OPC-UA server and two NICs

I have Ignition installed on an industrial PC that has two NICs. I think it's a fairly common scenario - the customer database is on their corporate network and the PLC is on the control network. Both need to communicate with Ignition.

I have tested the connection to Ignition's OPC-UA server using a laptop running UAExpert connected on the corporate network, and this works fine.

I wanted to do a similar test by connecting that same laptop on the control network, but it cannot see the OPC-UA server.

The laptop has a different IP address for each network but even though I added both IP addresses into the OPC-UA server binding settings, I am unable to connect from the control network.

Anyone have any suggestions how to make this work? I'm not sure what's blocking it - I tried temporarily disabling the firewalls to eliminate that potential cause but it didn't fix the problem. I continue to get a "Bad Timeout" during the discovery process in UAExpert.

Is it necessary to bridge the two networks, somehow?

Easiest way is to use 0.0.0.0 for the bound IP. This binds all network connections on the PC so they can be connected to from anywhere.

Edit: @pturmel gives an even better explanation and solution below.

1 Like

IIRC, the Ignition setting only takes one address. Use 0.0.0.0 to listen on all networks. Use a firewall to block any undesirable traffic.

You will probably want to also give the PC a name for use in certificates, and arrange for DNS on each network to yield the right IP address on that side. (AKA "localizing queries" in dnsmasq or similar DNS caches.)

1 Like

Thanks for the quick replies!

Given that the OPC-UA server setting is labelled "Bind Addresses", I had assumed that I need to put every IP address (or host name) that I want to use as a client in that field. I had a comma separated list of about half a dozen addresses. Interestingly, that list included the 0.0.0.0 address that you mentioned - but it did not work until I removed all of the other addresses leaving only that one and restarted the OPC-UA module.

I will also check the DNS server situation.

Thanks so much for solving the puzzle!