OPC Tunneller enables classic OPC servers and clients to communicate with each other by-passing the troublesome DCOM settings, to alternatively use the secure and efficient single port OPC UA TCP/IP communication. The OPC tunneling software bridges the gap between OPC classic servers and clients located in different networks without compromising network security. Utthunga’s uOPC® Tunneller is developed on our reliable and secure uOPC Server framework designed by our highly skilled OPC experts.  

Why is the OPC Tunneller required for Industries?

OPC Classic is based on Microsoft’s COM/DCOM (Component Object Model) technology. Typically, in an OPC Classic setup, for an OPC classic client to connect to the OPC classic server running in different networks, the right DCOM configuration is required. The DCOM configuration settings are susceptible to changes either due to security or Windows patch updates. The DCOM security model also defines the user accounts that have access to the application, as well as the user accounts from which an application can accept connections. Additionally Windows firewall requires you to add the COM applications to the exclusion list for communicating over a network. In brief, it’s not your average Joe task.

A tunneller eliminates the problems associated with DCOM while connecting OPC clients to servers. The OPC bridging tunneller is a combination of an in-built OPC wrapper and a proxy.  A brief explanation on their working is given below.

OPC UA Proxy

An OPC UA Proxy is a software which has an inbuilt OPC classic server and UA client. This enables a classic OPC client to talk to an OPC UA server. A pictorial representation of OPC DA to UA communication is given below.

OPC UA Wrapper

An OPC UA Wrapper acts in the opposite of an OPC UA Proxy. It has an inbuilt OPC UA server and a Classic client. So it enables an OPC DA to UA client to fetch data from an OPC classic server. A pictorial representation of OPC UA to DA communication is given below.

An OPC UA Tunneller is a combination of UA Proxy and UA Wrapper working together across the network firewall. So it is effectively an OPC DA across firewall that converts the network traffic to OPC UA TCP/IP from the native COM-DCOM as shown below. These TCP/IP settings are easy to configure in the firewall using a single port.

In summary, the uOPC® Tunneller product can be used for the following use cases.

  • Connect OPC Classic client to OPC Classic server across the firewall by-passing DCOM communication as shown in Figure 3 above.
  • Connect OPC Classic client to OPC UA server using the OPC UA Proxy as shown in Figure 1.
  • Connect UA client to OPC Classic server using the OPC UA Wrapper as shown in Figure 2.

The summary of all the above business scenarios are shown in a high level diagram as shown below.

OPC Tunneller product provided by Utthunga

uOPC® Tunneller enables OPC DA to UA connection. This avoids the challenges of DCOM configuration by using Proxy and Wrapper components on the local systems which interface with the respective OPC Classic server and clients via COM settings.

The two uOPC Tunneller components communicate with one another via OPC UA. IT engineers managing the network infrastructure will add the port number and IP addresses of the servers and clients details in the firewall settings of the router as part of the port forwarding mechanism. Additional DCOM configuration is not required and Windows firewall configuration is limited to allowing access to the port being used by the uOPC Tunneller components on the respective machines.

uOPC® Tunneller from Utthunga suite has the following features:

  • Supports OPC Classic, OPC DA (v1.0, v2.0 and v3.0), OPC AE v1.0, OPC HDA v1.0, OPC UA v1.02
  • Protocols Supported: OPC Client drivers for OPC UA, DA, AE & HDA
  • Supports single instance for uOPC® Tunneller Client (also called as Proxy Server) when it connects to one or more OPC UA Tunneller Server(s)
  • Supports dynamic runtime browse of new tags injection in OPC Classic server(s)
  • Supports bulk tags per subscription
  • Allows automatic reconnect
  • Provides support for tracking status of underlying OPC Server(s)
  • Security is provided via data signing & encryption along with user authentication & authorization

Software Platform Requirement:

  • Target OS: Windows 7 (32Bit/64Bit), Windows 8/8.1 (32Bit/64Bit), Windows 10 (32 bit/64 bit), Windows Server 2008 RS2 (32Bit/64Bit), Windows Server 2012 RS2

Hardware Platform Requirement

  • CPU – Intel (i3, i5, i7) family or its AMD equivalent.
  • RAM – 8 GB or above.
  • HDD – 250 GB or above.

Why OPC Tunneller from Utthunga?

Utthunga’s uOPC® Tunneling solutions help industrial enterprises to build a secure and reliable communication network without facing frequent configuration and security issues. uOPC® Tunneller helps your industrial automation communication to:

  • Overcome OPC timeout issues and network disconnections caused by DCOM setup
  • Eliminate DCOM usage for OPC Classic connectivity and data transfer through firewalls
  • Reduce costs by eliminating rip-and-replace of OPC Classic assets
  • Reduce network bandwidth utilization and increases throughput
  • Provide secure, encrypted and authentic communication between OPC clients and servers
  • Leverage diagnostic tools for easy troubleshooting


No, you need not restart. Just make sure you add the new tags in the OPC Tunneller Server configuration tool. For this, you will need to go to the menu bar and check the “Browse Synchronously” option.

Yes, you can select the firewall access to the port option during the installation of the uOPC Tunneller setup. Every time you change the port number, you will need to give access to the new port manually.

No. Tunneller is not required for OPC UA communication across firewalls. They are required only for OPC Classic versions when both the OPC classic client and OPC classic server are running on different machines.

Yes, if it is OPC Classic Server & Client, then D-COM settings are required for both Client/Server ends.

Yes, it is possible to convert OPC UA data to OPC DA due to its interoperability feature.

Any application which uses address ports for OPC UA server to communicate across the firewall, will have its ACL/rules configured for allowing both inbound and outbound access.

For both the server side component and client side components, the license must be activated individually.

No. By default, the licences are activated based on the machine’s MAC ID. However, it also depends configuration setup provided by the vendors. Certain vendors might have an option to transfer license using internet connectivity.

The OPC UA server can work in both IT and OT network.

Yes, firewall changes is required. If the Firewall is ON, then you need to enable the port used by Server side component to access over remote computer.

Recent Posts

  • Industry 4.0
  • November 9, 2021

10 Important Steps to Build a Smart Factory

Industrial digital transformation refers to many development and progress arrangements towards new plans of action and revenue streams comprising three major columns; automation, improved manufacturing cycles, and production advancement. The Coronavirus pandemic has disturbed almost every business regardless of type and size, and manufacturing is no exception. Amid the social distancing and mandated closures, manufacturers […]

Read more

  • Edge
  • IIoT
  • October 20, 2021

Overcoming the Security Challenges of IIoT Edge Devices

IIoT edge devices play a key role in processing, handling, and delivering an enormous amount of data coming from a vast array of field devices installed across the plant(s). It has opened great opportunities for both revenue generation as well as cost optimization by gathering critical field information. Though industries can reap a plethora of […]

Read more

  • IIoT
  • Industry 4.0
  • September 27, 2021

5 Mistakes to Avoid When Migrating a Legacy Application to Cloud

Industries are gearing up to embrace the changes that IR4.0 demands, which has pushed the need to modernize their existing services and system portfolio. Adapting legacy systems such as SCADA, DCS to the service-oriented digital streams is a challenging task for companies, especially those in the manufacturing sector. One of the major concerns while adapting […]

Read more

  • Industry 4.0
  • September 9, 2021

Various Database Technologies for Developing Industrial Applications

Database management systems exist in various forms and sizes, from complicated to basic, from expensive to inexpensive. It is critical to consider how the database technology you select will scale as the size of your data grows and how it will interact with any applications you employ to query your data. The database technology landscape […]

Read more