800xA 5.1: error when adding a remote OPC node ("could not access the specified computer!") - firewall isse?

See the attached screenshot. I get the following error when trying to add a remote OPC server:

"Could not access the specified computer! Error: The network path was not found. (0x80070035)".

There is a firewall between the OPC node and the connectivity server, and I think this is the reason for the error.

I need to know exactly what services/ports need to be allowed in the firewall for this to work. I know port TCP 135 for DCOM/OPC must be open, but what else?

(I have already tested the OPC connection between the connectivity server and the remote OPC server node using a third-party OPC client and it does work.)

 remote_opc.jpg


Add New Comment


sekeze   

asked 3 months ago
Closed



Answers

0

Hello, for testing purpose better you can make transparent setting in firewall. It means, open all ports of Firewall and start communicating. Once this is okay, then do the setting only for Port No 135.

ershivkumar2002   

answered 3 months ago


 


By sekeze on 6/28/2017 | Like (0) | Report

Unfortunately I cannot do that. I have no access to the firewall configuration. I can apply for IT to open certain ports/services for me, but I'd need to know exactly which ports/services to apply for.


By ershivkumar2002 on 6/28/2017 | Like (0) | Report

Firewall engineer is the right person for configuration.


Add New Comment


0

This is the downside with DCOM.

Remember that the outgoing connection from System 800xA will be made from a process called AdvDsOPCConnector.exe running as a background service. A background service has less features enabled (eg no GUI possible) than a process running in the foreground, eg an OPC test client. OPC servers having a splash screen need to disable it, or they will hang when launched from the 800xA DA Connector.

For asynchronous DCOM, please note that OPC server must be permitted to post callbacks to the client (=AdvDsOPCConnector.exe).

See also attachments to my answer on this thread (http://www402.abbext.com/800xa-opc-client-q8372173.aspx). This is opposite direction, but the DCOM restrictions apply here as well.

Ultimately, an OPC Tunneler might be the easiest way out.

Stefan Stromqvist   

answered 3 months ago


 


By sekeze on 6/29/2017 | Like (0) | Report

Actually, for once I don't think this is a DCOM issue. I've got all the DCOM settings covered. Using two user accounts on both sides, I've got both synchronous/asynchronous read/write working between a third-party OPC client and the remote OPC node. I've sat the correct DCOM settings on the OPC DA connector.

I think the problem is that when I enter the IP address of a remote note in the Special Configuration tab of a OPC da connector service provider, it uses a port or service that disallowed in the firewall. Perhaps it uses "Client for microsoft networks", NetBIOS, ICMP or something else. I think the reason it works with the third-party OPC client because it *only* uses port tcp 135, which is the only port open in the firewall. Googling the error code 0x80070035 leads me to believe this.


By Stefan Stromqvist on 6/29/2017 | Like (0) | Report

Turn on firewall logging and see if something is dropped. The connector should be exempted from firewall by default config rules.


Add New Comment


0

https://advosol.com/p-22-opc-security-analyser.aspx

Its free and excellent for solving OPC security issues.

Rob Lyon   

answered 3 months ago


 


Add New Comment



Get weekly AKS updates


Partner Exclusive Webinars

 

> – Login to the partner portal to register



Points Redemption Program - Redeem your points for ABB training, Bluetooth speakers and mugs. Terms and conditions >


Earn points when you refer a friend
AKS Referral Program is "Live" - Learn more



AKS Experts


avatar
Ask Dieter Henkel   

Rank: 23


avatar
Ask Govindaraj   

Rank: 10

Working in ABB India Operation Center. Have Project engineering and commissioning experience in ABB 800xA, Freelance, AC500.


avatar
Ask Harsha.D   

Rank: 6

Tech.Support,software and commisioning engineer with Proficient knowledge in 800xA and its products, RNRP,Networking in general.


avatar
Ask Flavio Mussolin   

Rank: 4

ABB AVP, Senior Electronic and Automation Engineer with over 30 years of experience in the field of process automation automotive, pharmaceutical, hollow glass, steel and rolling.


avatar
Ask kstoilov   

Rank: 16

Control System Engineer: 800xA, Compact 800, AC500, AC31-50, Advant Master, Simatic, AC&DC Drives 11 years worked for ABB - Control Systems


avatar
Ask nikismith   

Rank: 261

I have been a part of the Recording & Control Factory team for 17 years in total, having spent a number of years as a repairs technician withi the manufacturing department, but being in my current role for 9 years now.


avatar
Ask MMM   

Rank: 5

ABB PA CT Technical Support


avatar
Ask Rob Lyon   

Rank: 3

info@lymac.co.nz I'm an independent DCS software and commissioning engineer with extensive experience in 800xA and other ABB products. I've worked in almost every corner of the world and still haven't seen it all.


avatar
Ask Sumit Gargav   

Rank: 2

I have worked with Freelance in majority, with 800xA FD and Melody system partly. Also had opportunity to work with Protocols - HART,Profibus,FF & Modbus.


avatar
Ask Stefan Stromqvist   

Rank: 1

I joined ABB in the year of 1994 and has since 1999 been working as a Service & Support Engineer at BU Control Technologies in Västerås, Sweden. My areas of expertise are: 800xA Base, 800xA for Advant Master, Information Management, operating systems, RNRP and Ethernet comms/networking in general.