Products / SMX-GTW10

SMX-GTW10

Industrial firewall and gateway — connect OT and office networks, control device access with virtual IPs, and enforce strict OT/IT traffic rules.

Network Gateway Access Control Firewall

The SMX-GTW10 is an industrial firewall and gateway that bridges networks with different IP subnets and enforces strict, per-device access control between them. Virtual IP mapping lets you reach any field device from the office network without touching its IP configuration — the gateway handles the routing transparently.

Bidirectional access lists define exactly which WAN address can reach which LAN device, and in which direction. Traffic not explicitly permitted is blocked by default by the stateful firewall.

Key Features

Virtual IP mapping — reach field devices via WAN-side virtual addresses without changing their configuration
Port forwarding — map any gateway port to any field device port (TCP, UDP, or ALL)
WAN→LAN access control — whitelist which external IPs can reach which field devices
LAN→WAN access control — control which field devices can initiate outbound connections
Multi-subnet routing — route specific IPs or ranges between LAN and WAN interfaces
Built-in L2 Ethernet switch — 2 LAN ports share the same subnet; devices communicate directly
Stateful firewall with real-time blocked packet monitor
Wi-Fi hotspot via SMX-N1559 — wireless access to configuration and LAN devices
Internet via WAN port or USB phone tethering
Configuration import/export via USB disk or web UI

Typical Use Case

A factory installs the SMX-GTW10 between the office LAN and the production network. A virtual IP on the office side maps to each PLC — the OEM engineer reaches their machine via the virtual address, never seeing other devices on the floor. The Access List ensures only the authorised engineer's IP has that path.

SMX-GTW10

Technical Specifications

Processor 1.2 GHz Quad Core

RAM 1 GB LPDDR2

Function Firewall + Router + Gateway

Access Control IP-based, bidirectional

NAT Port forwarding, virtual IP

Routing Multi-subnet

Firewall Stateful, default-deny

Network IPv4 & IPv6

Management Web UI (HTTP/HTTPS)

LAN Ports 2× RJ-45, 100 Mbps

WAN Port 1× RJ-45, 100 Mbps

USB Ports 2× USB 2.0 Type-A

Power Supply 24–30V DC, 3-pin terminal

Mounting DIN Rail (35 mm)

Operating Temp 0°C to +70°C

Storage Temp -40°C to +85°C

Humidity Max 95%, non-condensing

Dimensions (W×H×D) 42 × 101 × 114 mm

Weight 202 g

Request a Quote

Virtual IP & Port Mapping

Access any field device from the office network without changing its IP configuration. The gateway creates a virtual address on the WAN side that maps transparently to the device's real LAN address.

Define virtual WAN IPs that map to specific LAN device addresses
Forward any WAN port to any field device port (TCP, UDP, or both)
Restrict access per virtual IP or port — per-rule Allowed IPs list
No configuration changes required on target PLCs, drives, or panels

Bidirectional Access Control

Define exactly which devices can talk to which — in both directions. WAN→LAN rules whitelist which external addresses can reach field devices. LAN→WAN rules control which field devices can initiate outbound connections.

WAN→LAN: grant specific external IPs access to specific LAN devices
LAN→WAN: permit specific field devices to reach specific external addresses
Per-rule protocol selection: TCP, UDP, or ALL
IP address, subnet (/24 notation), or IP range supported per rule

Firewall & Routing

Traffic not explicitly permitted is blocked by default. The built-in firewall logs every blocked packet in real time. Custom routes direct specific IPs or subnets to either the LAN or WAN interface.

Stateful firewall — default-deny; only permitted traffic passes
Real-time blocked packet monitor: source, destination, protocol, port, MAC
Route Table: forward individual IPs, subnets, or ranges to LAN or WAN
Built-in L2 switch: 2 LAN ports share the same subnet, devices communicate directly

Also in the Products

SMX-RNS20

Remote Secure Connection

SMX-IoT10

Cloud & Edge Computing Solution