Sign in to follow this  
Followers 0
GuitarMaestro69

Factorytalk blocks TCPIP ports?

3 posts in this topic

All, we have installed a machine from a Swiss vendor with factorytalk view SE installed on a B&R industrial PC running win 7 pro 64-bit.  When our IT department installed Mcafee and SCCM and tried to connect these utilities to our main HQ in DK, we ran into issues.  we are unable to connect to the overseas servers, nor can we ping them.  When we run portqry, we receive a FILTERED error, indicating that something is blocking the connection somewhere.  Windows firewall is turned off (grayed-out actually) and IT says there's no issue with our network firewalls or connection.  Other PCs on the same VLAN have no issue with this.

Our vendor claims that this is due to the factorytalk installation.  I don't believe this is the case, but then again I don't know FT that well.  They claim that these utilities needed to be installed before FT was installed??  That doesn't seem logical.  Of course I searched around for info on the subject, but to no avail.

Does anyone have any input on this?  is FT blocking TCPIP ports?  

 

Thanks in advance.

Share this post


Link to post
Share on other sites

If you're really the Administrator user, you shouldn't have anything grayed out.   That suggests that the machine is subject to group policies.   Microsoft suggests that you can launch it using the Search function to make UAC elevate you to make changes.

https://support.microsoft.com/en-us/kb/2620334

When FactoryTalk software is installed, it runs a little "Windows Firewall Configuration Utility" that opens up the ports that FactoryTalk uses, like TCP 44818 for ControlLogix comms, or TCP 12700 for FT Activation, or 49280 for the FTView SE Secure Web Server.

I've never heard of it closing or blocking a port.   
 

In my experience, when IT says "there's nothing wrong with the network", they are really soliciting a caffeinated-beverage bribe.   My policy is to pay up.

Share this post


Link to post
Share on other sites

Have you tried to install WireShark?  This is a superb, free utility that does a good job of sniffing Ethernet traffic.  

Another suggestion is to start the PC in Safe Mode which should not allow FTViewSE to start.  In Safe Mode you should be able to use a bare-bones approach to verify network connectivity.  This will either prove the IT department correct in the FTViewSE locks down some port access (which many of us doubt), or will prove that there is something else going on.

Is this PC by default logging in as Administrator?  IT people often do not approve of this, but FTViewSE wants to control security and intends for the host PC to be logged in as Administrator.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0