Helmholz WALL IE Quick Start Manual Download Page 21 | Manualshive

Page: 21 / 24

background image

Quick Start Guide WALL IE

21

8. MAC address filtering

With the function “MAC Filtering;” communication via the WALL IE can be limited to devices with certain MAC addresses (“Whitelisting”) or devices with certain MAC

addresses can be denied access (“Blacklisting”).
Filtering for each MAC address can be activated separately on the WAN, on the LAN, or on both sides (“ANY”).

MAC addresses must always be entered in the format “AA:BB:CC:DD:EE:FF”, whereby

numbers are to be indicated with hexadecimals.

Important:

MAC Filtering has the highest priority of all filters in the WALL IE. As soon as

the first MAC address has been entered in the MAC filter mode “Whitelist”, only frames

from this MAC address are allowed to pass through, irrespective of all other packet filter

rules.

If MAC filtering is used in the “Whitelist” mode, the MAC addresses of all permitted

devices are indicated.
If no MAC filter rule has been entered or activated, the “MAC Filtering” is completely

deactivated, irrespective of the “Default MAC Policy”.
MAC filtering can be used both in the NAT and in the Bridge operating mode.

Note:

In the NAT mode, the MAC filtering is only carried out WHEN the MAC address is

also indicated in the IP header of the packet. Layer 2 frames are not forwarded in the

NAT mode. The MAC filtering takes place on layer 2 in the bridge mode.

«
...
19
20
21
22
23
...
»

Summary of Contents for WALL IE

Page 1: ...www helmholz com Quick Start Guide WALLIE Version 10en as of FW 1 08...

Page 2: ...ce software among others This software is subject to the respectively relevant license conditions The corresponding licensing conditions including a copy of the complete license text will be sent to y...

Page 3: ...ite www helmholz com in the download area FCN Function button RST Reset button P1 WAN port P2 P4 LAN ports Voltage supply Operation LEDs see page 23 This document explains the initial commissioning of...

Page 4: ...ry condition by calling up https 192 168 0 100 in the browser page Note For security reasons the web interface can only be reached through a secured HTTPS connection In order to reach the website an e...

Page 5: ...r can also be used with limited rights The users can be activated and the affiliated passwords set in the Device Password menu Note Please note the password well For security reasons there is no possi...

Page 6: ...s the integration of several automation cells that use an identical IP address range into the same production network Each automation cell can be assigned various free IP addresses from the production...

Page 7: ...erent network addresses If Bridge is your planned application case please continue reading on page 16 Machine network 10 10 1 0 24 10 10 1 30 10 10 1 31 10 10 1 50 10 10 1 100 10 10 1 32 0 1 2 3 4 5 6...

Page 8: ...s the affili ated subnet masks WAN netmask LAN netmask can be defined here A DNS server and a default gateway can also be indicated This is necessary when devices from the LAN should reach the Interne...

Page 9: ...is confirmed with the message Rule added successfully Status Rule active a click on the lamp changes the status Rule active a click on the lamp changes the status Important In the case of a Basic NAT...

Page 10: ...er to limit access to the machine network to certain participants in the WAN set the default action to Reject or Drop In the case of prohibited frames from the WAN Reject sends an error message in res...

Page 11: ...rules can be defined for one protocol type with protocol TCP or UPD Destination Ports indicates the ports to which the filter rules apply If a filter rule applies to several or even all ports this can...

Page 12: ...ith Reject or Drop for certain devices Blacklisting It is also possible to configure the access of several participants with one another An IP range can be defined with a dash 10 10 1 10 10 10 1 20 A...

Page 13: ...filter the communication of devices in LAN with devices in the production network WAN or into the Internet is completely prohibited or is blocked or allowed for particular devices The entry of the fi...

Page 14: ...IN1 IN2 FCN RST PWR RDY ACT USR SN 000000000 6 5 SNAT The function SNAT Source NAT transparently forwards incoming traffic from the WAN side to the LAN network All data packets sent to the LAN are sen...

Page 15: ...nfigured that packets at a certain TCP UDP port of the WALL IE WAN can be forwarded to a participant in the automation cell LAN e g 10 10 1 1 81 to 192 168 10 5 80 Important If with the packet filters...

Page 16: ...ned interface settings are also equally valid at the WAN port of the WALL IE A DNS server and a default gateway can also be indicated This is necessary when devices from the LAN should reach the Inter...

Page 17: ...ting If you initially don t wish to filter set the default action to Accept In order to limit access to the machine network to certain participants in the WAN set the default action to Reject or Drop...

Page 18: ...rules can be defined for one protocol type with protocol TCP or UPD Destination Ports indicates the ports to which the filter rules apply If a filter rule applies to several or even all ports this can...

Page 19: ...n in interaction with the Default Action If the Default Action is for example Reject or Drop the filter rules should all be set to Accept Whitelisting If the Default Action is Accept a block can be de...

Page 20: ...the communication of devices in LAN with devices in the production network WAN can be completely prohibited or be blocked or allowed for particular devices Important In the event that devices in the...

Page 21: ...ALL IE As soon as the first MAC address has been entered in the MAC filter mode Whitelist only frames from this MAC address are allowed to pass through irrespective of all other packet filter rules If...

Page 22: ...n take up to 1 minute depending upon the network connection The firmware file is decoded and checked in the WALL IE If the content is correct the firmware is burned into the program memory and a resta...

Page 23: ...ce is correctly supplied with voltage RDY On Device is ready to operate ACT Flashing or on Data transfer permitted between WAN and LAN USR On Factory settings reset active RJ45 LEDs Green Link Orange...

Page 24: ...imensions DxWxH 35 x 59 x 76 mm Weight Approx 130 g Number of inputs 2 DC 24 V as per DIN EN 61131 2 Type 2 WAN interface 1 x Type 10 Base T 100 Base T Connection RJ45 socket Transmission rate 10 100...

Reviews:

No comments

Related manuals for WALL IE

Brand: Omnia Pages: 6

Brand: Idis Pages: 86

Brand: Paradyne Pages: 20

Brand: Paradyne Pages: 2

Brand: Furuno Pages: 24

Brand: Ruckus Wireless Pages: 56

Brand: Renesas Pages: 6

Brand: Usr Pages: 2

DesignCore RVP-TDA3 Series

Brand: D3 Pages: 34

kontron KBox E-420-R1K/V1K

Brand: S&T Pages: 82

Brand: ICP DAS USA Pages: 8

Brand: Ubiquiti Pages: 20

Brand: CyberTAN Pages: 67

Brand: Hunter Pages: 2

Brand: Rolls Pages: 1

Brand: Supermicro Pages: 15

E5345 - Xeon 2.33 GHz 8M L2 Cache 1333MHz FSB LGA771 Active Quad-Core Processor

Brand: Intel Pages: 112

Brand: PaloAlto Networks Pages: 28

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands