How to set up a Gateway
Last updated
Last updated
Login to the SDA Console and navigate to the devices view. Click on "Add New Device" and choose "Gateway".
Select version 2 and choose a name for the gateway. In addition, you can select the communication mode you want the gateway to use for outbound connections. UDP is the fastest option but not allowed in some firewall configurations. TCP is the alternative, in this case the gateway will only establish connections on TCP port 443 (see Requirements). You can edit this setting anytime at a later stage, it will affect all future connections that are opened via this gateway.
Then click on "Save".
A screen with a bash command will appear. You can copy it to the clipboard by clicking on it.
The SDA Gateway Docker version has an integrated Web UI for configuring the application. Check the official repository overview to see the Docker launch configuration details:
Access the page on port 8186 (default) in the device where the container is running:
If the container is running on local host, access http://localhost:8186/ in your web browser.
If the container is running on another device with IP equal to, for example, 10.0.0.5
, access http://10.0.0.5:8186/
in your web browser.
Note: the external device needs to provide access to the application port in which the container is listening.
You should see the following page. Paste the bash command from the SDA Console into the blank field and click on Submit.
If your gateway is successfully configured, it will be added to the Configured Gateways list, where you can remove it from the device at anytime.
Now connect to the device or VM on which you want to install the connectivity client via SSH (e.g., use Putty on Windows). Once connected, paste the command and execute it.
Please make sure that the command starts with "curl" and ends with "/stdin" after pasting it into the command line tool you are using. On some machines some special characters are inserted after and before the command. In this case, please copy the command into an editor (e.g., Notepad) first, remove those special characters at the beginning and at the end and paste it then into the command line.
A successful installation should look like shown below.
You can confirm successful installation afterwards with the following command.
If the gateway was successfully registered the result should look like shown below.
For devices behind a Proxy, installation may fail if the proxy server is not set in the environment variables. Also, an extra step is required before checking the communication status. Please, follow the instructions in Configuring Proxy.
You can afterwards also verify that the gateway is online in the web console (you may to reload the entire page once before).
In case the "SDA Gateway Health" connectivity check is not successful, either the gateway app installation was not successful or your firewall between the gateway and the internet seems to block the connection. Please verify the firewall requirements and contact in SDA in case it does not work.
In case the "SDA Cloud to PLC" connectivity check is not successful, your firewall between the gateway and the internet seems to block the connection. Please verify the firewall requirements and contact in SDA in case it does not work.
To check that all connectivity functions work, you can need to create a PLC/Control entry in the web console (see user manual) below the gateway and check if you can connect to the PLC via the tab "Control Configuration". Note that it can also be a dummy PLC entry, the service checks that it can reach the IP address set for the PLC. Those tests verify that the firewall configuration between gateway and cloud as well as between gateway and PLC is correct.
When you try for the first time after gateway installation the third test will fail as the tenant-specific connection server takes a few minutes to be configured and it is triggered once you request the check. All tests should work a few minutes after the first try.
In case the "Gateway to PLC" connectivity check is not successful, there can be several reasons:
Please check that the PLC is up and running
Please check if the PLC can be reached from the device that is used as the gateway (e.g., you can login on try to ping the PLC on its IP). Note that even when the manual ping works (via protocol ICMP) it may be that your internal firewall between the gateway and the PLC may block the communication on the vendor-specific port to administer and configure the PLCs (e.g., for Siemens it is by default TCP 102) and hence in the SDA Console you will see a negative result of this test. Please make sure that communication on this port is possible and align with your IT.
Please make sure that you have chosen the right communication port for the control in the SDA Console (e.g., for Siemens it is by default TCP 102)