Configuring the Windows Server 2012 and Windows 8 firewall for DCOM and OPC
3. Configuring the Windows 8 and Windows Server 2012 firewall for DCOM and OPC
The DCOM technology the OPC technology is based on uses reserved system port 135. For servers and clients to run normally, you should permit these connections in your firewall. If the client and the server are located on different computers, firewall configuration is required. Below you can see an example of configuring the standard firewall in Windows 8. If the client and the server are used on one computer, there is no need to configure the firewall.
Fig. 9 Access to the computer or server management console
For Windows 8 users. To open the firewall management console, you should move the mouse pointer to one of the desktop corners. Select Settings - Control Panel - System and Security - Windows Firewall - Advanced Settings in the sidebar or run it from the command line (Win + R) using the "firewal.cpl" command.
3.1 Permitting DCOM activity
By default, Windows blocks inbound connections from other computer. For OPC clients to be able to connect to OPC servers on this computer, you should add rules for incoming DCOM connections.
Fig. 12 Adding a new rule
Fig. 13 Selecting the protocol
Fig. 14 Rule properties
Fig. 15 Rule range
Fig. 16 Rule name and finishing the New Inbound Rule Wizard
Repeat the steps above for the UDP protocol (fig. 13).
3.2 Creating rules for every OPC server
You need to permit activity for every OPC server running on this computer. Also, you should permit network activity for the OpcEnum system service that allows remote clients to receive the list of servers from this computer. The steps necessary to add a rule are similar to those specified above. Only the type of rule should be Program and you should specify the location of the executable program file in the next step. For example, when you add a rule on a 64-bit operating system for OpcEnum, you should specify the path C:\Windows\SysWOW64\OpcEnum.exe, while on a 32-bit operating system it will be C:\Windows\System32\OpcEnum.exe (fig. 17-18).
Fig. 17 Adding an individual rule
- Select the New Rule action;
- Select the Program rule type.
Fig. 18 Selecting the file
- Select the Program Path option;
- Specify the full path to the program and its file name;
- You can select the program on the disk using the Browse button.
You should repeat these steps to add a rule for every OPC server.
OPC and DCOM Configuration on Windows Server 2012 and Windows 8