Home > iOpen discuss two applications of Weidmüller routers

iOpen discuss two applications of Weidmüller routers

Supplier News
article image

According to iOpen, the two typical applications for routers are:

• to separate Ethernet networks for data security reasons or to simplify configuration
• to enable an Internet link

Separation of Ethernet networks in the factory: An industrial manufacturing network or an industrial machine network and a typical office network use the same Ethernet standard but are totally different. Whereas in the office network larger volumes of data and the associated sluggishness of the network is completely acceptable, an excessively long response time in an industrial network can lead to downtimes and malfunctions. Complete isolation of the two networks is inadvisable and for the first time there is the chance of using the same network for all procedures in the company. Procedures become more transparent, the management and technical workloads can be reduced. The exchange of data is simplified and more efficient.

There are many options for isolating and prioritising network data, e.g. VLAN, QoS for layer 2, etc. A router can provide an option for filtering the data on the IP layer (layer 3).

Features such as integral firewall, Network Address Translation (NAT), Port Address Translation (PAT) and remote access through a modem turn such a router into an efficient aid for achieving separation between networks.

Only authorised users can access the protected network from outside and only certain, enabled devices can transmit data out of the protected network. The NAT/PAT feature enables a machine with its own IP subnetwork and several network users to remain concealed from the outside world behind a unique IP address. Access routines to the IP address from outside are automatically forwarded to a predefined IP address in the network behind the router. In this way the device can remain accessible from outside but only as required. The option of concealing a complete machine behind an IP address reduces the installation and management workloads for the machine user.

In addition, the router can be selected through an external modem, enabling access to the router and the machine beyond, without compromising the corporate network. Such access routines are carried out through PPP and PAP or Callback with Virtual Private Network (VPN). This means that a high security level can always be guaranteed.

Connection to the Internet: The two industrial access routers IE-AR-10T and IE-AR-10T ISDN enable users to create a simple and secure link between industrial Ethernet networks and the worldwide Internet. The integral analogue or ISDN modem offers users worldwide applicability and availability. External modems (ISDN, GSM, analogue) can be easily connected through an RS232 port.

An integral firewall provides users with maximum possible protection for their systems. Programming/configuration is carried out through a browser or text console/SSH, but notebooks or handhelds can be used as well. Separate configuration software is not required because this is integrated into the device itself.

The software can be updated through teleservicing. Functions such as VPN, DynDNS and Callback are included as standard.

The Weidmüller "Configurator" Device Management Tool:
Managing the firmware updates or backing up configurations for a variety of different devices can be a problematic and slow undertaking. Device manufacturers offer different utilities for their different product lines and these often have differing user interfaces. In order to solve this problem, Weidmüller has introduced the "Configurator" Device Management Tool. It serves as a general foundation for managing and configuring IE-ARM-E/U routers and a variety of future devices. To briefly summarise, the Configurator enables:
• Firmware updates to a device or group of devices
• Readout of configurations
• Transmission of adjusted configurations back to the device
• The readout, display and saving of device log files
• The parameterisation of devices based on SecIE security datasheets

The Configurator is available for Windows and Linux. It requires no installation. The software can simply be unpacked and started. The only system requirement is that the user has Java Runtime, version 1.5 or a later version installed. The configurator organises data into projects. A project can consist of multiple locations which can represent the structure of the current facility structure or differing workshops. The software also enables devices to be grouped together in logical groups. You can represent these groups in a logical structure, with classifications such as 'All border routers from manufacturing units'. The Configurator presents a shared 'look and feel'  for the central management of firmware and configurations. It can be used for a large number of the industrial Ethernet products from Weidmüller. The administrator can then focus on the complete management of the network.

Protected machine networks: The Weidmüller routers enable simple machine configuration and increase the security and global availability of the machine.

Configurator router: Remote maintenance and support of the router With global access, through the 'Configurator' software, the users’ facilities can be maintained from anywhere in the world. Users have the chance to perform simple software updates over entire groups of routers. Support and performance management can be taken care of in comfort from the users’ location.

Extreme security with Virtual Private Networks (VPN), using IPsec encryption VPN enables global access to components using the IPsec encryption process. It offers the highest level of security.

Port forwarding with Weidmüller's miniRouter:

  • Combining the IP address of a router interface with any virtual port.
  • Assigning an IP address/port combination to an actually available IP address and port from the other network (connected through the router).
  • Requests to the IP address and virtual ports of the router are immediately forwarded to the assigned IP addresses. 
  • Answers to the requests are automatically delivered by the router to the requesting agent.

Virtual mapping with the Weidmüller miniRouter:

  • Allocation of additional IP addresses to a network interface.
  • IP addresses must all come from the same network as the actual router IP address on the selected network interface.
  • Allocation of additional IP addresses to an actually-available IP address from another network (connected through the router)Requests to the new additional IP addresses are immediately forwarded to the assigned IP addresse.
  • Answers to the requests are automatically delivered by the router to the requesting agent.

Virtual mapping offers the following advantage: enables parallel operation of multiple identically-configured networks behind NAT-technology routermachine builders can hide machines behind a router without needing to change the IP configurationIt is possible to always use the machines with the identical configuraNAT as an alternative to port forwarding; necessary for applications which cannot form requests combining IP addresses with port numbers (for example, some PLC applications)

Newsletter sign-up

The latest products and news delivered to your inbox