Hi all

I have a client who has a Siemens S7 PLC sitting behind a Draytek 2862
I want to access the S7's OPC server on port 4840
I have tried port redirection on UDP and TCP, and I have tried opening port 4840.
Neither option seems to allow communication with the OPC server.
(VPN-ing onto the local network does allow access to the OPC server port 4840)

The protocol is opc.tcp:// binary.

Is this possible on Draytek 2826?

Many thanks.

You'll probably need to open a lot more ports than that as OPC relies on DCOM.

Personally, I'd stick to the VPN option for security reasons - you really don't want an automation controller/network accessible to the outside world.

^^ what he said re security.

I've worked on OPC servers....you want them behind a firewall and not open to the whole world.

Thanks both. This is OPC UA which is TCP/IP based not DCOM based (apparently).

Appreciate the sentiment RE port opening, but it's IP range protected and the OPC side is signed/encrypted read-only data.

Any further ideas? Thx.

That's correct, OPC UA doesn't use DCOM - I missed the opc.tcp bit at the bottom.

However, it does require different ports opening depending on *what* you want to access, have a look here: http://opcfoundation.github.io/UA-.NETStandard/help/firewall_settings.htm