not
processed for Dynamic.
o Host Label: Enter the name or alias that will be displayed in the Host list
o Archive Station: Select No
o 512 transfer of Images: Select No
o Click Verify and check that the DICOM verification to host is successful
o Click Save
NOTE: If you have selected Secure, the DICOM TLS certificates must be installed on the DL. Refer
to CNF0388 – Install DICOM TLS Certificates with Windows 10.
8. On the lower section General Settings
o Select the Auto Push configuration desired
o Click Save
9. On the left panel, check the box of the new host added
10. Click Exit
1.7 Finalization
Communicate the external system IP address to Third Party Equipment FE, so the Third Party Equipment can
be configured to receive DICOM and positioning information.
Perform functional checks: refer to Third Party Equipment documentation.
39/40
Third Party Equipment Connectivity - Service Manual 5788727-1EN Rev 2
www.gehealthcare.com
40/40