In order to protect the LAN network (machine network) you need to define the LAN addresses that need to be accessible.
▪The first step in creating a protected LAN network is to create the LAN device(s) that has (have) to be accessible.
The path to LAN-device creation is: eWONs > select eWON from list > Properties > LAN & Firewall > Configure LAN devices & Firewall...
The Devices & Firewall page opens:
Note: Adding Gateway is only possible on a Talk2M Pro account. On a Talk2M Free+ account, this option is not available.
▪Click on Add LAN device... (link or button)
The LAN Device page opens.
In this page you give a name to your LAN device, specify its IP address and optionnaly write a description.
For the Port field select if all protocols are open or if only protocol-specific ports will remain open.
To limit the access to a specific protocol, inside the Specific Protocol list select the protocol you want to allow on the device. As for example ISOTCP (Siemens) or EIP (Rockwell).
You can also define custom ports using following syntax:
T405 => TCP port 405
U9600 => UDP port 9600
T443,U1194 => TCP port 443 & UDP port 1194
The Visible in M2Web, defines whether the device will be visible or not using M2Web access.
On a Talk2M Pro account you can restrict the access to a specific user group. On a Free+ account this restriction is not available. All declared users of the account will have access to the device.
After encoding this information, the Firewall slider is automatically shifted to position High because this is the position required to activate the firewall protection at the LAN side.
Note: Enforced & Ultra Firewall level are only possible with a Talk2M Pro account. On a Talk2M Free+ account this option is not available.
The new LAN device appears with a closed padlock under the structure of the relevant eWON:
The properties of the LAN device can be edited afterward by clicking Properties.