OPC Connection Faulted: Endpoint Not Found

In attempt to make an OPC UA connection between the Gateway and Kepware, I have been getting this error: UaException: status=Bad_ConfigurationError, message=no matching endpoints found

It’s strange because it’s communicating with each other perfectly fine.
The firewall rules are off on each server, and we have port 49320 enabled for communication across the two servers, and local IT has confirmed that the communication is fine.

There is a communication issue somewhere, but in the past I have not came across any fault like this when the two servers are clearly finding each other. I am not sure why this connection is faulted. Has anyone came across a problem like this in the past, maybe you know a possible solution?

Also, I should mention that this is Ignition Version 8.1.18

You have likely configured the connection with a Security Policy that the server isn’t configured to support or an endpoint URL that is incorrect.

If you walk through the discovery process again you should be able to correct it.

If that doesn’t work, set the log level for the logger you find searching “opcua.client.ClientManager” to DEBUG and then edit/save or let it connect and then upload your logs.


So I walked through the discovery process again, and I changed the security policy (I wasn’t sure what the best security policy was to choose, but I have tried a couple different ones at this point). Anyways, I did not have much luck. I did get the logs you’re talking about, here is what they say:
Ignition-WPBWI19IE01_Ignition_logs_20220707-1113.idb (348 KB)

Can you go to the Status > OPC Connections area of the gateway and see what the current fault message is for that connection?

I believe I have not seen this one yet…

KSE is configured to require a username and password but you have not configured one on the connection.

So I am a bit confused… I would be required to input a username and password in this location when setting up the OPC UA connection in the Ignition Gateway?

Or is something that would have to be configured on the KSE side?

Yes, that’s where you would put the username and password for this connection. The KSE side is already configured to require some username and password and has not been configured to allow anonymous access.

This is the new error I am getting. Any idea what this means?
Ignition-WPBWI19IE01_Ignition_logs_20220707-1142.idb (540 KB)

What’d you change to get that error? I’m guessing you messed with the discovery or endpoint URL and removed the “opc.tcp://” prefix.

Ah ignore the last reply…

I think I know what the problem is:

I believe I have to create a service account between the two servers, right?

No… I already told you exactly what the problem was.

KSE requires a username and password by default. You or someone else set up KSE and configured one. Maybe it’s Administrator/password, maybe it’s something else.

You either need to put the correct credentials into the OPC UA connection settings for the KSE connection or go re-configure KSE so it allows anonymous connections.

Stop messing with other settings.

Ah okay I understand. Sorry for the previous confusion.

Thanks a bunch for your help Kevin

If you make any changes on the KSE side make sure you “reinitialize” the KSE service or whatever they call it. A lot of configuration changes won’t take effect until you do.

1 Like