OPC Tunneller enables classic OPC servers and clients to communicate with each other by-passing the troublesome DCOM settings, to alternatively use the secure and efficient single port OPC UA TCP/IP communication. The OPC tunneling software bridges the gap between OPC classic servers and clients located in different networks without compromising network security. Utthunga’s uOPC® Tunneller is developed on our reliable and secure uOPC Server framework designed by our highly skilled OPC experts.  

Why is the OPC Tunneller required for Industries?

OPC Classic is based on Microsoft’s COM/DCOM (Component Object Model) technology. Typically, in an OPC Classic setup, for an OPC classic client to connect to the OPC classic server running in different networks, the right DCOM configuration is required. The DCOM configuration settings are susceptible to changes either due to security or Windows patch updates. The DCOM security model also defines the user accounts that have access to the application, as well as the user accounts from which an application can accept connections. Additionally Windows firewall requires you to add the COM applications to the exclusion list for communicating over a network. In brief, it’s not your average Joe task.

A tunneller eliminates the problems associated with DCOM while connecting OPC clients to servers. The OPC bridging tunneller is a combination of an in-built OPC wrapper and a proxy.  A brief explanation on their working is given below.

OPC UA Proxy

An OPC UA Proxy is a software which has an inbuilt OPC classic server and UA client. This enables a classic OPC client to talk to an OPC UA server. A pictorial representation of OPC DA to UA communication is given below.

OPC UA Wrapper

An OPC UA Wrapper acts in the opposite of an OPC UA Proxy. It has an inbuilt OPC UA server and a Classic client. So it enables an OPC DA to UA client to fetch data from an OPC classic server. A pictorial representation of OPC UA to DA communication is given below.

An OPC UA Tunneller is a combination of UA Proxy and UA Wrapper working together across the network firewall. So it is effectively an OPC DA across firewall that converts the network traffic to OPC UA TCP/IP from the native COM-DCOM as shown below. These TCP/IP settings are easy to configure in the firewall using a single port.

In summary, the uOPC® Tunneller product can be used for the following use cases.

  • Connect OPC Classic client to OPC Classic server across the firewall by-passing DCOM communication as shown in Figure 3 above.
  • Connect OPC Classic client to OPC UA server using the OPC UA Proxy as shown in Figure 1.
  • Connect UA client to OPC Classic server using the OPC UA Wrapper as shown in Figure 2.

The summary of all the above business scenarios are shown in a high level diagram as shown below.

OPC Tunneller product provided by Utthunga

uOPC® Tunneller enables OPC DA to UA connection. This avoids the challenges of DCOM configuration by using Proxy and Wrapper components on the local systems which interface with the respective OPC Classic server and clients via COM settings.

The two uOPC Tunneller components communicate with one another via OPC UA. IT engineers managing the network infrastructure will add the port number and IP addresses of the servers and clients details in the firewall settings of the router as part of the port forwarding mechanism. Additional DCOM configuration is not required and Windows firewall configuration is limited to allowing access to the port being used by the uOPC Tunneller components on the respective machines.

uOPC® Tunneller from Utthunga suite has the following features:

  • Supports OPC Classic, OPC DA (v1.0, v2.0 and v3.0), OPC AE v1.0, OPC HDA v1.0, OPC UA v1.02
  • Protocols Supported: OPC Client drivers for OPC UA, DA, AE & HDA
  • Supports single instance for uOPC® Tunneller Client (also called as Proxy Server) when it connects to one or more OPC UA Tunneller Server(s)
  • Supports dynamic runtime browse of new tags injection in OPC Classic server(s)
  • Supports bulk tags per subscription
  • Allows automatic reconnect
  • Provides support for tracking status of underlying OPC Server(s)
  • Security is provided via data signing & encryption along with user authentication & authorization

Software Platform Requirement:

  • Target OS: Windows 7 (32Bit/64Bit), Windows 8/8.1 (32Bit/64Bit), Windows 10 (32 bit/64 bit), Windows Server 2008 RS2 (32Bit/64Bit), Windows Server 2012 RS2

Hardware Platform Requirement

  • CPU – Intel (i3, i5, i7) family or its AMD equivalent.
  • RAM – 8 GB or above.
  • HDD – 250 GB or above.

Why OPC Tunneller from Utthunga?

Utthunga’s uOPC® Tunneling solutions help industrial enterprises to build a secure and reliable communication network without facing frequent configuration and security issues. uOPC® Tunneller helps your industrial automation communication to:

  • Overcome OPC timeout issues and network disconnections caused by DCOM setup
  • Eliminate DCOM usage for OPC Classic connectivity and data transfer through firewalls
  • Reduce costs by eliminating rip-and-replace of OPC Classic assets
  • Reduce network bandwidth utilization and increases throughput
  • Provide secure, encrypted and authentic communication between OPC clients and servers
  • Leverage diagnostic tools for easy troubleshooting


No, you need not restart. Just make sure you add the new tags in the OPC Tunneller Server configuration tool. For this, you will need to go to the menu bar and check the “Browse Synchronously” option.

Yes, you can select the firewall access to the port option during the installation of the uOPC Tunneller setup. Every time you change the port number, you will need to give access to the new port manually.

No. Tunneller is not required for OPC UA communication across firewalls. They are required only for OPC Classic versions when both the OPC classic client and OPC classic server are running on different machines.

Yes, if it is OPC Classic Server & Client, then D-COM settings are required for both Client/Server ends.

Yes, it is possible to convert OPC UA data to OPC DA due to its interoperability feature.

Any application which uses address ports for OPC UA server to communicate across the firewall, will have its ACL/rules configured for allowing both inbound and outbound access.

For both the server side component and client side components, the license must be activated individually.

No. By default, the licences are activated based on the machine’s MAC ID. However, it also depends configuration setup provided by the vendors. Certain vendors might have an option to transfer license using internet connectivity.

The OPC UA server can work in both IT and OT network.

Yes, firewall changes is required. If the Firewall is ON, then you need to enable the port used by Server side component to access over remote computer.

Recent Posts

  • IIoT
  • September 6, 2022

Role of HISTORIAN in a Fast-changing Industrial World

Big Data is the  buzzword as industries realize its growing importance and benefits. Many sectors are investing in data analytics to bundle intelligent information from data generated by connected machines across various pocket in the plant infrastructure. Such different forms of data come from sensors, edge devices, networks, industrial protocols in the form of signals, […]

Read more

  • Industry 4.0
  • OPC UA
  • August 30, 2022

Will Industry 4.0 Exist without OPC UA

A new genre of industrial data exchange between industrial machines and communication PCs is on the rise – the Open Platform Communications United Architecture (OPC UA). Interestingly, application manufacturers, system providers, programming languages, and operating systems have no bearing on this open interface standard. The most significant distinction between OPC UA and the previous versions […]

Read more

  • August 24, 2022

Microsoft Azure and Amazon AWS: Comparing the Best In The Business

Most professional advice will point towards a cloud-based service if your company explores hosting options for its official platform. Similarly, when you dive deep into the intricacies of cloud computing, you’ll find yourself bumping into Microsoft Azure and Amazon AWS as the two most viable options. Since choosing between these two most popular options can […]

Read more

  • IIoT
  • July 26, 2022

The Benefits of IIoT for Machine Builders

Improving customer service. Safeguarding customer satisfaction. Winning customer loyalty. Increasing service revenue. Augmenting aftersales turnover. These are some of the primary goals that machine builders have been pursuing. But, how many have been able to meet these goals? Unfortunately, not many, owing to the machine visibility challenges arising out of lack of meaningful data flow […]

Read more