Advanced OPC Data Logger

Configuring Windows Firewall for DCOM and OPC on Windows 8, 2012, 2019, 2022

Download a Free Trial Version. It allows you to try all features! Plugins can be downloaded separately here

3. Configuring the Windows 10, 11, Windows Server 2019, 2022 firewall for DCOM and OPC

The DCOM technology the OPC technology is based on uses reserved system port 135. For servers and clients to run normally, you should permit these connections in your firewall. If the client and the server are located on different computers, firewall configuration is required. Below you can see an example of configuring the standard firewall in Windows. If the client and the server are used on one computer, there is no need to configure the firewall.

Access to the computer or server management console
Fig. 9 Access to the computer or server management console

For Windows 11, 11 users. To open the firewall management console, you should move the mouse pointer to one of the desktop corners. Select Settings - Control Panel - System and Security - Windows Firewall - Advanced Settings in the sidebar or run it from the command line (Win + R) using the "firewal.cpl" command.

3.1 Permitting DCOM activity

By default, Windows blocks inbound connections from other computers. For OPC clients to be able to connect to OPC servers on this computer, you should add rules for incoming DCOM connections.

Adding a new rule
Fig. 12 Adding a new rule

Selecting the protocol
Fig. 13 Selecting the protocol

Rule properties
Fig. 14 Rule properties

Rule range
Fig. 15 Rule range

Rule name and finishing the New Inbound Rule Wizard
Fig. 16 Rule name and finishing the New Inbound Rule Wizard

Repeat the steps above for the UDP protocol (fig. 13).

3.2 Creating rules for every OPC server

You need to permit activity for every OPC server running on this computer. Also, you should permit network activity for the OpcEnum system service that allows remote clients to receive the list of servers from this computer. The steps necessary to add a rule are similar to those specified above. Only the type of the rule should be "Program," and you should specify the location of the executable program file in the next step. For example, when you add a rule on a 64-bit operating system for OpcEnum, you should specify the path C:\Windows\SysWOW64\OpcEnum.exe, while on a 32-bit operating system it will be C:\Windows\System32\OpcEnum.exe (fig. 17-18).

Adding an individual rule
Fig. 17 Adding an individual rule

  1. Select the New Rule action;
  2. Select the Program rule type.

Selecting the file
Fig. 18 Selecting the file

  1. Select the Program Path option;
  2. Specify the full path to the program and its file name;
  3. You can choose the program on the disk using the Browse button.

You should repeat these steps to add a rule for every OPC server.

Related articles:

OPC and DCOM Configuration on Windows 10, 11, Windows Server 2019, 2022