Skip to main content

i4SCADA Knowledge Base

Running i4SCADA on three separate machines

Abstract

To configure your i4SCADA Server, Database, and Web Server to communicate with each other over the network on three different machines, check out these tutorials.

i4SCADA can be set up to run its server, database, and web server on three different machines which communicate with each other over the network. This article will describe the setup procedure for achieving this multiple-machine i4SCADA environment.

3machines_diagram.jpg

Multiple machine i4SCADA environment

Important

As these settings have a higher degree of difficulty than the previous ones, please pay attention to each step provided in this tutorial!

The three-way i4SCADA setup requires three running Windows servers to support the distribution of the i4SCADA services. The three machines are summarised below:

  • A Database Server - the server running the Microsoft SQL database server, hosting the SCADA database (SCADA1)

  • An i4SCADA Server - the server running the i4SCADA server, with access to the Database Server and Web Server (SCADA2)

  • A Web Server - the server running IIS and hosting the SCADA web services (SCADA3)

To achieve this goal, the following prerequisites must be met:

  • One physical or virtual machine running i4SCADA version 3.8.x with Internet Information Services (IIS). See the Requirements and Recommendations article.

  • One physical or virtual machine running Microsoft SQL Server 2016.

  • One physical or virtual machine running Internet Information Services (IIS).

  • Proper networking - the machines must be in the same local network or must be connected using a VPN if they are communicating over the internet.

    Tip

    In order to allow i4SCADA Studio to find and connect to the Microsoft SQL Server, you need to allow the SQL Server Browser through the Firewall, as follows:

    1. Go to Windows Start, click on the Settings entry, and select Update and Security.

      Update_and_Security.jpg

      NOTE: It might also be necessary (or advised) to set the SQL Server Browser to log on as a Network Service in the SQL Server Configuration Manager.

      Config_Mgr.jpg
    2. Switch to the Windows Security tab and click the Open Windows Security button.

      Open_windows_security.jpg
    3. Switch to the Firewall and network protection tab and click the Allow an app through Firewall option.

      Network_protection.jpg

      The Control Panel path "Control Panel\System and Security\Windows Defender Firewall\Allowed apps" is opened.

    4. Click the Change Settings button and then select the Allow another app... option.

      Network_protection.jpg
    5. A new small window is opened allowing you to click the Browse button and navigate to the sqlbrowser.exe file location.

      sqlbrowser_file.jpg
    6. Select the sqlbrowser.exe file, click the Open button, and then the Add button to add the sqlbrowser.exe file to the list of apps allowed to communicate through the Firewall.

      Allowed_apps.jpg

      Tip

      You can check/uncheck the Domain/Private/Publish checkboxes according to your network setup. In most cases, checking private&domain should suffice.

    7. Finally, click the OK button to finish up the operation.

Note

This article focuses on setting up i4SCADA to work in a three machines environment. The installation of operating systems, i4SCADA software, database server, or web server is not subject to this article. Please refer to the proper documentation to achieve the setup required, to follow this article.

Additionally, we have provided you with two setup methods. Regardless of the selected method, we strongly advise you to pay attention to each step, since we deal with a higher degree of difficulty.

Method 1: Setting up the triple-machine environment

The following configuration must be applied to the trio of servers in order to distribute the i4SCADA installation properly.

Setting up the Database Server (SCADA1)

This Windows Server must be configured as an SQL Database server. For i4SCADA, the Microsoft SQL Server 2016 must be installed on this machine in order to host the SCADA database. SQL Management Tools must be installed along with the SQL Server, in order to provide access to the Microsoft SQL Server Management Studio.

  1. Enable the TCP/IP protocol in the SQL Server Network Configuration section of the SQL Server Configuration Manager

    TCP_IP_properties.jpg
  2. Set the SQL Server Browser to Automatic start and make sure it’s running (in the SQL Server Services section of the SQL Server Configuration Manager, as follows:

    1. Select the SQL Server Browser Properties option and set the Start Mode to Automatic, under TAB Service.

      SQL_Server_Browser_Properties.jpg
    2. Check the SQL Server Browser status and make sure it is in status Running. In case it did not start, click right and select the option Start.

      SQL_Server_Browser.jpg
  3. Restart the SQL Server service in the SQL Server Configuration Manager

    Restart_SQL_Server.jpg
  4. Find out what ports are used by the SQL Server, as follows:

    1. Open the SQL Server Management Studio

    2. Open the Management folder

    3. Open the SQL Server Logs folder

    4. Select the Current log file and click right to open the Log Filter Viewer dialog.

      SQL_Server_Logs.jpg
    5. In the Log Filter Viewer dialog select the Filter toolbar option or the View filter settings linkable field.

      The Filter Settings dialog is opened allowing you to input the text “server is listening on” in the Message Contains Text field and Enable the Apply filter option.

      Filter_settings_dialog.jpg
    6. Press the OK button. The SQL Server port number will be displayed in the logs as listened to.

      Ports_listened_to.png
  5. Allow inbound and outbound port rules for port 1433 for both TCP and UDP protocols, as follows:

    1. Open Windows Defender Firewall.

    2. Click on the Advanced settings option.

      Advanced_settings.jpg
    3. The Windows Defender Firewall with Advanced Security dialog is opened.

    4. Select the Inbound Rules menu entry and click on the New Rule option.

      New_rule_for_Inbound.jpg
    5. The New inbound Rule Wizard dialog is opened. In this view select the Port option and press the button Next.

      Port_Inbound_Rule.jpg
    6. Add in the "Specific local ports" field the TCP port number 1433. Click again the Next button.

      1433Port.jpg
    7. Make sure that option Allow connection is selected and press the Next button.

      Allow_the_connection.jpg
    8. In the next window select the desired location where the new rule should be applied (by default, all options are selected). Click again the Next button.

    9. Define a Name and Description for the new Inbound TCP Rule and click the Finish button.

      Finish_TCP_Inbound.jpg
    10. Next, add the Inbound UDP Rule for the 1433 port described above.

      UDP_1433.jpg
    11. Repeat the steps described above, for the Outbound TCP and UDP Rules, under the Outbound Rules menu entry of Windows Defender Firewall.

      Outbound_new_Rules.jpg
  6. Allow inbound and outbound port rules for port 1434 for both TCP and UDP protocols, as follows:

    1. Open Windows Defender Firewall.

    2. Click on the Advanced settings option.

      Advanced_settings.jpg
    3. The Windows Defender Firewall with Advanced Security dialog is opened.

    4. Select the Inbound Rules menu entry and click on the New Rule option.

      New_rule_for_Inbound.jpg
    5. The New Inbound Rule Wizard dialog is opened. In this view select the Port option and press the button Next.

      Port_Inbound_Rule.jpg
    6. Add in the "Specific local ports" field the TCP port number 1434. Click again the Next button.

      1434_port.jpg
    7. Make sure that option Allow connection is selected and press the Next button.

      Allow_the_connection.jpg
    8. In the next window select the desired location where the new rule should be applied (by default, all options are selected). Click again the Next button.

    9. Define a Name and Description for the new Inbound TCP Rule and click the Finish button.

      Finish_TCP_Inbound.jpg
    10. Next, add the Inbound UDP Rule for the 1443 port, as described above.

      UDP_1434.jpg
    11. Repeat the steps described above, for the Outbound TCP and UDP Rules, under the Outbound Rules menu entry of Windows Defender Firewall.

      Outbound_new_Rules.jpg
  7. Allow inbound and outbound port rules for the SQL Server port (in our case, 49741) for both TCP and UDP protocols, as follows:

    1. Open Windows Defender Firewall.

    2. Click on the Advanced settings option.

      Advanced_settings.jpg
    3. The Windows Defender Firewall with Advanced Security dialog is opened.

    4. Select the Inbound Rules menu entry and click on the New Rule option.

      New_rule_for_Inbound.jpg
    5. The New Inbound Rule Wizard dialog is opened. In this view select the Port option and press the button Next.

      Port_Inbound_Rule.jpg
    6. Add in the "Specific local ports" field the TCP port number 49741. Click again the Next button.

      49741_TCP.jpg
    7. Make sure that option Allow the connection is selected and press the Next button.

      Allow_the_connection.jpg
    8. In the next window select the desired location where the new rule should be applied (by default, all options are selected). Click again the Next button.

    9. Define a Name and Description for the new Inbound TCP Rule and click the Finish button.

      Finish_TCP_Inbound.jpg
    10. Next, add the Inbound UDP Rule for the 49741 port described above.

      UDP_49741.jpg
    11. Repeat the steps described above, for the Outbound TCP and UDP Rules, under the Outbound Rules menu entry of Windows Defender Firewall.

      Outbound_new_Rules.jpg
  8. Last but not least, make sure that the Network Discovery is enabled for the network you are connected to, as follows:

    1. Go to Control Panel and select the option Network and Internet.

    2. Select the Network and Sharing Center and click on the Change advanced sharing settings.

      Advanced_sharing_and_network_settings.jpg
    3. In the Advanced Sharing settings make sure that the Network discovery and/or File and printer sharing are turned ON, for your current profile.

      Network_discovery_and_sharing_center.png

      Tip

      Changes at the level of Network discovery can be lost after saving them if the dependency services are disabled. Please make sure the following services are enabled and running:

      • DNS Client

      • Function Discovery Resource Publication

      • SSDP Discovery

      • UPnP Device Host.

      Further details for troubleshooting such issues can be found on the forum linked here.

Setting up the i4SCADA Server (SCADA2)

The SCADA server must be configured with the standard SCADA prerequisites. Some of those, like IIS, may not actually be used in the final three-way SCADA setup, but are still required by the i4SCADA Setup.

Tip

Please refer to the i4SCADA Setup tutorial for more details about the steps required for this installation.

To set up the SCADA Server the following steps should be processed:

  1. Install i4SCADA as a normal installation, including all required prerequisites: Windows Roles and Features (IIS and .NET Framework 3.5 and 4.7). Some features may be available only after the initial installation.

    Note

    The SQL Server setup part of the i4SCADA installation can be skipped since we will use the Database Server’s SQL.

  2. Make sure that the i4SCADA Studio can connect to the Database Server SQL database, as follows:

    STudio_png.jpg
    1. Open the Command Prompt application on the i4SCADA Server machine (SCADA2). and

    2. Ping the IP of the DB server - e.g. Ping [database server ip].

      Tip

      The local IP can be identified using the Ipconfig command.

      If there is a network communication between the 2 machines the ping command should output:

      • C:\Users\vagrant>ping 19x.16y.xx.yy (the IP of the Machine where the SQL is installed - SCADA1)

      If the connection was successfully working the result should be something like:

      Pinging 19x.16y.xx.yy with 32 bytes of data:

      Reply from 19x.16y.xx.yy: bytes=32 time=2ms TTL=128

      Reply from 19x.16y.xx.yy: bytes=32 time<1ms TTL=128

    Note

    Since i4SCADA was not installed on the Database Server, the Demo Project DB will not be present on the Database Server. Either restore a SCADA database on the Database Server and connect to it from the SCADA Server’s Studio or create a new SCADA DB using Studio’s interface.

  3. Set the remote SCADA DB as the default Studio DB once connected to it (either via the initial dialog or from the Database Access section of the Settings area), as follows:

    1. Copy the SCADA Database name.

      SCADA_DB_name.jpg
    2. Use it to replace the Database server so that we can connect to the newly created database.

      Replace_DB_name_png.jpg
  4. Next, open the Registry Editor application and export the DSN registry key from HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\WEBFACTORY\WFSERVER\2.00\Settings and store it for later use.

    add_dsn.png
  5. Edit the Scada.CommunicationManager.Server.exe.config file with a text editor. This file can be found through the path [your-install-location]/i4SCADA\Server\CommunicationManager).

    Scada_communicationManager_Server.jpg
  6. Locate the CommunicationWebClientService and the TraceContributorService services and enable (un-comment) the TcpEndpoints.

    tcp_enabled_scada2.jpg

    Tip

    Optionally, the port 4600 exposed by the communication manager for web services can be modified. If so, the modification should be done for both CommunicationWebClientService and TraceContributorService services.

  7. Allow the Scada.CommunicationManager.Server.exe located at C:\Program Files (x86)\i4SCADA\Server\CommunicationManager\ to communicate through the firewall, as it needs inbound connections to the default port (or to the custom port if modified above).

    Capture4261.jpg
  8. Copy the _SERVICES folder and clientaccesspolicy.xml from the wwwroot folder of the IIS to a shared network location so it can be transferred later to the Web Server.

  9. Start the SCADA Server using the i4SCADA Service Manager.

    Service_Mgr.jpg
  10. Last but not least, make sure that the Network Discovery is enabled for the network you are connected to, as follows:

    1. Go to Control Panel and select the option Network and Internet.

    2. Select the Network and Sharing Center and click on the Change advanced sharing settings.

      Advanced_sharing_and_network_settings.jpg
    3. In the Advanced Sharing settings make sure that the Network discovery and/or File and printer sharing are turned ON, for your current profile.

      Network_discovery_and_sharing_center.png

      Tip

      Changes at the level of Network discovery can be lost after saving them if the dependency services are disabled. Please make sure the following services are enabled and running:

      • DNS Client

      • Function Discovery Resource Publication

      • SSDP Discovery

      • UPnP Device Host.

      Further details for troubleshooting such issues can be found on the forum linked here.

Setting up the Web Server (SCADA3)

The Web Server machine will run the IIS components of the i4SCADA setup, the web services. To wrap up the final part of this tutorial, please organize the following steps:

  1. Make sure that the SCADA3 machine has the IIS with all its components available.

    1. Install the .NET Framework 3.5 complete feature set.

    2. Install .NET Framework 4.7 complete feature set.

      Note

      Make sure that the following IIS .NET Framework settings are fully installed:

      • HTTP Action

      • Non HTTP Action

      • HTTP Activation

  2. Start the i4SCADA 3.8.X setup.

    Note

    The Web Server machine does not require all the i4SCADA applications, therefore you can decide to only install the SmartEditor, Studio, and Synchronization.

  3. Copy the DSN registry key exported earlier (see step 4), execute it and add the key to the Web Server machine registry.

    import.png

    Note

    In case you are using multiple projects, the DSN Registry Key needs to be updated on the web webserver to be in sync with the project used by the SCADA server. Therefore, please copy the DSN Registry Key from the server and update it on the web server machine.

  4. Go to Web.config file inside the _SERVICES/WEBservices folder located at C:\inetpub\wwwroot\_SERVICES\WEBservices\ and perform the following actions:

    WebConfig.jpg
    1. Disable (comment out) the CommunicationWebClientService net.pipe endpoints.

    2. Enable (uncomment) the CommunicationWebClientService net.tcp endpoints.

    Note

    Please note that it is also possible to use "HTTP" as a communication protocol. In order to enable it, please make sure to uncomment the CommunicationWebClientService HTTP endpoints.

  5. In the two uncommented endpoints (net.tcp or HTTP) replace the “localhost” reference in the endpoint address with the computer name used by the machine where the SCADA server is installed.

    Important

    If the web services port was modified when configuring the i4SCADA Server communication, use the new port when configuring the net.tcp endpoints.

  6. Next, open the Client.config file located at C:\inetpub\wwwroot\_SERVICES\WEBservices\WCF\ with a text editor and perform the following actions:

    Capture4264.jpg
    1. Disable (comment out) the CommunicationWebClientService net.pipe endpoint(s).

    2. Enable (uncomment) the CommunicationWebClientService net.tcp endpoints. In the uncommented net.tcp endpoints, replace the “localhost” reference in the endpoint address with the name of the SCADA Server.

      client_Config.jpg

    Note

    Please note that it is also possible to use "HTTP" as a communication protocol. In order to enable it, please make sure to uncomment the CommunicationWebClientService HTTP endpoints.

  7. Open a Command Prompt terminal using Administrator privileges and run the following commands one by one to disable the IIS logging:

    %windir%\System32\inetsrv\appcmd unlock config /section:httpLogging
    
    %windir%\System32\inetsrv\appcmd set config "Default Web Site/_services" /section:httpLogging /dontLog:true
    
    iisreset
  8. Last but not least, make sure that the Network Discovery is enabled for the network you are connected to, as follows:

    1. Go to Control Panel and select the option Network and Internet.

    2. Select the Network and Sharing Center and click on the Change advanced sharing settings.

      Advanced_sharing_and_network_settings.jpg
    3. In the Advanced Sharing settings make sure that the Network discovery and/or File and printer sharing are turned ON, for your current profile.

      Network_discovery_and_sharing_center.png

      Tip

      Changes at the level of Network discovery can be lost after saving them if the dependency services are disabled. Please make sure the following services are enabled and running:

      • DNS Client

      • Function Discovery Resource Publication

      • SSDP Discovery

      • UPnP Device Host.

      Further details for troubleshooting such issues can be found on the forum linked here.

Testing an i4SCADA SmartEditor visualization on the three machine installation

Tip

If during the setup the listening port was changed, you might encounter some connectivity issues. Therefore, you might want to recheck and confirm that the port used for the TCP/UDP Inbound and Outbound rules is correct.

After processing all the above-described steps you can quickly check if the installation has been correctly organized, as follows:

  1. Open the Machine where the i4SCADA Server is installed (SCADA2) and start the i4SCADA Server from the Service Manager application.

  2. Open Studio and connect to the Database Server SQL database. (in our case the Data Base Server SQL was installed on the Machine named SCADA1).

    Studio_updated.jpg
  3. Open the Test Center application and connect to the Web Server (in our case this was installed on the Machine named SCADA3).

    Test_center.png

    Tip

    In case the Server is not visible or cannot be applied in the Test Center application, you can alternatively open the Web.config file inside the _SERVICES/WEBservices folder located at C:\inetpub\wwwroot\_SERVICES\WEBservices\, and comment the "Documentation" lines, as follows:

    <webServices><protocols><!--Comment the next line to enable WSDL metadata output for *.asmx web services<remove name="Documentation" />--></protocols></webServices></system.web>
  4. After applying these changes add some Signals in order to check the connection between IIS and Web Services available on the IIS Machine, named SCADA3.

    TC_working.png
  5. You can further check the three-machine installation using the Smart Editor application by creating a new project. Add to the SmartEditor project page some extensions (e.g i4-core, wf-alarm-viewer, and wf-sensor).

  6. Open the Object properties panel of the i4-core extension and organize the following changes:

    • Go to property “Remote IIS Server Url” and input the WEB Server (SCADA3) machine name.

    SmartEditor_perj.png
  7. Publish the SmartEditor project. If all settings were correct the run-time project should be properly working.

    SE_prj_runtime.png
Testing an i4designer visualization on the three machine installation

Tip

If during the setup the listening port was changed, you might encounter some connectivity issues. Therefore, you might want to recheck and confirm that the port used for the TCP/UDP Inbound and Outbound rules is correct.

To open an i4designer visualization on the three machine installation, please proceed as follows:

  1. On the SCADA3 Machine where the i4SCADA WebServer is installed, open the Services application and make sure that the i4SCADA Synchronization Service is in status Running.

  2. Next, create a new empty folder under inetpub/wwwroot.

    Empty_folder_1.jpg
  3. Open the new folder, and add a second empty folder.

    Empty_folder_2.jpg
  4. Open i4SCADA Studio Application and define your i4designer Project settings, under the Settings section, as follows:

    Add_i4designer_path.jpg
    1. Fill in your Project Token copied from the respective i4designer project.

    2. Select the second created empty folder as Project Path.

    Tip

    For more details about the i4designer Project Settings, please also visit i4designer Section.

  5. Next, start the i4SCADA Server from the Service Manager application, on the i4SCADA Server Machine (SCADA2).

  6. After all the above steps have been done, let's publish the linked i4designer project.

  7. Now, check the inetpub/wwwroot folder on the SCADA3 Machine. The i4designer project contents were published here. You can now successfully open the i4designer visualization and proceed with further needed updates.

Method 2: Setting up the triple-machine environment

The following configuration must be applied to the trio of servers in order to distribute the i4SCADA installation properly.

Setting up the Database Server (SCADA1)

This Windows Server must be configured as an SQL Database server. For i4SCADA, the Microsoft SQL Server 2016 must be installed on this machine in order to host the SCADA database. SQL Management Tools must be installed along with the SQL Server, in order to provide access to the Microsoft SQL Server Management Studio.

  1. Enable the TCP/IP protocol in the SQL Server Network Configuration section of the SQL Server Configuration Manager

    TCP_IP_properties.jpg
  2. Set the SQL Server Browser to Automatic start and make sure it’s running (in the SQL Server Services section of the SQL Server Configuration Manager, as follows:

    1. Select the SQL Server Browser Properties option and set the Start Mode to Automatic, under TAB Service.

      SQL_Server_Browser_Properties.jpg
    2. Check the SQL Server Browser status and make sure it is in status Running. In case it did not start, click right and select the option Start.

      SQL_Server_Browser.jpg
  3. Restart the SQL Server service in the SQL Server Configuration Manager

    Restart_SQL_Server.jpg
  4. Find out what ports are used by the SQL Server, as follows:

    1. Open the SQL Server Management Studio

    2. Open the Management folder

    3. Open the SQL Server Logs folder

    4. Select the Current log file and click right to open the Log Filter Viewer dialog.

      SQL_Server_Logs.jpg
    5. In the Log Filter Viewer dialog select the Filter toolbar option or the View filter settings linkable field.

      The Filter Settings dialog is opened allowing you to input the text “server is listening on” in the Message Contains Text field and Enable the Apply filter option.

      Filter_settings_dialog.jpg
    6. Press the OK button. The SQL Server port number will be displayed in the logs as listened to.

      Ports_listened_to.png
  5. Allow inbound and outbound port rules for port 1433 for both TCP and UDP protocols, as follows:

    1. Open Windows Defender Firewall.

    2. Click on the Advanced settings option.

      Advanced_settings.jpg
    3. The Windows Defender Firewall with Advanced Security dialog is opened.

    4. Select the Inbound Rules menu entry and click on the New Rule option.

      New_rule_for_Inbound.jpg
    5. The New inbound Rule Wizard dialog is opened. In this view select the Port option and press the button Next.

      Port_Inbound_Rule.jpg
    6. Add in the "Specific local ports" field the TCP port number 1433. Click again the Next button.

      1433Port.jpg
    7. Make sure that option Allow connection is selected and press the Next button.

      Allow_the_connection.jpg
    8. In the next window select the desired location where the new rule should be applied (by default, all options are selected). Click again the Next button.

    9. Define a Name and Description for the new Inbound TCP Rule and click the Finish button.

      Finish_TCP_Inbound.jpg
    10. Next, add the Inbound UDP Rule for the 1433 port described above.

      UDP_1433.jpg
    11. Repeat the steps described above, for the Outbound TCP and UDP Rules, under the Outbound Rules menu entry of Windows Defender Firewall.

      Outbound_new_Rules.jpg
  6. Allow inbound and outbound port rules for port 1434 for both TCP and UDP protocols, as follows:

    1. Open Windows Defender Firewall.

    2. Click on the Advanced settings option.

      Advanced_settings.jpg
    3. The Windows Defender Firewall with Advanced Security dialog is opened.

    4. Select the Inbound Rules menu entry and click on the New Rule option.

      New_rule_for_Inbound.jpg
    5. The New Inbound Rule Wizard dialog is opened. In this view select the Port option and press the button Next.

      Port_Inbound_Rule.jpg
    6. Add in the "Specific local ports" field the TCP port number 1434. Click again the Next button.

      1434_port.jpg
    7. Make sure that option Allow connection is selected and press the Next button.

      Allow_the_connection.jpg
    8. In the next window select the desired location where the new rule should be applied (by default, all options are selected). Click again the Next button.

    9. Define a Name and Description for the new Inbound TCP Rule and click the Finish button.

      Finish_TCP_Inbound.jpg
    10. Next, add the Inbound UDP Rule for the 1443 port, as described above.

      UDP_1434.jpg
    11. Repeat the steps described above, for the Outbound TCP and UDP Rules, under the Outbound Rules menu entry of Windows Defender Firewall.

      Outbound_new_Rules.jpg
  7. Allow inbound and outbound port rules for the SQL Server port (in our case, 49741) for both TCP and UDP protocols, as follows:

    1. Open Windows Defender Firewall.

    2. Click on the Advanced settings option.

      Advanced_settings.jpg
    3. The Windows Defender Firewall with Advanced Security dialog is opened.

    4. Select the Inbound Rules menu entry and click on the New Rule option.

      New_rule_for_Inbound.jpg
    5. The New Inbound Rule Wizard dialog is opened. In this view select the Port option and press the button Next.

      Port_Inbound_Rule.jpg
    6. Add in the "Specific local ports" field the TCP port number 49741. Click again the Next button.

      49741_TCP.jpg
    7. Make sure that option Allow the connection is selected and press the Next button.

      Allow_the_connection.jpg
    8. In the next window select the desired location where the new rule should be applied (by default, all options are selected). Click again the Next button.

    9. Define a Name and Description for the new Inbound TCP Rule and click the Finish button.

      Finish_TCP_Inbound.jpg
    10. Next, add the Inbound UDP Rule for the 49741 port described above.

      UDP_49741.jpg
    11. Repeat the steps described above, for the Outbound TCP and UDP Rules, under the Outbound Rules menu entry of Windows Defender Firewall.

      Outbound_new_Rules.jpg
  8. Last but not least, make sure that the Network Discovery is enabled for the network you are connected to, as follows:

    1. Go to Control Panel and select the option Network and Internet.

    2. Select the Network and Sharing Center and click on the Change advanced sharing settings.

      Advanced_sharing_and_network_settings.jpg
    3. In the Advanced Sharing settings make sure that the Network discovery and/or File and printer sharing are turned ON, for your current profile.

      Network_discovery_and_sharing_center.png

      Tip

      Changes at the level of Network discovery can be lost after saving them if the dependency services are disabled. Please make sure the following services are enabled and running:

      • DNS Client

      • Function Discovery Resource Publication

      • SSDP Discovery

      • UPnP Device Host.

      Further details for troubleshooting such issues can be found on the forum linked here.

Setting up the i4SCADA Server (SCADA2)

The SCADA server must be configured with the standard SCADA prerequisites. Some of those, like IIS, may not actually be used in the final three-way SCADA setup, but are still required by the i4SCADA Setup.

Tip

Please refer to the i4SCADA Setup tutorial for more details about the steps required for this installation.

To set up the SCADA Server the following steps should be processed:

  1. Install i4SCADA as a normal installation, including all required prerequisites: Windows Roles and Features (IIS and .NET Framework 3.5 and 4.7). Some features may be available only after the initial installation.

    Note

    The SQL Server setup part of the i4SCADA installation can be skipped since we will use the Database Server’s SQL.

  2. Make sure that the i4SCADA Studio can connect to the Database Server SQL database, as follows:

    STudio_png.jpg
    1. Open the Command Prompt application on the i4SCADA Server machine (SCADA2). and

    2. Ping the IP of the DB server - e.g. Ping [database server ip].

      Tip

      The local IP can be identified using the Ipconfig command.

      If there is a network communication between the 2 machines the ping command should output:

      • C:\Users\vagrant>ping 19x.16y.xx.yy (the IP of the Machine where the SQL is installed - SCADA1)

      If the connection was successfully working the result should be something like:

      Pinging 19x.16y.xx.yy with 32 bytes of data:

      Reply from 19x.16y.xx.yy: bytes=32 time=2ms TTL=128

      Reply from 19x.16y.xx.yy: bytes=32 time<1ms TTL=128

    Note

    Since i4SCADA was not installed on the Database Server, the Demo Project DB will not be present on the Database Server. Either restore a SCADA database on the Database Server and connect to it from the SCADA Server’s Studio or create a new SCADA DB using Studio’s interface.

  3. Set the remote SCADA DB as the default Studio DB once connected to it (either via the initial dialog or from the Database Access section of the Settings area), as follows:

    1. Copy the SCADA Database name.

      SCADA_DB_name.jpg
    2. Use it to replace the Database server so that we can connect to the newly created database.

      Replace_DB_name_png.jpg
  4. Next, open the Registry Editor application and export the DSN registry key from HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\WEBFACTORY\WFSERVER\2.00\Settings and store it for later use.

    add_dsn.png
  5. Edit the Scada.CommunicationManager.Server.exe.config file with a text editor. This file can be found through the path [your-install-location]/i4SCADA\Server\CommunicationManager).

    Scada_communicationManager_Server.jpg
  6. Locate the CommunicationWebClientService and the TraceContributorService services and enable (un-comment) the TcpEndpoints.

    tcp_enabled_scada2.jpg

    Tip

    Optionally, the port 4600 exposed by the communication manager for web services can be modified. If so, the modification should be done for both CommunicationWebClientService and TraceContributorService services.

  7. Allow the Scada.CommunicationManager.Server.exe located at C:\Program Files (x86)\i4SCADA\Server\CommunicationManager\ to communicate through the firewall, as it needs inbound connections to the default port (or to the custom port if modified above).

    Capture4261.jpg
  8. Copy the _SERVICES folder and clientaccesspolicy.xml from the wwwroot folder of the IIS to a shared network location so it can be transferred later to the Web Server.

  9. Start the SCADA Server using the i4SCADA Service Manager.

    Service_Mgr.jpg
  10. Last but not least, make sure that the Network Discovery is enabled for the network you are connected to, as follows:

    1. Go to Control Panel and select the option Network and Internet.

    2. Select the Network and Sharing Center and click on the Change advanced sharing settings.

      Advanced_sharing_and_network_settings.jpg
    3. In the Advanced Sharing settings make sure that the Network discovery and/or File and printer sharing are turned ON, for your current profile.

      Network_discovery_and_sharing_center.png

      Tip

      Changes at the level of Network discovery can be lost after saving them if the dependency services are disabled. Please make sure the following services are enabled and running:

      • DNS Client

      • Function Discovery Resource Publication

      • SSDP Discovery

      • UPnP Device Host.

      Further details for troubleshooting such issues can be found on the forum linked here.

Setting up the Web Server (SCADA3)

The Web Server machine will run the IIS components of the i4SCADA setup, the web services. To wrap up the final part of this tutorial, please organize the following steps:

  1. Fully install the IIS with all its components on the machine.

    1. Install the .NET Framework 3.5 complete feature set.

    2. Install .NET Framework 4.7 complete feature set.

      Note

      Make sure that the following IIS .NET Framework settings are fully installed:

      • HTTP Action

      • Non HTTP Action

      • HTTP Activation

  2. Copy the _SERVICES folder and the clientaccesspolicy.xml file that you saved on the i4SCADA Machine earlier (see step 8). Save them on the Web Server machine (SCADA3) under C:\inetpub\wwwroot.

    Capture4250.jpg
  3. Copy the DSN registry key exported earlier (see step 4), execute it and add the key to the Web Server machine registry.

    import.png

    Note

    In case you are using multiple projects, the DSN Registry Key needs to be updated on the web webserver to be in sync with the project used by the SCADA server. Therefore, please copy the DSN Registry Key from the server and update it on the web server machine.

  4. In IIS create an i4SCADA app pool with .NET CLR Version v4.0.3xxx and Integrated pipeline mode. The i4SCADA Application Pool needs to be created in order to be used by the web services copied at the previous step.

    Add_App_pool.jpg
  5. Back in the Application Pools page, select the new i4SCADA_AppPool and click the Advanced Settings... option from either the contextual menu or the Actions panel. Set the Enable 32-Bit Applications to True, the Queue Length to 4000 , and the Identity to NetworkService.

    Add_App_pool.jpg

    Click OK to confirm the application pool settings.

  6. Now the new i4SCADA_AppPool needs to be applied on the Default Web Site. Select the Default Web Site from the Connections panel and click on the Basic Settings... option from the Actions panel.

    Basic_settings.jpg
  7. In the Edit Site dialog, click on the Select... button from the Application pool area to select the new application pool.

    Edit_default_site_settings.jpg
  8. In the Select Application Pool dialog, select the i4SCADA_AppPool and confirm the two opened dialogs by clicking the OK buttons.

    Select_App_Pool.jpg
  9. Expand the _SERVICES folder under the Default Web Site and convert to application these folders: DemoProject, MessengerPro, SchedulerPro, and WEBservices.

    Connections.jpg
  10. Go to Web.config file inside the _SERVICES/WEBservices folder located at C:\inetpub\wwwroot\_SERVICES\WEBservices\ and perform the following actions:

    WebConfig.jpg
    1. Disable (comment out) the CommunicationWebClientService net.pipe endpoints.

    2. Enable (uncomment) the CommunicationWebClientService net.tcp endpoints.

    Note

    Please note that it is also possible to use "HTTP" as a communication protocol. In order to enable it, please make sure to uncomment the CommunicationWebClientService HTTP endpoints.

  11. In the two uncommented endpoints (net.tcp or HTTP) replace the “localhost” reference in the endpoint address with the computer name used by the machine where the SCADA server is installed.

    Important

    If the web services port was modified when configuring the i4SCADA Server communication, use the new port when configuring the net.tcp endpoints.

  12. Next, open the Client.config file located at C:\inetpub\wwwroot\_SERVICES\WEBservices\WCF\ with a text editor and perform the following actions:

    Capture4264.jpg
    1. Disable (comment out) the CommunicationWebClientService net.pipe endpoint(s).

    2. Enable (uncomment) the CommunicationWebClientService net.tcp endpoints. In the uncommented net.tcp endpoints, replace the “localhost” reference in the endpoint address with the name of the SCADA Server.

      client_Config.jpg

    Note

    Please note that it is also possible to use "HTTP" as a communication protocol. In order to enable it, please make sure to uncomment the CommunicationWebClientService HTTP endpoints.

  13. Open a Command Prompt terminal using Administrator privileges and run the following commands one by one to disable the IIS logging:

    %windir%\System32\inetsrv\appcmd unlock config /section:httpLogging
    
    %windir%\System32\inetsrv\appcmd set config "Default Web Site/_services" /section:httpLogging /dontLog:true
    
    iisreset
  14. Install the SQL2008NativeClient from the Prerequisites folder of the i4SCADA Setup. This is required in order for the web services to communicate with the SQL database.

    Tip

    The SQL2008NativeClient can be found under the i4SCADA Prerequisites folder.

  15. Last but not least, make sure that the Network Discovery is enabled for the network you are connected to, as follows:

    1. Go to Control Panel and select the option Network and Internet.

    2. Select the Network and Sharing Center and click on the Change advanced sharing settings.

      Advanced_sharing_and_network_settings.jpg
    3. In the Advanced Sharing settings make sure that the Network discovery and/or File and printer sharing are turned ON, for your current profile.

      Network_discovery_and_sharing_center.png

      Tip

      Changes at the level of Network discovery can be lost after saving them if the dependency services are disabled. Please make sure the following services are enabled and running:

      • DNS Client

      • Function Discovery Resource Publication

      • SSDP Discovery

      • UPnP Device Host.

      Further details for troubleshooting such issues can be found on the forum linked here.

Testing an i4SCADA SmartEditor visualization on the three machine installation

Tip

If during the setup the listening port was changed, you might encounter some connectivity issues. Therefore, you might want to recheck and confirm that the port used for the TCP/UDP Inbound and Outbound rules is correct.

After processing all the above-described steps you can quickly check if the installation has been correctly organized, as follows:

  1. Open the Machine where the i4SCADA Server is installed (SCADA2) and start the i4SCADA Server from the Service Manager application.

  2. Open Studio and connect to the Database Server SQL database. (in our case the Data Base Server SQL was installed on the Machine named SCADA1).

    Studio_updated.jpg
  3. Open the Test Center application and connect to the Web Server (in our case this was installed on the Machine named SCADA3).

    Test_center.png

    Tip

    In case the Server is not visible or cannot be applied in the Test Center application, you can alternatively open the Web.config file inside the _SERVICES/WEBservices folder located at C:\inetpub\wwwroot\_SERVICES\WEBservices\, and comment the "Documentation" lines, as follows:

    <webServices><protocols><!--Comment the next line to enable WSDL metadata output for *.asmx web services<remove name="Documentation" />--></protocols></webServices></system.web>
  4. After applying these changes add some Signals in order to check the connection between IIS and Web Services available on the IIS Machine, named SCADA3.

    TC_working.png
  5. You can further check the three-machine installation using the Smart Editor application by creating a new project. Add to the SmartEditor project page some extensions (e.g i4-core, wf-alarm-viewer, and wf-sensor).

  6. Open the Object properties panel of the i4-core extension and organize the following changes:

    • Go to property “Remote IIS Server Url” and input the WEB Server (SCADA3) machine name.

    SmartEditor_perj.png
  7. Publish the SmartEditor project. If all settings were correct the run-time project should be properly working.

    SE_prj_runtime.png
Testing an i4designer visualization on the three machine installation

Tip

If during the setup the listening port was changed, you might encounter some connectivity issues. Therefore, you might want to recheck and confirm that the port used for the TCP/UDP Inbound and Outbound rules is correct.

To open an i4designer visualization on the three machine installation, please proceed as follows:

  1. Open the Machine where the i4SCADA Server is installed (SCADA2) and expose the i4SCADA Synchronization Service.

    To do that, you can add the "Synchronization" folder, to a folder shared with other computers in the same network.

    Sync_folder.jpg
  2. Next, open the Machine where the i4SCADA WebServer is installed (SCADA3) and copy the shared "Synchronization" folder, to a known location.

    Sync_folder_SCADA_3.jpg
  3. On the i4SCADA WebServer Machine (SCADA3), open the Windows Services application and find the "i4SCADA Synchronization Service". Make sure that it is in the status "Running".

  4. Open the Machine where the i4SCADA Server is installed (SCADA2) and create a new empty folder under inetpub/wwwroot.

    Empty_folder_1.jpg
  5. Open the new folder, and add a second empty folder.

    Empty_folder_2.jpg
  6. Open i4SCADA Studio Application, on the SCADA2 Machine, and define your i4designer Project settings, under the Settings section, as follows:

    Add_i4designer_path.jpg
    1. Fill in your Project Token copied from the respective i4designer project.

    2. Select the second created empty folder as Project Path.

    Tip

    For more details about the i4designer Project Settings, please also visit i4designer Section.

  7. Next, start the i4SCADA Server from the Service Manager application, on the i4SCADA Server Machine (SCADA2).

  8. After all the above steps have been done, let's publish the linked i4designer project.

  9. Check the new folder on the SCADA2 Machine. The folder should be empty.

  10. Now, check the inetpub/wwwroot folder on the SCADA3 Machine. The folders created on SCADA2 Machine were automatically cloned on the machine running the WebServices and the i4designer project contents were published here. You can now successfully open the i4designer visualization and proceed with further needed updates.