Helmholz Wall ie User manual

Quick Start Guide WALL IE

www.helmholz.com

Version

www.helmholz.com

ab FW 1.00

Quick Start Guide WALL IE2

Inhalt

1. Introduction 3

2. Connection 3

3. Initial access to the web interface 4

4. Adjustment of the IP addresses 5

5. The bridge mode 6

6. Packet lter functionality 7

7. NAT operating mode 9

8. Basic NAT 10

9. NAPT 11

10. Port forwarding 12

11. Static routes 14

12. Resetting to factory settings 15

13. LED status information 16

14. Technical data 16

Quick Start Guide WALL IE 3

1. Introduction

Please note: Please observe the safety instructions for the product, which can be found

in the manual. It can be downloaded from the website www.helmholz.com in the

download area.

This document should explain the initial commissioning of the WALLIE on the basis of

simple examples from network technology.

FCN: Function Button

Mini USB:

Service Interface

RST: Reset Button

P1: WAN Port

P2—P4: LAN Ports

Voltage Supply Operation LEDs (see page 16)

2. Connection

The WALL IE is connected with 24V DC voltage via the 5-pin power supply socket.

The RJ45 „P1 WAN“ socket is for the connection of the external network. The RJ45

„P2 LAN—P4 LAN“ sockets are switched and are for the connection of the internal

network.

Quick Start Guide WALL IE4

3. Initial access to the web interface

The WALL IE is set on the LAN-side at the factory with the IP address 192.168.0.100

and the subnet mask 255.255.255.0. Access to the web interface is only possible via

the LAN connections P2- P4.

First the IP address of your network card must be adapted to the IP subnet of the

WALL IE under „Start Control panel Network and share settings Adapter

settings LAN connection Properties Internet protocol version 4“.

Now connect a patch cable with the LAN connection of your PC and one of the LAN

ports P2—P4 of the WALL IE. The web interface can be reached in the default setup

by calling up https://192.168.0.100 in the browser page.

Note: For security reasons, the web interface can only be reached through a secured

HTTPS connection. An exception needs to be conrmed once in order to reach the

website.

A certicate for the connection backup can be stored in the „Device/HTTPS“ menu.

Quick Start Guide WALL IE 5

You will be prompted to set a password with the initial registration. With the „Con-

tinue“ button, the password is stored in the device and you will be forwarded to the

„Overview“ page of the WALLIE.

The main user is always „admin“. Another user administration hasn‘t been imple-

mented yet.

Note: Please memorize the password!

For security reasons there is no possibility to reset the password without performing a

factory reset.

4. Adjustment of the IP addresses

Click on the „Network“ menu and select the sub-menu „Interface“. The desired IP

addresses (LAN/WAN IP) and subnet masks (LAN/WAN net mask) can be dened

here. The entry is saved with the „Save“ button.

Quick Start Guide WALL IE6

5. The bridge mode

In the bridge operating mode, WALL IE behaves like a layer 2 switch between the

automation cell (LAN) and the production network (WAN). The packet  lter can be

used to limit access between the two areas.

This enables the separation of a part of the production network without using diffe-

rent network adresses.

Machine network 10.10.1.0/24

10.10.1.0/24

Internal (LAN)

External (WAN)

Company network

10.10.1.30 10.10.1.31 10.10.1.50 10.10.1.100

10.10.1.32

10.10.1.10 10.10.1.20

Quick Start Guide WALL IE 7

Switch the WALL IE to the bridge mode via „Device Operating Mode Bridge“.

In the bridge mode, the IP address of the WAN interface is the same as the IP address

of the LAN interface. It is thus transparent.

The data transfer from LAN  WAN is always permitted.

The data transfer from WAN  LAN can be controlled with the packet lters.

6. Packet lter functionality

The packet lters enable the limitation of access between the production network

(WAN) and the automation cell (LAN). For example, it can be congured that only

certain participants from the production network can exchange data with dened

participants from the automation cell.

The following lter criteria on layers 3 and 4 are available: IPv4 addresses, protocol

(TCP/UDP), ports. The layer 2 criteria „MAC addresses“ and „Ethertype“ are in

development.

Creation of rules in the packet lter

Select „WAN to LAN“ in the „Packet Filter“ menu. The standard is that no rule is

entered and thus no access by the external network (WAN) to the internal network

(LAN) is possible in the „Bridge“ operating mode. Full access of the WAN to the LAN

is generally initially allowed in the „Basic NAT“ operating mode (see chapter 8), but

restrictions can be created with packet lters.

A PC with the IP adress 10.10.1.10 (a STEP17 programmer) should now allow access

to the CPU with the IP adress 10.10.1.30 via port 102 with the TCP protocol. To this

purpose, the following rule should be entered and saved with the button:

Quick Start Guide WALL IE8

The PC with the IP adress 10.10.1.20 (an observer) should continue to allow access to

the web interface of the panel with the IP-Adress 10.10.1.50 via port 80 with the TCP

protocol. The completely entered rules should appear as follows:

Source IP Access to this IP address of the external network (WAN) is allowed.

Destination IP Access to this device IP address of the internal network (LAN) is allowed.

Protocol Selection of the permitted protocol, TCP or UDP.

Destination Port The device port in the internal network.

Action Packets from the external network (WAN) can be permitted („Accept“) or rejected („Reject“ / „Drop“)

„Drop“ rejects a packet muted and „Reject“ responds with an ICMP error message.

Comment A comment can be entered here.

Status Rule active (A click on the lamp changes the status.)

Rule inactive (A click on the lamp changes the status.)

Deletes a rule

Adds a rule

Quick Start Guide WALL IE 9

7. NAT operating mode

When several automation cells with the same address range are to be incorporated

into a production network, this can result in collisions, as the addresses in the entire

network are not unambiguous. Using Network Address Translation (NAT), WALLIE

makes it possible to incorporate several automation cells into the production net-

work.

In the NAT operating mode, WALL IE forwards the data transfer between various IPv4

networks (Layer 3) and implements the IP addresses with the help of NAT. The packet

 lter can also be used.

Machine 1

192.168.10.0/24

10.10.1.0/24

Machine 2

192.168.10.0/24

Machine X

192.168.10.0/24

Internal

External

Company network

Internal

External

Internal

External

Quick Start Guide WALL IE10

Setting up „Basic NAT“ rules

In order that the entry of „Basic NAT rules“ is possible, WALL IE must be in the opera-

ting mode „NAT“. Select the „NAT“ menu and the sub-menu „Basic NAT“. Enter the

 rst rule and save it with the button

Each entry is con rmed with „Rule added successfully“.

Note: For a Basic NAT rule, all ports are always open for this data transfer! Packet  lter

rules should be created to restrict access.

8. Basic NAT

Basic NAT, also known as „1:1 NAT“ or „Static NAT“, is the translation of individual IP

addresses or of complete address ranges.

The translation takes place exclusively at the IP level, which means that all ports can

be addressed without explicit forwarding.

Machine network 192.168.10.0/24

10.10.1.0/24

Internal (LAN)

External (WAN)

Company network

192.168.10.1 192.168.10.2 192.168.10.50 192.168.10.100

192.168.10.5

10.10.1.10 10.10.1.20

Machine IP

192.168.10.1

192.168.10.2

192.168.10.5

192.168.10.50

192.168.10.100

10.10.1.11

10.10.1.12

10.10.1.13

10.10.1.14

10.10.1.15

Virtual IP

Quick Start Guide WALL IE 11

External IP The virtual IP address accessible in the external network (WAN).

Internal IP The real IP address accessible in the internal network (LAN).

Comment Freely denable comment.

Status Rule active (A click on the lamp changes the status.)

Rule inactive (A click on the lamp changes the status.)

Action Deletes a rule

Adds a rule

9. NAPT

„NAPT for LAN to WAN trafc“ replaces the sender addresses of queries from the

automation cell with the address of the WALL IE („Source NAT“).

If the option is deactivated, the query packets are forwarded to the WAN with their

original sender IPs.

Quick Start Guide WALL IE12

10. Port forwarding

With the help of port forwarding („Port forwarding for WAN to LAN traf c“), it can

be con gured that packets at a certain TCP/UDP port of the WALL IE (WAN) can

be forwarded to a participant in the automation cell (LAN) (e.g. 10.10.1.1:81 to

192.168.10.1:80).

Machine network 192.168.10.0/24

10.10.1.0/24

Internal (LAN)

External (WAN)

Company network

192.168.10.1 192.168.10.2 192.168.10.50 192.168.10.100

192.168.10.5

10.10.1.10 10.10.1.20

Machine IP:Port

192.168.10.1:80

192.168.10.2:102

192.168.10.5:80

10.10.1.1:80

10.10.1.1:102

10.10.1.1:81

Virtual IP:Port

10.10.1.1

192.168.10.200

Quick Start Guide WALL IE 13

Protocol TCP/UDP

External Port The WAN port under which frames are received.

Internal IP The real IP address accessible in the internal network (LAN).

Internal Port The real IP port of the device accessible in the internal network (LAN).

Comment Freely denable comment.

Status Rule active (A click on the lamp changes the status.)

Rule inactive (A click on the lamp changes the status.)

Action Deletes a rule

Adds a rule

Quick Start Guide WALL IE14

11. Static routes

Static routes are used for communication with other automation cells. To this pur-

pose, the network and the address of the router or WALLIE responsible for this („Next

Hop“) must be con gured.

Machine 1

10.10.0.0/24

Machine 2

192.168.20.1

Internal Internal

External

192.168.20.2192.168.10.1 192.168.10.2

10.0.0.100 10.0.0.105

WAN

Production network

LAN

Automation cell

Static route:

192.168.10.x via 10.0.0.100

Static route:

192.168.20.x via 10.0.0.105

Static routes are only supported in the NAT operating mode. A static route can

be set up via „Network Static route“. In the example above, the static route to

the right WALL IE with the IP 10.0.0.105 is entered in the left WALL IE for queries to

192.168.20.x.

The procedure is con rmed with „Rule added successfully“ and the route is active.

Quick Start Guide WALL IE 15

Network The IP network to be routed from the WALL IE.

Netmask The afliated subnet mask.

Next Hop The next responsible router or WALLIE for this network.

Comment Freely denable comment.

Status Rule active (A click on the lamp changes the status.)

Rule inactive (A click on the lamp changes the status.)

Action Deletes a rule

Adds a rule

Note: In the case of devices in the internal network (LAN) that should reach other net-

works, the LAN IP address of the WALL IE is entered as a gateway.

If the opposite side of the static route is also a WALL IE, a static route for the return path

must also be entered there.

The conducting of the response frame must also be entered in the „Packet lter/WAN to

LAN“.

12. Resetting to factory settings

In order to reset WALL IE to the delivery status, the „FCN“ button must be activated

while the device is restarted. A restart can be carried out with Power OFF/ON, by

activating the RST button or with the „Device reboot“ function at the website.

The successful resetting of the parameters and settings is acknowledged during the

boot process by the USR-LED lighting up.

Notes:

The contents of this Quick Start Guide have been checked by us so as to ensure that they match the hardware and software described. However, we assume no liability for any existing differences, as these cannot

be fully ruled out.

The information in this Quick Start Guide is, however, updated on a regular basis. When using your purchased products, please make sure to use the latest version of this Quick Start Guide, which can be viewed

and downloaded on the Internet at www.helmholz.de.

Our customers are at the center of everything we do. We welcome all ideas and suggestions.

1) STEP is a registered trademark of Siemens AG.

13. LED status information

PWR

Off

No power supply or device defective

Device is correctly supplied with voltage

RDY

Device is ready to operate

CON

Flashing light or On

Permitted data transfer between WAN and LAN

USR

Factory settings reset active

RJ45-LEDs

Green (Link)

Orange (Act)

Connected

Data transfer at the port

14. Technical data

Order no. 700-860-WAL01

Interfaces 1x WAN 10/100 Mbps

3x LAN 10/100 Mbps, switch

USB 2.0, mini USB (Service)

Operating modes Bridge, Basic NAT, NAPT

Packet lter IPV4 addresses, protocol (TCP/UDP), ports,

MAC addresses (in development),

Ether types (in development)

Status indicator 4 LEDs

Voltage supply 24 VDC, 18–28 VDC

Current draw Max. 250 mA with DC 24 V

Number of inputs,

switching point

2/DC 24 V, as per DIN EN 61131-2 Type 2

Dimensions (D x W x H) 35 x 59 x 75 mm

Weight 250 g

Certications CE

Protection rating IP 20

Permissible ambient

temperature

0 °C bis +60 °C (-20 °C bis +70°C in development)

Transport and storage

temperature

-20 °C bis +80 °C

Other manuals for WALL IE

This manual suits for next models

Table of contents

Other Helmholz Gateway manuals

Helmholz

Helmholz PN/CAN gateway User manual

Helmholz

Helmholz NETLink User manual

Helmholz

Helmholz 700-671-PNC01 User manual

Helmholz

Helmholz 700-670-PNC01 User manual

Helmholz

Helmholz 700-671-PNC01 User manual

Helmholz

Helmholz WALL IE 700-860-WAL01 User manual

Helmholz

Helmholz NETLink PRO Compact User manual

Helmholz

Helmholz PN/CAN gateway User manual

Helmholz

Helmholz 700-672-PNC01 User manual

Helmholz

Helmholz WALL IE Compact User manual

Helmholz

Helmholz PN/CAN Gateway Layer 2 User manual

Helmholz

Helmholz NETLink 700-881-MPI21 User manual

Helmholz

Helmholz CANopen User manual

Helmholz

Helmholz PN/CAN gateway User manual

Helmholz

Helmholz NETLink PRO Series User guide

Popular Gateway manuals by other brands

Cisco

Cisco Linksys SPA8000-XU Quick installation

Atop

Atop MB5001C user manual

Honeywell

Honeywell Lyric LCP300-L Quick installation guide

Ubee

Ubee DDW3611 user guide

Cisco

Cisco AS5350XM Configuration guide

Siemens

Siemens Gigaset SE567 quick start guide

Allot

Allot SG-9500 Series Hardware guide

RTA

RTA 460MCBM-NNA4 Product user guide

RTA

RTA 460ETCMM-N2E Product user guide

Edgewater Networks

Edgewater Networks 200AE2 quick start guide

RTA

RTA 460PSBM-NNA1 Product user guide

AudioCodes

AudioCodes MediaPack MP-124 quick guide

NetComm

NetComm HS960 Firmware Upgrade Procedure

EyeRide

EyeRide EYERIDE 200 installation guide

SolarEdge

SolarEdge Firefighter Gateway installation guide

Cermate Technologies

Cermate Technologies SX51 Series installation guide

Dell

Dell SonicWall SRA 4200 Administrator's guide

Fritz!Box

Fritz!Box 7360 user guide

Helmholz WALL IE User manual

Popular Gateway manuals by other brands