UaGateway  1.2.5.203
 All Pages
HowTo: Add and connect to an underlying UA Server

This HowTo describes how to add and connect to a remote UA Server from UaGateway using Security Policy Basic128Rsa15 with Message Security Mode Sign & Encrypt

To add and connect a UA Server to the UaGateway, just start the Configuration Tool of the UaGateway (either via the start menu shortcut or by right clicking on the Systray icon). Locate the Devices Address Space window on the left side of the Configuration Tool and click on OPC UA Servers. In the center window the configuration for UA Servers will appear. Just click on Add Server... to add a connection to a new UA Server.

A dialog (Add UA Server) appears where all needed information about the target UA Server has to be configured. To find the remote UA Server, you can browse the network and discover individual computers, or you just double click on Double click to Add Server... and enter the remote address of the targeted UA Server.

This can be done in different ways (change the port 4840 to the port the UA Server listens on):

  • opc.tcp://<hostname>:4840
  • opc.tcp://<IP Address>:4840

Expand the tree and select the secure endpoint Basic128Rsa15 - Sign & Encrypt. By pressing the button Add & Close a secure connection to this UA Server will be added to the UaGateway configuration. If the remote server has user name / password authentication it is possible to to configure it by selecting Username/Password.

When selecting the newly added UA Server in the "Devices Address Space" the UA Server's detailed connection status will be displayed. As this connection is a secure connection, the remote UA Server is not connected immediately. Typically it will reject the connect attempt because the UAGateway's certificate is not trusted yet. To establish the secure connection locate the certificate store of the remote UA Server (here: PKI folder) and trust the UaGateway's client certificate (here: move the certificate from the rejected folder into the certs folder.
Example using Unified Automation Demo Server:
The certificate is typically located in the folder: C:/ProgramData/UnifiedAutomation/UaDemoServer/PKI/CA/rejected. If the certificate is trusted the connection will automatically established with the next connect attempt of UaGateway.

To check if the connection has been established, right click on the server in the "Devices Address Space" and click "Rebrowse". The displayed connection status of the server should now show "Connected".