Avatar

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
Connection problem with Kepserver
February 1, 2023
15:20, EET
Avatar
Permadar
Member
Members
Forum Posts: 5
Member Since:
February 1, 2023
sp_UserOfflineSmall Offline

Hi All,

I have a Kepware KEPServerEX which i can connect to through the Windows Prosys OPC UA Browser using opc.tcp://localhost:49320, however i cannot connect to it using the OPC UA Client for android using the same Uri. The app connects fine to the Prosys OPCUA Demo Server.

Does anyone use the app to connect to a Kepware KEPServerEX? Or have any suggestions on what to try?

Thanks.

February 1, 2023
15:42, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 323
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

Hello,

Are you running the Kepware KEPServerEX and the Prosys OPC UA Client for Android on the same host? Since you mentioned that you’re using “opc.tcp://localhost:49320” as the connection address, this would imply that you’re attempting to connect to a Server that is running on the same host as the Client. Otherwise, you would have to replace the “localhost” part of the connection address with the hostname or the IP of the device running the Kepware KEPServerEX.

If you are running them on the same host or have modified the connection address appropriately, can you provide more information on the connection problem, e.g. error messages from the Prosys OPC UA Client for Android or the Kepware KEPServerEX?

February 1, 2023
15:59, EET
Avatar
Permadar
Member
Members
Forum Posts: 5
Member Since:
February 1, 2023
sp_UserOfflineSmall Offline

Hi,

Thank you for the reply.

Apologies for the confusion, no they are not on the same host. I incorrectly typed localhost rather than hostname, which is in the form machine.domain.local. I have tried both the hostname and the IP on the app but neither work.

The error message i get on the app is ‘Connection failed, check your network connection’.

February 2, 2023
8:48, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 323
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

Hello,

Have you confirmed that the devices running the applications are connected to each other? Have you tried pinging the device running the KEPServerEX from the device running the Prosys OPC UA Client for Android?

For example, you could try pinging with the following application: https://play.google.com/store/apps/details?id=ua.com.streamsoft.pingtools&hl=en_US&gl=US&pli=1

February 2, 2023
9:18, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 323
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

In addition, have you tried connecting to the KEPServerEX with Prosys OPC UA Browser when they’re running on different devices? If you are unable to connect with Browser, there might be something wrong with the firewall settings of the device running the KEPServerEX since you were able to connect when running them on the same host.

You could also use Wireshark on the device running the KEPServerEX to capture traffic between it and the Client applications and check if the Server is receiving any messages from the Clients. See https://www.prosysopc.com/blog/opc-ua-wireshark/ for instructions on how to capture OPC UA communication with Wireshark.

February 2, 2023
16:35, EET
Avatar
Permadar
Member
Members
Forum Posts: 5
Member Since:
February 1, 2023
sp_UserOfflineSmall Offline

Hi,

Thank you for the replies.

Using the PingTools app i can ping the server from the android device.

The Prosys OPC UA Browser is on a different machine to the KEPServerEX and as mentioned does connect fine.

I have installed Wireshark onto the server and the only device i can see connecting through the OPC port is the machine with the Prosys OPC UA Browser installed. Nothing from the android device.

February 3, 2023
11:07, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 323
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

Hello,

Have you tried to “ping” the TCP port of device running the Kepware KEPServerEX from the device running Prosys OPC UA Client for Android? There seems to be a tool for this, though we haven’t tested it personally: https://play.google.com/store/apps/details?id=com.wahoovpn.tcp_ping&hl=en_US&gl=US

You could also try to enter the hostname and the port of the Server to a web browser on your Android device in the following form: “hostname:port”. If you see a TCP error message, it means that the port replied. Otherwise, you would just see a generic unable to connect error message.

Being able to regularly ping the the device but not connect to the Server would suggest that there is a firewall between the devices that is blocking the TCP ports used to connect to the Server. Have you checked the firewall settings on the devices running the applications and verified that the TCP ports they would use have not been blocked?

February 3, 2023
14:26, EET
Avatar
Permadar
Member
Members
Forum Posts: 5
Member Since:
February 1, 2023
sp_UserOfflineSmall Offline

Hi,

I have managed to figure this out now. I’m a bit embarrassed that i didn’t figure it out earlier!

So within Wireshark, there was nothing when trying to connect using the hostname, however when i changed the hostname to the IP address and tried to connect i could see the connection attempt. I could then see in the opensecurechannel message that android device wasn’t sending a certificate, which the opc server is requesting. As the android app doesn’t send a certificate i set the OPC UA Configuration server endpoint to allow no certificates and the app now connects.

Thank you for your assistance on this issue.

A follow up question – Do you know of a way for the android app to send a certificate to make the connection secure?

February 3, 2023
15:39, EET
Avatar
Matti Siponen
Moderator
Members

Moderators
Forum Posts: 323
Member Since:
February 11, 2020
sp_UserOfflineSmall Offline

Hello,

Prosys OPC UA Client for Android can be configured to send its certificate by checking the “Secure connection” checkbox when creating new or editing existing connections. When the checkbox is checked, the Client will attempt to connect using MessageSecurityMode Sign&Encrypt and SecurityPolicy Basic128Rsa15.

Note, that Basic128Rsa15 has been deprecated in OPC UA Specification version 1.04 and the Kepware KEPServerEX might not support it. This was the common SecurityPolicy when the application was created.

You might also have to configure the Kepware KEPServerEX to trust the Andoid Client’s certificate before you connect using it.

February 3, 2023
16:15, EET
Avatar
Permadar
Member
Members
Forum Posts: 5
Member Since:
February 1, 2023
sp_UserOfflineSmall Offline

Hi,

That works perfectly! Thank you for your assistance and passing on your knowledge.

Forum Timezone: Europe/Helsinki

Most Users Ever Online: 518

Currently Online:
14 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

hbrackel: 135

pramanj: 86

Francesco Zambon: 81

rocket science: 77

Ibrahim: 76

Sabari: 62

kapsl: 57

gjevremovic: 49

Xavier: 43

fred: 41

Member Stats:

Guest Posters: 0

Members: 697

Moderators: 16

Admins: 1

Forum Stats:

Groups: 3

Forums: 15

Topics: 1470

Posts: 6268

Newest Members:

luzescobedo63, liliana81q, MinniePries, 42or, kaisa, sonbranson085, Pedromon, dalevine155279, Tailor, BetseyJep

Moderators: Jouni Aro: 1012, Otso Palonen: 32, Tuomas Hiltunen: 5, Pyry: 1, Petri: 0, Bjarne Boström: 983, Heikki Tahvanainen: 402, Jukka Asikainen: 1, moldzh08: 0, Jimmy Ni: 26, Teppo Uimonen: 21, Markus Johansson: 42, Niklas Nurminen: 0, Matti Siponen: 323, Lusetti: 0, Ari-Pekka Soikkeli: 5

Administrators: admin: 1