How to set up a Gateway

Setting up a gateway

Login to the SDA Console and navigate to the devices view. Click on "Add New Device" and choose "Gateway".

Device view with "Add New Device" function highlighted

Select version 2 and choose a name for the gateway. In addition, you can select the communication mode you want the gateway to use for outbound connections. UDP is the fastest option but not allowed in some firewall configurations. TCP is the alternative, in this case the gateway will only establish connections on TCP port 443 (see Requirements). You can edit this setting anytime at a later stage, it will affect all future connections that are opened via this gateway.

Then click on "Save".

A screen with a bash command will appear. You can copy it to the clipboard by clicking on it.

Setup gateway screen with installation bash command

Now connect to the device or VM on which you want to install the connectivity client via SSH (e.g., use Putty on Windows). Once connected, paste the command and execute it.

Please make sure that the command starts with "curl" and ends with "/stdin" after pasting it into the command line tool you are using. On some machines some special characters are inserted after and before the command. In this case, please copy the command into an editor (e.g., Notepad) first, remove those special characters at the beginning and at the end and paste it then into the command line.

A successful installation should look like shown below.

Gateway installation on local device

You can confirm successful installation afterwards with the following command.

sudo sda-gateway list

If the gateway was successfully registered the result should look like shown below.

sda-gateway list command after successful installation

Check if communication works

You can afterwards also verify that the gateway is online in the web console (you may to reload the entire page once before).

In case the "SDA Gateway Health" connectivity check is not successful, either the gateway app installation was not successful or your firewall between the gateway and the internet seems to block the connection. Please verify the firewall requirements and contact in SDA in case it does not work.

In case the "SDA Cloud to PLC" connectivity check is not successful, your firewall between the gateway and the internet seems to block the connection. Please verify the firewall requirements and contact in SDA in case it does not work.

To check that all connectivity functions work, you can need to create a PLC/Control entry in the web console (see user manual) below the gateway and check if you can connect to the PLC via the tab "Control Configuration". Note that it can also be a dummy PLC entry, the service checks that it can reach the IP address set for the PLC. Those tests verify that the firewall configuration between gateway and cloud as well as between gateway and PLC is correct.

When you try for the first time after gateway installation the third test will fail as the tenant-specific connection server takes a few minutes to be configured and it is triggered once you request the check. All tests should work a few minutes after the first try.

In case the "Gateway to PLC" connectivity check is not successful, there can be several reasons:

• Please check that the PLC is up and running

• Please check if the PLC can be reached from the device that is used as the gateway (e.g., you can login on try to ping the PLC on its IP). Note that even when the manual ping works (via protocol ICMP) it may be that your internal firewall between the gateway and the PLC may block the communication on the vendor-specific port to administer and configure the PLCs (e.g., for Siemens it is by default TCP 102) and hence in the SDA Console you will see a negative result of this test. Please make sure that communication on this port is possible and align with your IT.

• Please make sure that you have chosen the right communication port for the control in the SDA Console (e.g., for Siemens it is by default TCP 102)