OPC DA Stop working when Primary Control Network Switch is powered -off , packetfilter enabled in both RNRP router
When is which off the Control Network Switch A- OPC DA communication for both connectivity server is lost after some time .
When packet filter is disabled on the router the communication work back.
i have allowed below port between the firewall is there any additional port we need to open.
1) 137,102 TCP
2) 161,2757,2424 and 2423 UDP
Is there any additional port we need to to get the OPC DA working ?
Voted best answer
Do you ever search before asking?
That is a humle thing to ask on a public and free forum when others of generosity and other driving factors spend many hours typing long and detailed answers for the general public to enjoy and make project success, customer satisfaction and in the end real money out of.
One of the things I keep repeating with the NE870 in several of the threads it has been appearing in is the potential pitfall of using the stateful packet inspection firewall in conjunction with RNRP and redundant networks.
E.g. the below post contain a reminder, it was posted one year ago on one of your own questions:
Have you read the 800xA Networks, Getting Started Guide, 3BSE085444-424?
After reading it and seen my answer(s) you will know why the firewall rules in table 2.10 on page 46 and onwards are "so open" as they are in our own "getting started manual"! The MMS traffic may under certain network situations become asymmetric where outgoing and homecoming traffic uses different routers; in this situation, an improperly configured firewall in NE870 risk to block the MMS replies returned by the controllers because they arrive on the doorstep of a firewall that has not seen the outgoing question from the OPC server and therefore hasn't created a necessary relation preparing the firewall for an answer.
On a personal side note; I would not open up controller communication for anything that does not absolutely require it. The AC 800M OPC Server and the Control Builder M nodes are the few exceptions I can think of.