Creating Windows Firewall rules to allow StruxureWare Building Operation to communicate on the TCP port

Issue

Unable to establish communication between the enterprise and automation servers through the TCP Port 4444. Values are not being passed between the enterprise to the automation servers or between automation server to automation server.

Product Line

SmartStruxure Solution

Environment

  • Workstation

Cause

Windows Firewall is not allowing inbound or outbound information from passing through the TCP port 4444.

Resolution

First download and run TCP View. With TCP View running, sort the list by the Local Port and find all devices that are talking on port 4444. If the automation servers are in a state of LISTENING then rules must be created to allow communication. Copy the file path of SE.EnterpriseServer.exe in order to create the rules. This can be found by right clicking on one of the SE.EnterpriseServer.exe process > Process Properties... (C:\Program Files\Schneider Electric\StruxureWare 1.2\Enterprise Server\bin\SE.EnterpriseServer.exe)

If the automation servers are in the state of ESTABLISHED, then take a look at Lessons Learned Article #8388 and Lessons Learned Article #11202 for more troubleshooting help.


 

Change Windows Firewall Settings to Allow Programs

  1. Go to Start > Control Panel.
  2. Click on Windows Firewall.
  3. Click on "Allow a program or feature through Windows Firewall" on the left hand side of the window.
  4. Find "StruxureWare Building Operation" in the list of programs and make sure Home/Work and Public networks are selected. 

Note: If you do not have permission rights to make changes in this area of Windows, move on to the next section where you can set up inbound and outbound firewall rules.


 

Creating Inbound and Outbound Windows Firewall Rules

  1. Go to Start > Control Panel. 
  2. Click on Windows Firewall.
  3. Click "Advanced settings" on the left side of the window.
  4. Select Inbound Rules on the left side of the window and then click New Rule... on the right side of the window.
  5. On the first screen of the New Rule Wizard, choose Program. Click Next.
  6. In "This program path:" either browse to SE.EnterpriseServer.exe or paste the file path that was copied earlier from the TCP View into the box. Click Next.
  7. Select the option to "Allow the connection". Click Next.
  8. Leave Domain, Private, and Public checked unless otherwise desired. Click Next.
  9. Name the rule StruxureWare. Click Finish.
  10. Select Outbound Rules on the left side of the window and then click New Rule... on the right side of the window.
  11. Follow steps 5 through 9 to create the Outbound Rule.