As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.

EDR-G9004 Series

2 Gigabit copper + 2 Gigabit copper/SFP combo port industrial secure routers

moxa-edr-g9004-series-image-(1).jpg | Moxa
moxa-edr-g9004-series-image-1-(1).jpg | Moxa
moxa-edr-g9004-series-image-2-(1).jpg | Moxa

Features and Benefits

  • 4-port Gigabit all-in-one firewall/NAT/VPN/router
  • Gen3 LAN Bypass for system fault tolerance
  • Dual WAN redundant interfaces through public networks
  • Industrial-grade Intrusion Prevention/Detection System (IPS/IDS)
  • Visualize OT security with the MXsecurity management software
  • Secure remote access tunnel with VPN
  • Examine industrial protocol data with Deep Packet Inspection (DPI) technology
  • Easy network setup with Network Address Translation (NAT)
  • Developed according to IEC 62443-4-2 with Secure Boot
  • -40 to 75°C operating temperature range (-T model)


  • moxa-en50121-4-certification-logo-image.png | Moxa
Contact Sales


The EDR-G9004 Series is a set of highly integrated industrial multi-port secure routers with firewall/NAT/VPN functions. These devices are designed for Ethernet-based security applications in critical remote control or monitoring networks. These secure routers provide an electronic security perimeter to protect critical cyber assets including substations in power applications, pump-and-treat systems in water stations, distributed control systems in oil and gas applications, and PLC/SCADA systems in factory automation. Furthermore, with the addition of IDS/IPS, the EDR-G9004 Series is an industrial next-generation firewall, equipped with threat detection and prevention capabilities to further protect critical infrastructure from cybersecurity attacks.

Defend Against Malicious Threats With Advanced Cybersecurity Features

The EDR-G9004 Series’ embedded firewall uses policy rules to control network traffic between trusted zones while Network Address Translation (NAT) shields the internal network from unauthorized access by outside hosts. The Virtual Private Networking (VPN) functionality further provides users with secure communication tunnels when accessing the private network from the public Internet. To help protect your OT assets from cyberattacks, the EDR-G9004 Series supports Deep Packet Inspection (DPI) to examine the data portion of network packets for various OT-specific protocols.

Simplify Configurations With the User-friendly Interface and Quick Settings

The EDR-G9004 Series’ Setup Wizard provides an easy way for users to set up DMZ ports to create a secure network buffer zone in just three steps. In addition, the object-based firewall management feature gives engineers a simple way to configure and maintain firewall filtering for IP addresses and subnets, network services, industrial application services, and user-defined services.

Industrial-grade Design to Ensure Uninterrupted Network Connectivity

The EDR-G9004 Series’ rugged hardware makes these secure routers ideal for harsh industrial environments, featuring wide-temperature models that are built to operate reliably in hazardous conditions and extreme temperatures of -40 up to 75°C. Moreover, the EDR-G9004 Series supports WAN, Layer 3 redundancy mechanisms, and Gen3 LAN Bypass fault tolerance to ensure that your network stays connected at all times.

Virtual Patching and Intelligent Threat Protection

Patching remains a major challenge in OT environments because OT applications cannot afford interrupting operations by shutting down systems to apply patches. Virtual patching technology can help complement existing patch management processes by shielding known and unknown vulnerabilities. In addition, the EDR-G9004 features intelligent IPS functionality for continuous protection against cyberthreats which uses pattern-based detection to identify and block known attacks.

MX-ROS Addresses Growing Cybersecurity Threats

Moxa’s MX-ROS ( is a software platform for industrial security routers and firewalls. The platform supports the robust security and user-friendly operation of secure routers through simplified web and CLI interfaces. In addition to adhering to IEC 62443-4-2, MX-ROS devices offer a wealth of the latest cross-industry Operational Technology (OT) network management features with each release to safeguard hardware and software.

  • Alarm Contact Channels

    Resistive load: 1 A @ 24 VDC

  • Buttons

    Reset button

  • Digital Input Channels

    +13 to +30 V for state 1
    -30 to +3 V for state 0
    Max. input current: 8 mA

  • 10/100/1000BaseT(X) Ports (RJ45 connector)

    2 (with Gen3 LAN Bypass)

  • Combo Ports (10/100/1000BaseT(X) or 1000BaseSFP)


  • DMZ

    Supports DMZ port

  • Standards

    IEEE 802.3 for 10BaseT
    IEEE 802.3u for 100BaseT(X)
    IEEE 802.3ab for 1000BaseT(X)
    IEEE 802.3z for 1000BaseSX/LX/LHX/ZX
    IEEE 802.3x for flow control
    IEEE 802.1X for authentication

  • Management

    Back Pressure Flow Control
    DHCP Server/Client
    Web Console (HTTP/HTTPS)

  • Routing Throughput

    Max. 350K packets per second / 2 Gbps (based on RFC 2544)

  • Routing Table

    Max. 4K routing rules

  • Concurrent Connections

    Max. 400K (based on RFC 3511)

  • Connections Per Second

    Max. 20K (based on RFC 3511)

  • Routing Redundancy


  • Security

    Secure Boot
    L2TP (server)
    Trust access control

  • Time Management

    NTP Server/Client

  • Multicast Routing

    Static Route

  • Unicast Routing

    Static Route

  • LED Indicators


  • Technology

    FIN Scan
    ICMP Flood
    TCP Sessions Without SYN
    NMAP-ID Scan
    NMAP-Xmas Scan
    Null Scan
    SYN/FIN Scan
    SYN/RST Scan
    Xmas Scan

  • Filter

    Ethernet protocols
    IP address
    MAC address

  • Stateful Inspection

    Router firewall
    Transparent (bridge) firewall

  • Deep Packet Inspection

    Modbus TCP
    Modbus UDP
    IEC 60870-5-104
    IEC 61850 MMS
    Omron FINS
    Siemens S7 Comm.
    Additional protocols will be supported through future firmware updates.

  • Intrusion Prevention System

    Requires an additional license.

  • Throughput

    Max. 350K packets per second / 2 Gbps (based on RFC 2544)

    Max. 200K packets per second / 2 Gbps (based on RFC 2544)

  • Authentication

    MD5 and SHA (SHA-256)
    RSA (key size: 1024-bit, 2048-bit)
    X.509 v3 certificate

  • Concurrent VPN Tunnels

    Max. 250 IPsec VPN tunnels

  • Encryption


  • Protocols

    L2TP (server)
    PPTP (client)

  • Throughput

    Conditions: AES-256, SHA-256
    Max. 100K packets per second / 800 Mbps (based on RFC 2544)

  • Features

    NAT loopback
    Port forwarding

  • Event Type

    Firewall event
    VPN event

  • Media

    Local storage
    SNMP Trap
    Syslog server

  • Console Port

    RS-232 (TxD, RxD, GND), 3-pin (115200, n, 8, 1)

  • Connector

    USB Type-C

  • Connection

    Removable terminal block

  • Input Voltage

    12/24/48 VDC, redundant dual inputs

  • Operating Voltage

    9.6 to 60 VDC

  • Input Current

    1.01 A @ 12 VDC
    0.51 A @ 24 VDC
    0.27 A @ 48 VDC

  • Reverse Polarity Protection


  • Housing


  • Dimensions

    45 x 135 x 105 mm (1.77 x 5.31 x 4.13 in)

  • Weight

    800 g (1.76 lb)

  • Installation

    DIN-rail mounting
    Wall mounting (with optional kit)

  • Operating Temperature

    Standard Models: -10 to 60°C (14 to 140°F)
    Wide Temp. Models: -40 to 75°C (-40 to 167°F)

  • Storage Temperature (package included)

    -40 to 85°C (-40 to 185°F)

  • Ambient Relative Humidity

    5 to 95% (non-condensing)

  • Safety

    IEC 62368-1
    UL 62368-1

  • EMC

    EN 55032/35

  • EMI

    CISPR 32, FCC Part 15B Class A

  • EMS

    IEC 61000-4-2 ESD: Contact: 8 kV; Air: 15 kV
    IEC 61000-4-3 RS: 80 MHz to 1 GHz: 20 V/m
    IEC 61000-4-4 EFT: Power: 4 kV; Signal: 4 kV
    IEC 61000-4-5 Surge: Power: 2 kV; Signal: 4 kV
    IEC 61000-4-6 CS: 10 V
    IEC 61000-4-8 PFMF

  • Railway

    EN 50121-4

  • Shock

    IEC 60068-2-27

  • Freefall

    IEC 60068-2-32

  • Vibration

    IEC 60068-2-6

  • Time

    1,876,185 hrs

  • Standards

    Telcordia (Bellcore), GB

Support Documents

Name Type Version Release Date
Datasheet for EDR-G9004 Series (Preliminary)
1.6 MB
Datasheet v1.0 Jun 21, 2024 Jun 21, 2024

Available Models (0)

Show Images

product image

Buy online from distributors

Added To Bag
You have some items waiting in your bag; click here to finish your quote!