An OPC DA server is identified on a machine by its OPC Server ID. Both the NETx BMS Plattform and the NETx MP Server report as NETxBMSCoreServer40.
Typically, an OPC client application provides means for server discovery in the network and/or manual connection configuration.
The NETx Server is able handle multiple OPC client connections at the same time in an independent way. Each connect or disconnect request of an OPC client is logged in the server log.
DCOM
In case of an OPC DA connection through the network, make sure to configure DCOM accordingly.
In order to enable an OPC DA 2.05a communication between an OPC server and one or more OPC clients, different configuration steps are necessary. This includes a change of the Windows Firewall settings as well as the configuration of the Windows DCOM system and its security policy. This article shall act as a tutorial for configuring a remote OPC DA 2.05a connection.
Configuring Windows DCOM can be complex and time consuming. In addition, OPC DA communication may not be possible at all if, for example, the OPC server and the OPC clients are not in the same LAN. Therefore, NETxAutomation Software GmbH provides a solution called NETx Tunneller. The NETx Tunneller is a software tool that tunnels the OPC communication through a VNET connection. VNET is a proprietary protocol provided by NETxAutomation Software GmbH. VNET is based on a TCP/IP connection and thus a time consuming Windows DCOM configuration is not necessary. More information about the NETx Tunneller can be found at the website of NETxAutomation Software GmbH (http://www.netxautomation.com ).
This documentation shows the necessary configuration steps for setting up such a remote OPC DA 2.05a connection. The remote OPC client that shall connect to the NETx Server can be an OPC DA 2.05a client from any vendor. For the rest of this article, a remote OPC DA 2.05a client is simply referred to as OPC client.
As OPC client, clients that support OPC DA 3.0 can be used too since these clients are backward compatible to OPC DA 2.05a.
In addition, it is assumed that the NETx Server and the OPC client are running under one of the following operating systems:
Windows 11
Windows 10
Windows Server 2022
Windows Server 2019
Windows Server 2016
Although the following operating systems are not support anymore, this article is applicable to them:
Windows 7
Windows 8
Windows 8.1
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Please keep in mind that this documentation shall only act as an example how an OPC connection can be established. It is not guaranteed that this documentation is complete and that the described configuration steps fulfill the safety and security requirements of the IT infrastructure where it is applied. Changes to configuration settings could result in insufficient safety and security. Therefore, any change has to be reviewed and approved by the local system/security administrator.
In order to enable an OPC communication between an OPC server and one or more OPC clients, the following
steps are necessary:
Configuring the Windows Firewall
Changing the local security policy
Setting up a user
Configuring Windows DCOM
Windows Firewall Configuration
In order to permit OPC communication, the Windows Firewall has to be configured accordingly. This section described the necessary steps that have to be performed.
Allow DCOM communication from other computers
These steps have to be performed at both sides – at the OPC server and at the OPC client side.
By default, Windows blocks inbound DCOM connections from other computers. Therefore, the following steps have to be performed:
Open the Windows Firewall configuration dialogue (Control panel –> System and Security –> Windows Firewall) and select “Advanced settings” at the left hand side of the dialogue. The following dialogue appears:
Select “Inbound Rules” and enable the all rules that are named “Windows Management Instrumentation (DCOM-In)”.
Depending on the operating system and on the used configuration, one or more DCOM-In rules can exist. If on rules exist, create two inbound rules to allow TCP port 135 and UDP port 135.
Creating a rule for OPC enum
These steps have to be performed at the OPC server side only.
An inbound rule for the OPC Enum process has to be added. On the top left corner, select "‘Inbound rules ..."’. Afterwards, click “New Rule ...” at the top right corner. Within the dialog, select “Program” as rule type:
The attached document guides you through the configuration process