Back

Topic

[KB1036]Networking errors: Windows Firewall issue and configuration

Tags: Firewall, Networking

Communication interfaces
5 years ago
By LM
Options
Print
Applies to:

PcVue 12 onwards.
Summary:

This article describes two simple situations we can encounter frequently between two PcVue stations. Note that there is a more generic article about understanding networking errors with Nmap tool, please have a look if you are not confident with the subject by clicking here. We will use this simple architecture so it is easier to understand.

Simple architecture
Details:

As an introduction, we will explain how to configure the Windows Firewall, then we will see classical issues when it is not configured properly.

The first time you start a multi-station PcVue project, Windows asks you permission to create an incoming security rule in its firewall:

SV Core Application Windows Security Alert

If you accept, PcVue will be able to communicate through its multi-station messaging and you will find 2 incoming security rules in the advanced firewall security. Only the TCP protocol rule is useful, you can delete the rule for the UDP protocol if you wish:

SV Core Application TCP inbound rule

If Windows does not propose to create the incoming rules, here are the default parameters of the TCP rule:

SV Core Application Properties 1 General

SV Core Application Properties 2 Programs and Services

SV Core Application Properties 3 Computers

SV Core Application Properties 4 Protocols and ports

SV Core Application Properties 5 Scope

SV Core Application Properties 6 Advanced

SV Core Application Properties 7 Users

You can customize these settings according to your architecture to enhance security. It is strongly recommended to activate the firewall and therefore this incoming traffic rule is mandatory on PcVue server stations. We will see why in the following examples.

First case, disable the SV Core Application incoming traffic rule in the firewall of the client station (prohibited traffic). Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Client station after 20 seconds:

2019/10/11,15:53:59.905,3,W,,3074,,101,Server->client connection abort, DATACLIENT10S -> DATASERVER10C

2019/10/11,15:53:59.905,3,I,,3188,,101,WinSock error = 10054 WSAECONNRESET

2019/10/11,15:53:59.905,3,I,,3240,,101,Connection reset by peer

The communication is ongoing and the variables are correctly refreshed on the client.

Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Data Acquisition Server station:

2019/10/11,15:54:00.151,3,W,,3174,,1,Time out (20 s) on server connection DATACLIENT10S on watchdog message acknowledgment 

2019/10/11,15:54:00.151,3,W,,3180,,1,Ask deconnection of DATACLIENT10S server connection

2019/10/11,15:54:00.151,3,W,,3072,,1,Client->server connection abort, DATASERVER10C -> DATACLIENT10S

2019/10/11,15:54:00.151,3,I,,3188,,1,WinSock error = 10053 WSAECONNABORTED

2019/10/11,15:54:00.151,3,I,,3238,,1,Software caused connection abort

The incoming traffic rule of the client station is activated again (authorized traffic). Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Client station after few seconds:

2019/10/11,15:57:54.091,3,I,,3070,,101,Server->client connection OK, DATACLIENT10S -> DATASERVER10C

2019/10/11,15:57:54.201,3,I,,9008,,101,Networking message version of station DATASERVER1 = 120001

Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Data Acquisition Server station:

2019/10/11,15:57:54.338,3,W,,3068,,1,Client->server connection OK, DATASERVER10C -> DATACLIENT10S

2019/10/11,15:57:54.338,3,I,,9008,,1,Networking message version of station DATACLIENT1 = 120001

Second case, disable the SV Core Application incoming traffic rule in the firewall of the server station (prohibited traffic). Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Client station after 20 seconds:

2019/10/11,16:02:17.747,3,W,,3072,,101,Client->server connection abort, DATACLIENT10C -> DATASERVER10S

2019/10/11,16:02:17.747,3,I,,3188,,101,WinSock error = 10054 WSAECONNRESET

2019/10/11,16:02:17.747,3,I,,3240,,101,Connection reset by peer

The communication stops and the variables are no longer refreshed on the client!

Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Data Acquisition Server station:

2019/10/11,16:02:17.994,3,W,,3074,,1,Server->client connection abort, DATASERVER10S -> DATACLIENT10C

2019/10/11,16:02:17.994,3,I,,3188,,1,WinSock error = 10060 WSAETIMEDOUT

2019/10/11,16:02:17.994,3,I,,3250,,1,Connection time out

The incoming traffic rule of the server station is activated again (authorized traffic). Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Client station after few seconds:

2019/10/11,16:06:11.905,3,W,,3068,,101,Client->server connection OK, DATACLIENT10C -> DATASERVER10S

2019/10/11,16:06:11.905,3,I,,9008,,101,Networking message version of station DATASERVER1 = 120001

Here is the traces we get in the event viewer (shortcut F7) and in Trace.dat of Data Acquisition Server station:

2019/10/11,16:06:12.151,3,I,,3070,,1,Server->client connection OK, DATASERVER10S -> DATACLIENT10C

2019/10/11,16:06:12.213,3,I,,9008,,1,Networking message version of station DATACLIENT1 = 120001

The communication resumes and the variables are refreshed on the client.

Remark:
Deleting the incoming security rule is the same as if it had been disabled.

Trick:
When you are searching error messages in Trace.log, MacroTrace.log or in the knowledge base, it is better searching for the error code instead of the text message itself. The message can change regarding the language used, the code will still be the same. Here for instance, error code 3188 corresponds to WinSock error = 10060 WSAETIMEDOUT

Created on: 11 Oct 2019 Last update: 30 May 2024