Configuring Windows Firewall for DCOM and OPC on Windows 7/2008

3. Configuring the Windows 2008 and Windows 7 firewall for DCOM and OPC

The DCOM technology the OPC technology is based on uses reserved system port 135 for its work. For servers and clients to run normally, you should permit these connections in your firewall. If the client and the server are located on different computers, firewall configuration is required. Below you can see an example of configuring the standard firewall in Windows 2008. If the client and the server are used on one computer, there is no need to configure the firewall.

Fig. 11 Access to the computer or server management console

For Windows 7 users. To open the firewall management console, use "Start" - "Control Panel" - "System and Security" - "Windows Firewall" - "Advanced settings" or run it from the command line with the "wf.msc" command.

For Windows 2008 Server users. To open the firewall management console, you may use the "The server management console" or run it from the command line with the "wf.msc" command.

3.1 Permitting DCOM activity

By default, Windows blocks inbound connections from other computer. For OPC clients to be able to connect to OPC servers on this computer, enable the corresponding rule.

Fig. 12 Firewall rule properties

Fig. 13 Permitting DCOM activity

For Windows 7 users. If the "COM+ network access" or "DCOM" rule is not in the list, create two "Port" rules.

1. Port 135 rule for the TCP protocol;
2. Port 135 rule for the UDP protocol;

3.2 Creating rules for every OPC server

You need to permit activity for every OPC server running on this computer. Also, you should permit network activity for the OpcEnum system service that allows remote clients to receive the list of servers from this computer.

Below you can see an example of how to create a rule for OpcEnum. Rules for other applications are created in a similar way.

Fig. 14 Adding an individual rule

1. Select the "New Rule" action;
2. Select the "Program" rule type;
3. Click the "Next" button.

Fig. 15 Selecting the file

1. Select the "Program Path" option;
2. Specify the full path to the program and its file name;
3. You can select the program on the disk using the "Browse" button;
4. Click the "Next" button.

Fig. 16 Rule properties

Fig. 17 Active profiles

Fig. 18 Rule name

Fig. 19 Active rules

You should repeat these steps to create a rule for every OPC server.

Related articles: Configuring Windows Firewall for DCOM and OPC on Windows 7/2008

• Inserting OPC data to MS Access database through ODBC (features: adding groups and items, inserting to an ODBC database)
• Adding a timestamp in the CSV file (features: OPC groups)
• How to log OPC data to a SQL database.
• OPC to MSSQL: Writing a lot of OPC tags to MS SQL 2008 database
• OPC to MSSQL: Writing several OPC tags to separate columns
• OPC to MySQL: Writing OPC tags to MySQL 5 database
• OPC to a database: Writing OPC tags to a database
• OPC to Excel: Writing OPC data to Excel
• Filtering data by a tag value and write data to a database only when the value will change
• Filtering data out if an OPC tag value is not equal to a specified value
• Processing or storing OPC data by an event from the OPC server
• Aggregating data from multiple servers to one OPC server

OPC and DCOM Configuration on Windows 2008 and Windows 7

• Part 1. Installing OPC Core Components.
• Part 2. OPC and DCOM Configuration. Creating a user and giving access permissions.
• Part 3. Configuring the Windows 2008 and Windows 7 firewall for DCOM and OPC.
• Part 4. DCOM Configuration. Dcomcnfg.
• Part 5. OPC and DCOM Configuration. Typical problems and solutions.

OPC and DCOM Configuration on Windows 10, 11, Windows Server 2019, 2022

• Part 1. Installing OPC Core Components.
• Part 2. OPC and DCOM Configuration. Creating a user and giving access permissions.
• Part 3. Configuring the Windows 10, 11, Windows Server 2019, 2022 firewall for DCOM and OPC.
• Part 4. DCOM Configuration. Dcomcnfg.
• Part 5. OPC and DCOM Configuration. Typical problems and solutions.