WALL IE PLUS, industrial Firewall, Ethernet Bridge and NAT router

More photos (6)

Add to favourites

WALL IE PLUS, industrial Firewall, Ethernet Bridge and NAT router

Ethernet bridge and NAT router with integrated firewall. It is used to increase security when communicating in Ethernet networks or when connecting and separating networks with different IP ranges. WALL IE is a suitable tool for securely connecting machines to a corporate Ethernet network. More

Manufacturer: HELMHOLZ Code: HEL 700-862-WAL01

810 EUR excl. VAT (980,10 EUR incl. VAT)

In stock

pcs

(1 pcs in stock)

Buy more for 230 EUR and get free delivery!

0 EUR230 EUR

Manufacturer: HELMHOLZ Code: HEL 700-862-WAL01

The WALL IE is an industrial Ethernet Bridge and NAT device with integrated Firewall security. It enables easy integration of production machines into an existing corporate network. Using a variety of access restriction filters, it is possible to allow or prevent communication between clearly defined devices within single or multiple Ethernet networks. WALL IE operates in two basic modes - NAT and Bridge.

WALL IE as NAT

In NAT mode, it acts as an L3 Ethernet switch and translates IP addresses from the internal address range to the external address range and vice versa. In addition, it offers enhanced security options for Ethernet communications with built-in Firewall tools.

NAT mode can be used in industry in several situations:

You need to collect data from machines and you don't have the machines networked. So you create an Ethernet network between the machines and you want to connect the machines to the network. But you often run into the problem that the machines have the same IP address and changing them is not exactly easy or cheap. Or you have machines with different IP addresses across multiple IP ranges and you need to consolidate them into one IP range. With NAT, you can easily create new IP addresses in the same range from the IP addresses of the control systems in the machines.
In addition to IP address translation, WALL IE can also secure connected machines by enabling or disabling specific types of TCP/UDP communications. You can also enable or disable communications between specific IP addresses or MAC addresses.

WALL IE in NAT router function (IP forwarding)

WALL IE as SNAT

In SNAT (Source NAT) mode, the WALL IE forwards incoming traffic from the WAN to the LAN. No device on the LAN needs to have the IP address of the WALL IE as its Gateway. This makes integrating machines into the Ethernet network easier because you do not have to change settings in the machine controller.

WALL IE in SNAT router function

WALL IE as BRIDGE

In bridge mode, the WALL IE adapter connects two separate Ethernet networks so that they behave as one network. The bridge operates at the data link layer of the OSI model and allows data to be transferred between two or more network segments so that devices on the connected segments appear to be on a common network. Bridge functions include learning the MAC addresses of the connected devices and deciding on which interface to send packets based on this information. This allows efficient communication between different parts of the network. Ethernet bridges are often used to extend network reach and reduce the basic network load. Unlike conventional L2 switches, this setup allows the use of security rules by filtering TPC and UDP packets.

WALL IE in BRIDGE function (data connection of two separate networks), with increased security of Ethernet communication

Port forwarding

Using port forwarding (WAN to LAN), you can configure a state where packets on a specific TCP/UDP port on the WAN can be forwarded to a subscriber on the LAN (e.g. 10.10.1.1:81 to 192.168.10.5:80).

WALL IE in Port forwarding mode

Static routing

In static routing we set in WALL IE the path by which the datagram should be transported to the destination.

WALL IE in Static Routing mode

Using WALL IE when programming the SIMATIC S7 PLC via STEP7 / TIA portal

Problem: If Simatic CPUs in the LAN behind a WALL IE are to be addressed or planned with an engineering station in the WAN, the problem is that the Step 7 or TIA portal uses the IP address from the project for access to the CPU.
In the case of access via a WALL IE, which is configured in the operating mode Basic NAT, another IP address must be used for access to the CPU in the Step 7 or TIA portal.

The solutions described in the following can also function in adapted form for other applications.

WALL IE in Simatic S7 PLC programming

WALL IE features

Low effort for IP integration in higher-level networks (NAT)
Integration of series machines with the same IP addresses in the production network
4 Ports with 100 MBit/s
NAT (Basic NAT, NAPT und Portforwarding)
SNAT: No adjustment of the network configuration in the LAN network necessary
Access restriction through packet filters: IPV4 addresses, protocol (TCP/UDP/ICMP), ports, MAC addresses
Reduction of the network load through the filtering of broadcasts and multi-casts
Quick and easy configuration via a responsive web interface
Easily integrate same IP subnets through port forwarding (NAPT)
Reduced to the essential functionality
Import and export of the configuration
DHCP-Server (LAN) / DHCP-Client (WAN)
DNS-Server (LAN)
User administration
Space-saving industrial design for DIN rail