Configure the run-time node firewall

Important: The firewall rules must be added to the node to which the OPC UA Server Service is deployed.

To configure the run-time node firewall

On the run-time node(s) where the OPC UA Server Service is deployed, open the Windows firewall and configure it as follows:

1. In the Windows Search bar, open Windows Firewall.

2. Select Advanced Settings and create an Inbound Rule.

   

3. Select "New Rule." The Rule Wizard opens.

4. Select Program for the Rule Type and select Next.

5. Browse to the OPC UA Server location. If System Platform was installed in the default location, the path should be:

   C:\Program Files (x86)\Common Files\ArchestrA\Services\OPCUAService

   

6. Select "ArchestrA.OPCUA.ServiceHost.exe" and then select Open.

   This adds the file path to the wizard. Select Next.

7. On the Action dialog box, select the option "Allow the connection" and then select Next.

8. The wizard will ask when the rule applies.

   • For Domain environments: Select Domain and Private. We recommend that you deselect Public.

   • For Workgroup environments: Select Public. The Domain and Private settings have no affect in a Workgroup environment.

   

9. Finally, provide a name for this rule (for example, "OPC UA Server"). If you will be configuring multiple OPC UA services from Application Server, be sure to use names that differentiate each service from the others.

10. Now, check that the new rule has been added to the list of InBound Rules in the Windows Firewall and that it is enabled.

    

11. Verify that you can connect to the run-time node from the OPC UA client node by repeating the Firewall test.