All-in-one Router Switch with NAT/Firewall/VPN, Routing, L2+ Switching
・Highly integrated Secure NAT/Firewall/VPN Router and L3/L2 Managed Switch features
High-performance CPU & Full Gigabit Switching
・ Powerful 1.2GHz ARM Cortex-A9 processor
・Non-blocking switch fabric design
・8 flexible Class of Service(CoS) queues
・16K MAC address table
・ 9Kb Jumbo Frame
・Fiber ports support both 100M and 1000M SFP
・DDM function for fiber connectivity monitoring
・Energy-Efficient Ethernet for power saving
WoMaster ERPSv2 PLUS Ring Technology
・ITU G.8032 v1/v2 ERPS Ring Redundancy & HW-based CFM for quick acknowledgment while GbE copper link failure, providing 20ms recovery time and seamless restoration.
・ ERPSv2 available to replace legacy Ring + Chain + Dual Homing
・Inter-Operability with 3rd party industrial switch and still remain fast recovery time.
・Support Enhanced RSTP for large ring network topology with up to 80 switches.
IEC62443-4-2 Level 3 / 4 Cyber Security
・802.1X/RADIUS port-based access control
・IP Security/Port Security
・HTTPs/SSH Management IP secure access
・Supports advanced cybersecurity features, 802.1X MAB, TACAS+, DHCP Snooping, IP Source Guard, Dynamic ARP Inspection, advanced Port Security & L2-L7 Access Control List
L2+ Management Switch Features
・Various configuration paths, including WebGUI, CLI,
SNMP, Modbus TCP, LLDP topology control
・Layer 2 Switch features include VLAN, QoS,
LACP/Trunk, Rapid Spanning Tree protocol…etc.
・IGMP Snooping v1/v2/v3, IGMP Query, 512 L2 Multicast Groups for video applications
Industrial IoT LAN & Cloud Management
・Support WoMaster Software Utilities:
-NetMaster Network Management System
-ViewMaster for Configuration Management
-ThingMaster, ThingMaster OTA for device management
・Support MQTTS protocol, ready to use AWS/Azure and Private
Cloud Agent for cloud management
Rugged Design for Wayside Network Switching with Wide Power Input Range
・10~60V wide power range design with redundant
・Excellent heat dissipation design for operating in
・High level EMC protection exceeding traffic control
and heavy industrial standards’ requirements
・IEC 61000-6-2/4 Heavy Industrial Environment
・EN50121-4 railway trackside EMC compliance
√ ITU-T G.8032 ERPSv2 gives ultimate Inter-Operability, Flexibility, and Scalability
G.8032 v.2 ERPS is becoming the most common standard for redundancy on industrial networks and replacing proprietary ring redundancy and standard Ethernet Ring Switching, as it provides stable protection of the entire Ethernet Ring from any loops and open standard for 3rd party devices. The ITU-T G.8032 v2 ERPS recovers the network break within less than 20ms recovery time thus significantly increases network reliability for critical IIoT applications, such as heavy industrial automation (power substation and oil and gas vertical markets), ITS (traffic control, public transportation), railway networks, and other smart city applications concerning public safety.
G.8032 v1 only supports single ring topology, whilst G.8032 version 2 additionally features recovery switching for Ethernet traffic in Multiple Ring (ladder) of conjoined Ethernet Rings by one or more interconnections which saves deployment costs by providing wide-area multipoint connectivity with a reduced number of links. Deploying switches with support of G.8032 v2 ERPS ensures highly resilient Ethernet infrastructure whilst simultaneously saving costs, as they can interoperate with third-party switches and still guarantee fast network recovery time without any data loss.
√ ITU-T G.8032 ERPSv2 reduces coupling Ring failure recovery time
The G.8032 ERPS v2 technology effectively saves the recovery time for coupling ring link breakdown from 300 sec to less than 20ms by immediately change the topology of both major ring and subring.
√ WoMaster ERPS v2 PLUS Technology – Fast Giga Copper Recovery Time
The adaption of Broadcom® CFM Technology can reduce CFM Transmission for link failure within 3.3ms, thus to detect the ring link fault within 11.55ms (3.5 times the CFM Interval) for ERPSv2 mechanism to respond. Once the ring port fails, the ERPS RPL-Owner will forward the backup port and recover the GbE copper within 20ms under the condition that 250pcs nodes in one ring
√ Advanced Port Based Security- IEEE802.1 x MAB (MAC Authentication Bypass)
MAB enables port-based access control by bypassing the MAC address authentication process to TACACS+/Radius Server. Prior to MAB, the endpoint's (ex. PLC) identity is unknown and all traffic is blocked. The switch examines a single packet to learn and authenticate the source MAC address. After MAB succeeds, the endpoint's identity is known and all traffic from that endpoint is allowed. The switch performs source MAC address filtering to help ensure that only the MAB-authenticated endpoint is allowed to send traffic.
In addition to MAB, the authentication can also be done by the pre-configured static or auto-learn MAC address table in the switch.
√ DHCP Snooping
DHCP snooping acts like a firewall between untrusted hosts and trusted DHCP servers. It performs the following activities:
DHCP snooping is enabled on a per-VLAN basis. By default, the feature is inactive on all VLANs. You can enable the feature on a single VLAN or a range of VLANs.
√ Dynamic ARP Inspection (DAI)
DAI validates the ARP packets in a network. DAI intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from some man-in-the-middle attacks.
DAI ensures that only valid ARP requests and responses are relayed. The switch performs these activities:
DAI determines the validity of an ARP packet based on valid IP-to-MAC address bindings stored in a trusted database, the DHCP snooping binding database. This database is built by DHCP snooping if DHCP snooping is enabled on the VLANs and on the switch. If the ARP packet is received on a trusted interface, the switch forwards the packet without any checks. On untrusted interfaces, the switch forwards the packet only if it is valid.
√ IP Source Guard
IP source guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host's IP address. The feature uses dynamic DHCP snooping and static IP source binding to match IP addresses to hosts on untrusted Layer 2 access ports.
Initially, all IP traffic on the protected port is blocked except for DHCP packets. After a client receives an IP address from the DHCP server, or after static IP source binding is configured by the administrator, all traffic with that IP source address is permitted from that client.
Traffic from other hosts is denied. This filtering limits a host's ability to attack the network by claiming a neighbor host's IP address.
√ NMS NetMaster Made Easy Deploy and Visualize Large Scale of ERPS Ring and VLANIt is very time consuming and technical to set up a large group of ERPS v2 ring. However, NetMaster NMS provides a smart way to configure a group of ERPS ring and visualize ERPS major/subring in purple/yellow color. With VLAN visualization, devices, ports, and links with the VLAN ID will be colored-coded.
The Layer 3 switch with Broadcom® ASIC (A Dedicated Chip) can perform routing at wire-speed, which is much faster and efficient than software routing by CPU loading. Compared with a that simply makes routing functions, the Layer 3 switch can handle larger networks with a lot of broadcasts, subnets and/or VLANs that require higher performance.
The layer 3 switch also handles complicated routing network topologies involving Inter VLAN routing, Dynamic routing, OSPF v1/2, RIP v1/2, Static routing with broadcast traffic control.
√ Virtual Router Redundancy Protocol (VRRP)
WoMaster Layer 3 Managed Switch designs with the OSPF Version 2 specification. OSPF calculates the shortest route to a destination through the network-based algorithm. When compared with RIP (Routing Information Protocol) which is a distance vector-based routing protocol, OSPF can provide scalable network support and faster convergence time for network routing state by calculating the cost of the route, taking into account bandwidth, delay and load. As a result, OSPF is widely used in large networks such as ISP (Internet Service Provider) backbone and enterprise networks for calculating routes through large and complex local area networks.
√ Open Shortest Path First (OSPF)
MQTT relies on the TCP transport protocol. By default, TCP connections do not use an encrypted communication. To encrypt the whole MQTT communication, ThingsMaster and other MQTT brokers allow use of TLS instead of plain TCP. In the mission-critical industrial application, encryption is mandatory and highly suggested for industrial communication.
The MQTTS is standardized at IANA as “secure-mqtt”. All WoMaster Routers and Switches support the latest TLSv1.2 encryption and X.509 authentication.
|Standard||IEEE 802.3 10Base-T Ethernet|
|IEEE 802.3u 100Base-TX Fast Ethernet|
|IEEE 802.3u 100Base-FX Fast Ethernet Fiber|
|IEEE 802.3ab 1000Base-T Gigabit Ethernet Copper|
|IEEE 802.3z Gigabit Ethernet Fiber|
|IEEE 802.3x Flow Control and back-pressure|
|IEEE 802.3az (Energy Efficient Ethernet)|
|IEEE 802.1p Class of Service (CoS)|
|IEEE 802.1Q VLAN and GVRP|
|IEEE 802.1AB Link Layer Discovery Protocol (LLDP)|
|IEEE 802.1D-2004 Rapid Spanning Tree Protocol (RSTP)|
|IEEE 802.1S Multiple Spanning Tree Protocol (MSTP)|
|IEEE 801.1AX/802.3ad Link Aggregation Control Protocol (LACP)|
|IEEE 802.1x Port-based Network Access Protocol|
|IEEE 1588 Precision Time Protocol v2|
|ITU-T G.8032 version 2 Ethernet ring protection switching(ERPSv2)|
|Switch Technology||Store and Forward Technology with Non-Blocking Switch Fabric
Internal Packet Buffer: 4Mb
Forwarding rate: 14.88Mpps/10-port (1,488,000pps/Gigabit port)
|CPU/RAM||Cortex-A9, max. 1.2GHz, DDR3 2Gb|
|Number of MAC Address||16K|
|Jumbo Frame||9216 Bytes|
|VLAN||256 VLANs, VLAN ID 1~4094|
|Traffic Prioritize||8 Priority Queues per Port|
|Ethernet Port||8 x 100/1000Base-T RJ45 Auto-Negotiation, Auto MDI/MDIX, 2 x 100/1000M SFP|
|System LED||2 x Power: Green On, 1 x DO/Alarm: Red On
1x SYS, 1x DI, 1x Ring Status (Reserved by ODM Request)
(SYS: Ready: Green On, Firmware Updating: Green Blinking, DI : Green On, Ring: Ring Status: Node Normal: Green On, Owner Normal: Green Blinking, Owner/Node Abnormal: Amber On, Ring Port Fail: Amber Blinking)
|Ethernet Port LED||Link (Green On), Activity (Green Blinking), Speed 1000M(Amber On), Speed 100M (Off)|
|SFP LED||Port: Link (Green On), Activity (Green Blinking); 1000M: Speed 1000M (Amber On), Speed 100M (Off)|
|Reset||System Reboot(2-6 Seconds)/Default Settings Reset(over 7 Seconds)|
|Console||1 x RS232 in RJ45 for System Configuration. Baud Rate: 115200.n.8.1,
Pin Define: 3: TxD, 6:RxD, 5:GND (Configured by Internal Jumper)
|Digital Input, Digital Output||4-Pin Removable Terminal Block Connector, 2-Pins for DI, 2-Pins for DO (Relay Alarm)
1x Digital Output: Dry Relay Output with 0.5A /24V DC
1x Digital Input: High: DC 11V~30V, Low: DC 0V~10V
|Power Input||4-Pin Removable Terminal Block Connector for Redundant Power|
|Input Voltage||24VDC (10~60VDC)|
|Reverse Polarity Protect||Yes|
|Input Current||0.45A @ 24V|
|Power Consumption||Max. 10.8W@24VDC full traffic, suggest reserving 15% tolerance|
|Management||WebGUI, Command Line Interface (CLI), IPv4/IPv6(RFC2460), Telnet, SNMP v1/v2c/v3, RMON, SNMP Trap, LLDP, DHCP Server/Client/Option 82, TFTP, System Log, SMTP|
|Traffic Management||Flow Control, Rate Control, Storm Control, CoS, QoS, RFC 2474 DiffServ|
|Filter||IGMP Snooping v1/v2/v3, IGMP Snooping Fast-Leave/Immediate-Leave, IGMP Query, GMRP, IEEE802.1Q VLAN, QinQ, GVRP, Private VLAN, IGMP Query Solicitation/Request*, MLDv1/v2 Snooping*, IEEE 802.1v*|
|Security||IEEE 802.1X/RADIUS, TLS v1.2, Access Control List (ACL, MAC/IP/ARP filter), HTTPs/SSH secure login, First login password management|
|Advanced Security||Advanced Security: TACACS+, Mutli-user authentication, IEEE802.1x MAB, DHCP Snooping/IPSG, Dynamic ARP inspection, DoS/DDoS*, Adv. Port security*, SFTP|
|Redundancy||WoMaster ERPSv2 Plus, ITU-T G.8032 v1/v2 Ethernet Ring Protection Switching (ERPSv2), HW CFM, Loop Protection, Rapid Spanning Tree Protocol/Spanning Tree Protocol (RSTP/STP), Multiple Spanning Tree Protocol (MSTP)
eRSTP (Enhanced Rapid Spanning Tree), up to 80 switches in one Ring
|Time Management||NTP, IEEE 1588 Precision Time Protocol v2|
|Layer 3 / Router OS
|Dual WAN interfaces
Routing: RIPv2, OSPFv2, Static Multicast Route*, VRRPv2
NAT: 1-1 NAT, NAPT(SNAT/DNAT), Port forwarding, R-NAT*, TTDP*
Firewall: Stateful Inspection firewall, DMZ, Deep packet inspection for Modbus TCP/UDP*
VPN: IPSec, OpenVPN, DMVPN*, PPTP*, L2TP*, GRE*. Encryption includes DES/3DES/AES128/AES256
|Industrial IoT||Modbus TCP, MQTTS*, RESTful API*, EtherNet/IP*|
|Cloud Management||AWS Agent, Azure Agent, ThingsMaster, ThingMaster OTA|
|MIB||ERPS MIB, MIB-II, Ethernet-like MIB*, P-BRIDGE MIB, Q-BRIDGE MIB, Bridge MIB, RMON MIB Group 1, 2, 3, 9*, WoMaster Private MIB|
|Diagnostic||LLDP, Port Mirror, Ping, Port Statistic, Event Log|
|Enclosure Material||Steel Metal with Aluminum Side Heat Sink|
|Dimension||65x155x125 (W x H x D) / without DIN Rail Clip|
|Weight||~985g without package|
|Humidity||0%~95% Non- Condensing|
|EMI||CISPR 22, FCC part 15B Class A|
|EMC||EN61000-6-2/EN61000-6-4, EN50121-4 Compliance for Railway Roadside|
|DRS610||Industrial 10-port Full Gigabit Secure Router Switch with NAT/Firewall/VPN/L3switching, 2GT WAN+6GT LAN+2GSFP LAN|
|WR610GR-LTE*||Industrial 10-port Full Gigabit Secure Cellular Router Switch with NAT/Firewall/VPN/L3switching, 2GT WAN+6GT LAN+2GSFP LAN, LTE|
|1 x Product Unit (Without SFP Transceiver)|
|2 x 4-pin Removable Terminal Block Connector|
|1 x Attached Din Clip|
|1 x Quick Installation Guide|
|MK-D1-2||Wall-mounting kit with 2 plates and 8 screws|
|CBL-RJ45F9-1.5M||Serial RS232 console cable RJ45 to DB9 Female 1.5Meter|
|PSD40-24||40W/24VDC DIN-rail power supply|
|SFPGEM05||SFP, 1000Mbps, LC, multi, 550M, 0~70°C|
|SFPGEM05T||SFP, 1000Mbps, LC, multi, 550M, -40~85°C|
|SFPGEM05D||SFP, 1000Mbps, LC, multi, DDM, 550M, 0~70°C|
|SFPGEM05DT||SFP, 1000Mbps, LC, multi, DDM, 550M, -40~85°C|
|SFPGEM2||SFP, 1000Mbps, LC, multi, 2KM, 0~70°C|
|SFPGEM2T||SFP, 1000Mbps, LC, multi, 2KM, -40~85°C|
|SFPGEM2D||SFP, 1000Mbps, LC, multi, DDM, 2KM, 0~70°C|
|SFPGEM2DT||SFP, 1000Mbps, LC, multi, DDM, 2KM, -40~85°C|
|SFPGES10||SFP, 1000Mbps, LC, single, 10KM, 0~70°C|
|SFPGES10T||SFP, 1000Mbps, LC, single, 10KM, -40~85°C|
|SFPGES10D||SFP, 1000Mbps, LC, single, DDM, 10KM, 0~70°C|
|SFPGES30||SFP, 1000Mbps, LC, single, 30KM, 0~70°C|
|SFPGES30T||SFP, 1000Mbps, LC, single, 30KM, -40~85°C|
|SFPGES30D||SFP, 1000Mbps, LC, single, DDM, 30KM, 0~70°C|
|SFPGES10-A||SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1310nm RX-1550nm, 0~70°C|
|SFPGES10-B||SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1550nm RX-1310nm, 0~70°C|
|SFPGES10T-A||SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1310nm RX-1550nm, -40~85°C|
|SFPGES10T-B||SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1550nm RX-1310nm, -40~85°C|
|SFPGES10D-A||SFP, 1000Mbps, LC, single, DDM, 10KM, BiDi TX-1310nm RX-1550nm, 0~70°C|
|SFPGES10D-B||SFP, 1000Mbps, LC, single, DDM, 10KM, BiDi TX-1550nm RX-1310nm, 0~70°C|