Microwall IO

Microwall IO

Price does not include sales tax which may apply to your location.
Secure communication of machines and systems
The Microwall safely and easily routes your device island to the corporate intranet. Simple and intuitive filter rules protect sensitive island communication from harmful intranet events and unwanted access.

Secure communication of machines and systems

The Microwall IO routes this device island safely and easily into the corporate intranet. Simple and intuitive filter rules protect sensitive island communication from harmful events on the intranet as well as from unwanted access. Remote maintenance and remote access to the island network participants and the management of the Microwall IO can be done via a WireGuard VPN tunnel - both as a VPN server and as a VPN client.

The digital inputs/outputs enable the integration of remote maintenance and firewall-specific actions of the Microwall IO into automation and process environments. A PLC output or a simple button/switch can be used to control, for example.B, VPN access, certain firewall rules or the status of the network interfaces. The outputs enable external visualization of messages and events such as.B. activated VPN access.



  • 2x Ethernet 100/1000BaseT
    • Autosensing/Auto-MDIX
  • 2 switching inputs
    • digital inputs in 24V technology
  • 2 switching outputs
    • digital outputs in 24V technology
    • current up to 500mA

Management & Connectivity:

  • Remote configuration
    • Easy commissioning via WuTility or DHCP
    • Secure web-based management through HTTPS-only
    • All service/management services can be deactivated
  • 2 digital inputs + 2 digital outputs in 24V technology
    • Inputs control VPN, firewall rules and network interfaces
    • Report outputs for e.B. VPN connections
  • Operation as standard router or NAT router
    • Integration into the routing concept of the intranet
    • Integration of the island via a single intranet IP
    • Static NAT for 1:1 mapping of intranet IPs on island hosts
  • WireGuard VPN - Client & Server
    • Server: Secure VPN dial-up to the island with Windows, Linux, Android, MacOS, IOS clients
    • Access control of VPN clients via firewall
    • Client: VPN connection to your manufacturer/service network
  • Whitelist-based firewall
    • Filter rules based on IPv4 addresses and TCP/UDP port numbers
    • Separate firewall for VPN clients
  • Logging
    • Identification of unwanted communication attempts
  • High data throughput
    • Network connection via Gigabit Ethernet
    • up to 930Mbps in router mode, max. 300MBit/s VPN
    • Less latency thanks to powerful hardware platform

Power supply:

  • External supply
    • Screw terminal connection 24V-48V DC
  • Power-over-Ethernet (PoE)
    • Phantom power via data pairs
    • Feeding over unused vein pairs

Standards & Co.:

  • Compliant with standards in both office and industrial environments:
    • high immunity for industrial environments
    • low interference emission for residential and business areas
  • 5-year warranty



The Microwall IO outsources sensitive components or subnets to a separate island network and thus separates them from the higher-level corporate intranet. For remote maintenance, remote support, etc., a WireGuard VPN server is available, which allows selected VPN clients a secure and protected access to the island participants via their own firewall.

All connections between the networks must be explicitly shared through rules based on source/destination IP and the TCP/UDP port numbers used. Communication of undocumented and/or unwanted services is prevented and harmful events such as .B overload are kept away from the island.

Filtering rules and VPN management

The firewall rules and VPN management are managed easily and clearly via the websites of the Microwall IO and are consistently whitelist-based. This blocks any communication that is not explicitly released in the form of a rule.

Digital inputs/outputs for control and reporting

The digital inputs enable, for example.B event-driven activation of VPN access or the switching of rule groups of the firewall. In this way, e.B. in the event of system faults by the operator or even the system control itself via a switching contact, the VPN connection to the manufacturer can be established.

Operation as a NAT router or standard router

Similar to a classic DSL Internet connection, the Microwall integrates the island network into the local network via only one IP address of the intranet page. There is no need to interfere with the routing concept of the intranet. The operation of several island networks with the same IP ranges is also possible in this mode of operation. This offers machines and plant manufacturers the possibility to operate internal networks with a uniform serial IP configuration - costly adjustments to the customer infrastructure are no longer necessary.

In standard router mode, the island network is integrated into the routing concept of the intranet, e.B. using static routes. Static NAT can also be used to map intranet addresses to fixed IPs on the island network. As a rule, these island hosts become local participants of the intranet, but still enjoy the protection of suitable firewall rules.

WireGuard VPN

As a VPN solution for remote access to the island network, the Microwall IO uses the WireGuard platform. Compared to other VPN solutions, this offers, among other things, high data throughput and easy management with a high level of security and stability at the same time. For details and up-to-date information about WireGuard, see https://www.wireguard.com. The Microwall IO can act as a VPN client or VPN server endpoint on its intranet port. Depending on the application, external WireGuard clients can dial into the island or the Microwall connects to your service network as a VPN client, for example.

Technical specifications

 Technical Specifications

Connections and displays
Network:    2x 100/1000BaseT Autosensing/Auto-MDIX 
IPv6 on request
Digital outputs:   2 x Digital Out 6V-30V, 500mA
Digital inputs:   2 x Digital In
max. input voltage +/-30V
reversed within this range
Switching threshold 8V +/- 1.5V
"On" current = 2.2 mA
Data throughput:   Router mode (unidirectional TCP): max. 930MBit / s
VPN tunnel (unidirectional TCP): max. 300MBit / s
Galvanic isolation:   Network connections min. 1500 volts
Supply voltage:   Power-over-Ethernet (PoE) or
DC 24V .. 48V (+/-10%) and 
AC 18Veff .. 30Veff (+/-10%)
Connection:   1 x 6-fold screw terminal, pluggable, E/As, RM 3.5mm
1 x 2-fold screw terminal, pluggable, ext. Supply, RM 5.08mm
2 x RJ45 for network
Power consumption:   PoE Class 2 (3.84W to 6.49W)
or in the case of external supply:
type. 160mA @24V DC
max. 200mA @24VDC
Indicators:   2x LED system and service
4x LED for I/O status
Housing and other data
Enclosure:   Plastic housing with integrated top-hat rail holder
105 x 45 x 75mm (L x W x H)
Enclosure rating:   IP20
Weight:   about 180g
Ambient temperature:   Storage: -40..+85°C 
Operating 0..+50°C (no stack mounting)
Permissible relative humidity:   5..95% RH, non-condensing
Permissible humidity:   0 ... 95% relative humidity, non-condensing
Scope of delivery:   1x Microwall IO
1x Quick Guide





Power Supply

Plug-in power supply, 24V / 500mA DC with Euro plug WT11021
Plug-in Power Supply, 24V / 750mA DC with Euro, US and UK plug WT11026
Power Supply for DIN rail mount, 24V / 630mA DC
(merchandise, 2-year manufacturer’s guarantee)

Mechanical Accessories

IP wall mount housing, 180 x 130 x 175 mm WT11120
Monteringsbeslag til vægmontering WT58812
DIN rail for mounting WT58813

Supplementary network products

Ethernet Switch Industry, 4 Port WT55604


WuTility WuTility

Units in box: 1