IBH OPC UA IoT2040:Startup operations
Contents
Mounting and Connection
The IBH Link UA is designed for DIN rail mount:
ATTENTION!
Use only supply voltage from 12V to 36V to operate the device. Higher voltage may destroy the device.
Inserting the microSD card
The microSD card delivered with the device needs to be exchanged with the card provided by IBHsoftec GmbH.
Power off the devicee before changing the microSD card!
The slot for the microSD card is located on the board:
Configuration of the IP addresses
The administration can be made with a recent web browser over the Ethernet port 1 by using the host name f.i. http://iot2000
or over the port 2 by entering the default IP Address 192.168.1.14
No other tools are required.
Default IP Address configuration:
| Level | Port | Address
|
|---|---|---|
| Management level | Port 1 | Host name: f.i.iot2000
|
| Control level | Port 2 - 4 | 192.168.1.14
|
Default Login:
admin
admin
Network: Management Level
Network configuration for Port 1 (Management level respectively Supervision Level):
Network: Control Level
Network configuration for Port 1 (Control Level respectively Machine Level):
From both levels the Endpoint URL can be copied:
The Endpoint URL is provided by the IBH Link UA and is the destination URL for the OPC Client.
In our sample, the UA Expert diagnostic client from Unified Automation is shown:
Time Settings
Before creating certificates, the clock of the IBH Link UA must be set with the correct date and time!
Security
OPC UA defines different Security Levels:
There are different levels of encryption None, Basic128Rsa15 and Basic256
| None | No encryption |
| Basic128Rsa15 | 128 Bit encryption |
| Basic256 | 256 Bit encryption |
| Basic256Sha256 | 256 Bit encryption |
The IBH Link UA supports the level Sign, Sign and Encrypt and Sign + Sign and Encrypt
| Sign | The messages contain signed certificates
|
| Sign and Encrypt | The messages contain signed certificates and are encrypted
|
| Sign + Sign and Encrypt | The messages may contain only signed certificates, or can be signed and are encrypted as well
|
Certificates
Before creating certificates, the time of the IBH Link UA must be set
Exchange of Certificates is another important security level of OPC UA.
A communication is only possible, if both Server and Client have a valid certificate assigned by the respective partners.
After setting the time of the IBH Link UA, a new server certificate can be created:
To get the best reliability of the Server Certificate, all fields need to be completed in detail:
If an existing Server Certificate shall be used with the IBH Link UA, it can be uploaded via the button <Upload Server Certificate>.
Make the IBH Link UA Server Certificate visible for the Client:
OPC UA clients usually detect server certificates automatically, when the first connection is established
or they offer other options for the handling of certificates.
Make the Client Certificate visible for the IBH Link UA Server:
After the client has accepted the server certificate, it will send the client certificate.
Whether new certificates are existing, can be checked using the Refresh button or the key <F5>:
Once the certificate is trusted, the communication with the Client can be established:
Historical Data
While OPC Data Access allows the access to data in real time, supports OPC Historical Access, also called OPC HDA access, access to already stored data. From simple data logging systems to complex SCADA systems historical data can be queried on standardized manner. The activation of the Historical data is easily performed using the web browser.
System
System information like the MAC address of the IBH Link UA can be found here:
