W&T connects
Interfaces for TCP/IP, Ethernet, RS-232, RS-485, USB, 20mA, glass and plastic fiber optic cable, http, SNMP, OPC, Modbus TCP, I/O digital, I/O analog, ISA, PCI
Data sheet:

Microwall VPN

  • Microwall VPN
  • Microwall VPN connection

Secure communication for machines and systems

To protect a machine and the surrounding network equally, the unit is first isolated in its own network segment. This can be an individual computer, a single machine or even an entire system. The Microwall VPN routes this device island securely and simply into the company intranet. Simple and intuitive filter rules protect sensitive island communication from harmful events in the intranet and from undesired access. Remote maintenance and remote access to the devices in the island network plus management of the Microwall VPN can be accomplished over a WireGuard VPN tunnel both as VPN server and VPN client.

More info: Learn more about how the Microwall VPN works here.


Properties:

Interfaces:

  • 2x Ethernet 100/1000BaseT
    • Autosensing and Auto-MDIX
  • High data throughput
    • Gigabit Ethernet
    • max. 900 mbps in router mode, max. 300 mbps VPN
    • Low latency times thanks to powerful hardware platform

Connectivity:

  • Mode: Standard router
    • Integration into the routing concept of the intranet
    • Static NAT can be used for 1:1 mapping of intranet IPs on island hosts.
  • Mode: NAT router
    • Integration of the islands via a single Intranet IP
  • WireGuard VPN Server
    • Secure VPN connection to the island for Windows, Linux, Android, MacOS, IOS clients, Microwalls
    • Access control of VPN clients using dedicated firewall
  • WireGuard VPN client
    • VPN connection to your manufacture/service network
  • Wire Guard VPN Box-to-Box
    • VPN tunnel between two Microwalls
    • Secure connection of island networks using the intra/internet

Management & Security:

  • Secure firmware concept with Secure Boot
    • No uploading of manipulated firmware or third-party firmware
  • Configuration via HTTPS-Only Mode
    • Supports individual certificates
    • Fast startup using WuTility or DHCP
    • Required password without default login
  • Port management for all local services
    • All service/management services can be configured/deactivated
  • Consistent whitelist-based firewall concept
    • Filter rules based on IPv4 addresses and TCP/UDP port numbers
    • Dedicated firewall for incoming VPN connections
  • Logging
    • Identification of undesired communication attempts

Supply Voltage

  • External power
    • Screw terminals, 24V-48V DC
  • Power-over-Ethernet (PoE)

Standards & more

  • Conforms to standards both in office and industrial environments:
    • High noise resistance for industrial environments
    • Low noise emission for residential and business areas
  • 5 year guarantee

Operating modes:

The Microwall VPN remotes sensitive components or subnets into a separate island network and separates it from the higher level company intranet. For remote maintenance, remote support, etc. a WireGuard VPN server is available which provides selected VPN clients with secure and dedicated firewall protected access to the island stations.

All connections between the networks must be given express permission via rules based on source/destination IP and the TCP/UDP port numbers used. Communication with undocumented and/or undesired services is prohibited and harmful events such as overload kept from the island.

Filter rules and VPN management

The firewall rules and VPN management are administered simply and clearly using the Microwall VPN web pages and are uniformly whitelist-based. Any communication which is not expressly permitted in the form of a rule is blocked.

NAT router mode

Similar to a traditional DSL internet connection, the entire island network is incorporated via just an IP address of the intranet into the network there. No intervention into the routing concept of the intranet is necessary. Operation of multiple island networks having the same IP ranges is also possible in this mode. This gives machines and systems manufacturers the possibility of operating internal network with a uniform series IP configuration - no cumbersome adaptations to the customer’s infrastructure.

Standard router mode

The Microwall VPN operates like a traditional router, while the island network appears in the intranet in the form of static routing. Static NAT can also be used for 1:1 mapping of intranet addresses to fixed IPs in the island network. These island hosts thereby become quasi-local components of the intranet while still enjoying the protection of appropriate firewall rules.

WireGuard VPN

The Microwall VPN uses the WireGuard platform as a VPN solution for remote access. Compared with other VPN solutions this offers advantages such as high data throughput and simple management with a high level of security and stability. Details and current information about WireGuard can be found at https://www.wireguard.com. The Microwall VPN can provide a VPN client or VPN server terminal point on your intranet connection. Depending on the application external WireGuard clients can dial in to the islands or the Microwall connects as a VPN client - for example into your service network.


Technical data:

Connections and displays:

  • Network:
  • Data throughput:
    • Router mode (unidirectional TCP): max. 900MBit/s
    • VPN tunnel (unidirectional TCP): max. 300MBit/s
  • Electrical isolation:
    • Network connections min. 1500 V
  • Supply voltage:
    • Power-over-Ethernet (PoE) or
    • DC 24V .. 48V (+/-10%) and
    • AC 18Veff .. 30Veff (+/-10%)
  • Supply connection:
    • Plug-in screw terminal, 5.08mm spacing
    • Labeled "L+" and "M"
  • Current consumption:
    • PoE Class 2 (3.84 W to 6.49 W)
    • or for external supply:
    • typ. 150mA @24V DC
    • max. 200mA @24VDC
  • Indicators:
    • 2x LEDs for network status
    • 1x LED for Error

Housing and other data:

  • Enclosure:
    • Plastic compact housing for top-hat rail mount
    • 105x22x75mm (LxWxH)
  • Enclosure rating:
    • IP20
  • Weight:
    • approx. 120g
  • Ambient temperature:
    • Storage: -40..+85°C
    • Operating 0..+50°C (no stack mounting)
  • Permissible relative humidity:
    • 5..95% RH, non-condensing
  • Scope of delivery:
    • 1x Microwall VPN
    • 1x Quick Guide

Accessories

  • Power supplies

    • Plug-in power supply, 24V / 500mA DC with Euro plug
    • 11021
    • 20.00€
    • Plug-in Power Supply, 24V / 750mA DC with Euro, US and UK plug
    • 11026
    • 36.00€
    • Power supply for DIN rail, 24V / 630mA DC
      (merchandise, 2-year manufacturer’s guarantee)
    • 11080
    • 31.00€
  • Mechanical Accessories

    • Wall mount housing, enclosure rating IP66 / IP67
    • 11120
    • 52.00€
    • Mounting bracket for wall mounting
    • 58812
    • 10.50€
    • 19" DIN rail
    • 58813
    • 19.98€
  • Supplementary network products

    • Ethernet Switch Industry, 4 Port
    • 55604
    • 208.00€
  • Software

* Our offering is intended only for commercial users. We will be happy to refer private end customers to trading partners through whom our products can be purchased.

Up