logo

Notification

Icon
Error

Options
Go to last post Go to first unread
Offline sev  
#1 Posted : Friday, June 10, 2016 11:01:40 AM(UTC)
sev

Rank: Newbie

Joined: 6/10/2016(UTC)
Posts: 2

Hello, just struggling accessing OPC Server which is behind NAT.
Not DCOM ones. If the client initiate connection behind NAT to Server in cloud
-it's ok.
How to access Server behind NAT\UTM ??, I was thinking about tunnelling...

What's the solution to this problem ?
Offline Roger Fortune  
#2 Posted : Monday, June 13, 2016 1:44:29 PM(UTC)
Roger Fortune

Rank: Advanced Member

Joined: 10/21/2014(UTC)
Posts: 105

Was thanked: 35 time(s) in 32 post(s)
OPC is based on DCOM which was designed in days where routing/firewalls did not exist. As technology has evolved, challenges have grown which prevent successful OPC communication. MatrikonOPC Tunneller overcomes restrictions on DCOM by wrapping up the DCOM communications and transporting the data over a single TCP port. This makes the data firewall/router/NAT friendly. I would suggest downloading MatrikonOPC Tunneller from http://www.matrikonopc.com and installing it on both the OPC Client and OPC Server machines. Then ensure that port 21379 (TCP) is open in both directions between the OPC Client and OPC Server. If you have any trouble in getting this working, please contact MatrikonOPC Support at support@matrikonopc.com.
Offline sev  
#3 Posted : Tuesday, June 14, 2016 8:37:14 AM(UTC)
sev

Rank: Newbie

Joined: 6/10/2016(UTC)
Posts: 2

Originally Posted by: Roger Fortune Go to Quoted Post
OPC is based on DCOM which was designed in days where routing/firewalls did not exist. As technology has evolved, challenges have grown which prevent successful OPC communication. MatrikonOPC Tunneller overcomes restrictions on DCOM by wrapping up the DCOM communications and transporting the data over a single TCP port. This makes the data firewall/router/NAT friendly. I would suggest downloading MatrikonOPC Tunneller from http://www.matrikonopc.com and installing it on both the OPC Client and OPC Server machines. Then ensure that port 21379 (TCP) is open in both directions between the OPC Client and OPC Server. If you have any trouble in getting this working, please contact MatrikonOPC Support at support@matrikonopc.com.


Hi Roger, thanks... but I think the problem will persists:
whichever box {router(NAT) || utm(sometimes w/proxy_SSL) stands on edge ...as routing
device to access internet(WAN) form internal network(LAN)- the port 21379 has to be accessible-
forwarded to outside world or IP in DMZ, exclusion to rule proxySSL has to be set.
Is that what you mean by '21379 (TCP) is open in both directions' ??
Unfortunately in many-many cases I have no access to those devices, in some places
is prohibit by security rules to do such things...

B.R.Sev.
Offline Roger Fortune  
#4 Posted : Wednesday, June 15, 2016 2:03:08 AM(UTC)
Roger Fortune

Rank: Advanced Member

Joined: 10/21/2014(UTC)
Posts: 105

Was thanked: 35 time(s) in 32 post(s)
If you are using a DMZ, the MatrikonOPC DMZ Agent solution may be what you need. Please contact your MatrikonOPC Account Manager so they can fully architect a proper solution for you. If you do not have an Account Manager, please email opcsales@matrikonopc.com.
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Matrikon Subscribe  |   Matrikon Unsubscribe  |   Global Unsubscribe  |   Privacy Statement  |   Do Not Sell My Personal Information   |   Cookie Notice