Recent Control & Safety Systems Discussions
Similar Posts
New Emerson Smart Firewall Product Data Sheet
Is the Smart Firewall Necessary in Some Architectures?
FireWall
ASA Firewalls
Firewall-IPD and CIOCs
Share
  • Not Answered

Emerson Smart Firewall configuration

Hi all. 

I'm trying to configure the Emerson Smart Firewall with such parametrs:

Internal port 192.168.1.100/24;

External port 192.168.41.100/24;

1. Internal workstation (APP) - 192.168.1.101/24;

2. External workstation(OPC_client) - 192.168.41.101/24

Also I've Added a rule for ping and changed operation mode to Normal/Allow All. But anyway can't connect this 2 stations and connections list is empty.

I have a ping from APP to external and internal ports, but don't have ping from OPC_client to external and internal ports.

Could someone explain me what is wrong?

 

Jonibek

2 Replies

  • Alexandre Peixoto
    A couple of things to check:
    - Make sure you have the latest firmware version running on the firewall.
    - The Emerson Smart Firewall is hardset to not reply ping commands coming from external port. You can configure a ping rule to allow an external device to ping an internal device (and vice-versa) but you cannot change anything to ping the external/internal ports of the firewall from an external device.
    - If in Allow All mode you are not able to get your connections established between external and internal nodes then you need to check your routing config. Check if the internal and external devices are pointing to the internal and external firewall's IP addresses respectively using their Default Gateway. Make sure there aren't conflicting IP configurations on each Windows node. Finally, if all routing issues are fixed, the devices shall talk across the firewall in Allow All mode freely.
    - Once things are working in Allow All, noted ALL above observations including up-to-date firmware version, then make sure your OPC rules are set correctly and change mode to Normal, and things should just work as expected.

    Note: I haven't checked if your IP setup makes sense when using the mask /24, please take a closer at your setup as sometimes the mask can make "different" IP addresses look the same from a networking perspective.
  • Jonibek

    In reply to Alexandre Peixoto:

    Thanks you for the reply!
    Yes I checked it all out. Just like you said there is a ping from opoc_client to APP. There is no ping on the firewall ports (internal and external).

    On the opc_client station, the opcwatchit program "The RPC server is unavialable" is producing error 800706ba.
    What kind of mistake is this?

This is the official online community site of the Emerson Global Users Exchange, a forum for the free exchange of non-proprietary information among the global user community of all Emerson Automation Solution's products and services. Our goal is to improve the efficiency and use of automation systems and solutions employed at members’ facilities by sharing our knowledge, experiences, and application information.

User Groups | World Areas | Community Guidelines | Legal Information | Privacy Policy | Contact Community Manager

Website translation provided by Website Translator

© 2015-2022 Emerson Global Users Exchange. All rights reserved.