Adding / Removing Routes

Search Routes and add the result at the Local TwinCAT System

PS> Get-AdsRoute -All -name "Tc3*"

Name            NetId             Address       Sub TcVersion RTSystem
----            -----             -------       --- --------- --------
TC3TestA1-CP67x 192.168.0.105.1.1 192.168.0.105     3.1.4021  Win7
TC3Test13-C6650 172.17.60.239.1.1 192.168.0.156     2.11.2246 Win7


PS> $cred = Get-Credential -Message "Get Credentials" -UserName "UserName"

PS> Add-AdsRoute -Credential $cred -Address "TC3TestA1-CP67x" -temporary -passthru

Name            NetId             Address       Sub TcVersion RTSystem
----            -----             -------       --- --------- --------
TC3TestA1-CP67x 192.168.0.105.1.1 192.168.0.105     3.1.4021  Win7

PS> Get-AdsRoute -name "TC3TestA1-CP67x" | Test-AdsRoute

Search for Systems that start with the name "TC3*", then asks the user for Credentials and adds the Route as 'temporary' (with TC2 compatible security, clear text password).

Afterwards, the connection is checked via 'Test-AdsRoute'.

The route is specified by its name (ComputerName).

To find out the address of the route an under the hood broadcast search is necessary what means that the target system must be online available in the network.

Add a route to the local system (Single Sided)

PS> Add-AdsRoute -name Test -NetId 1.2.3.4.1.1 -IPOrHostName 1.2.3.4

Adds a Route named 'Test' to the local routes with the specified NetId and IPAddress.

Because NetId and IPOrHostName are defined AND no credentials are set, this route is added locally only.

Be aware that to get the route functional, the target system must define the backroute.

Add a single sided temporary route

Add-AdsRoute -name "TestRoute" -NetId 1.2.3.4.1.1 -IPOrHostName 1.2.3.4 -Temporary -RemotePersistance None

Adding a route 'TestRoute' single sided and temporary only to the local system.

The remote device doesn't need to be online.

Add a self-signed route

PS> Get-AdsRoute -All -name "Tc3*"

Name            NetId             Address       Sub TcVersion RTSystem
----            -----             -------       --- --------- --------
TC3TestA1-CP67x 192.168.0.105.1.1 192.168.0.105     3.1.4021  Win7
TC3Test13-C6650 172.17.60.239.1.1 192.168.0.156     2.11.2246 Win7


PS> $cred = Get-Credential -Message "Get Credentials" -UserName "UserName"

PS> Add-AdsRoute -Credential $cred -name "TC3TestA1-CP67x" -selfSigned -passthru

Name            NetId             Address       Sub TcVersion RTSystem
----            -----             -------       --- --------- --------
TC3TestA1-CP67x 192.168.0.105.1.1 192.168.0.105     3.1.4021  Win7

PS> Get-AdsRoute -name "TC3TestA1-CP67x" | Test-AdsRoute

Search for Systems that start with the name "TC3*", then asks the user for Credentials and adds the Route with 'SelfSigned' AdsSecure settings.

Afterwards, the connection is checked via 'Test-AdsRoute'.

The route is specified by its name (ComputerName).

To find out the address of the route an under the hood broadcast search is necessary what means that the target system must be online available in the network.

Add a route with (S)hared (C)ertification (A)Authority (SCA)

PS> Add-AdsRoute -Address 192.168.0.105 -sca -paththru

Name            NetId             Address       Sub TcVersion RTSystem
----            -----             -------       --- --------- --------
TC3TestA1-CP67x 192.168.0.105.1.1 192.168.0.105     3.1.4021  Win7

Searches for the system with the specified IPAddress, and add the Route with Shared Certification Authority settings without password.

The precondition is, that valid certificates are already established on both (engineering and remote) systems, within their StaticRoutes.xml files.

The route is specified by its Address only.

Because the NetId is missing a broadcast search is necessary what means that the target system must be online available in the network.

Add a Route with (N)etwork (A)Address (T)ranslation (NAT)

PS> $cred = Get-Credential -Message "Get Credentials" -UserName "UserName"

PS> Add-AdsRoute -Credential $cred -NetId 192.168.0.105 -Nat 1.2.3.4.1.1

Name            NetId       Address       Sub TcVersion RTSystem
--------------- ----------- ------------- --- --------- ------------
TC3TestA1-CP67x 1.2.3.4.1.1 192.168.0.105     3.1.4024  Win10 (2004)

Add a route with a local network address translation (NAT AmsNetId) to project a remote AmsNetId (RemoteNetId) locally to a different address.

Adding a (S)hared (C)ertificate (A)uthority route

PS> $route = get-adsroute CX_01234 -all
PS> $route

Name             NetId                TLS   Address          FingerPrint
----             -----                ---   -------          -----------
CX_01234         172.17.60.197.1.1    X     172.17.60.197    7835dae7a079c4f296c84109b2e6d7156b66e6bcc39e386c3576d7535…

PS> $route | add-adsroute -SharedCertAuth -IgnoreCN -passthru

Name             NetId                TLS   Address          FingerPrint
----             -----                ---   -------          -----------
CX_01234         172.17.60.197.1.1    X     172.17.60.197    7835dae7a079c4f296c84109b2e6d7156b66e6bcc39e386c3576d7535…

Broadcast search for a Device with Hostname CX_01234 and adding of a ADSSecure route via 'Shared Certificate Authority' (SCA) to the local system.

Both systems must contain certificates derived from the same root CA certificate.

Adding a route with UserName/Password (P)re (S)hared (Key) (PSK)

PS> $cred = get-credential
UserName: MyUser
Password: ********

PS> $route = get-adsroute CX_01234 -all
PS> $route

Name             NetId                TLS   Address          FingerPrint
----             -----                ---   -------          -----------
CX_01234         172.17.60.197.1.1    X     172.17.60.197    7835dae7a079c4f296c84109b2e6d7156b66e6bcc39e386c3576d7535…

PS> $route | add-adsroute -PreSharedKey -Credential $cred

Name             NetId                TLS   Address          FingerPrint
----             -----                ---   -------          -----------
CX_01234         172.17.60.197.1.1    X     172.17.60.197    7835dae7a079c4f296c84109b2e6d7156b66e6bcc39e386c3576d7535…

Broadcast search for a Device with Hostname CX_01234 and adding of a ADSSecure route via 'Preshared key' (UserName, Password) to the local system.

The target system must already contain the preshared key configuration (as PSK Identity/Password) in its StaticRoutes.xml configuration file.

Adding a route with BinaryKey (P)re (S)hared (Key) (PSK)

PS> $route = get-adsroute CX_01234 -all
PS> $route

Name             NetId                TLS   Address          FingerPrint
----             -----                ---   -------          -----------
CX_01234         172.17.60.197.1.1    X     172.17.60.197    7835dae7a079c4f296c84109b2e6d7156b66e6bcc39e386c3576d7535…

PS> $route | add-adsroute -PreSharedKey -Identity MyUser -BinaryKey 1,2,3,4,5,6,7,8,9,0xa,0xb,0xc,0xd,0xe,0xf

Name             NetId                TLS   Address          FingerPrint
----             -----                ---   -------          -----------
CX_01234         172.17.60.197.1.1    X     172.17.60.197    7835dae7a079c4f296c84109b2e6d7156b66e6bcc39e386c3576d7535…

Broadcast search for a Device with Hostname CX_01234 and adding of a ADSSecure route via 'Preshared key' (Identity, BinaryKey) to the local system.

The target system must already contain the preshared key configuration (as Psk Identity/BinaryKey) in its StaticRoutes.xml configuration file.

Removing Routes by Address

PS> Get-AdsRoute

Name            NetId             Address       Sub TcVersion RTSystem
----            -----             -------       --- --------- --------
CP-15ECA0       192.168.0.128.1.1 192.168.0.178     0.0       Unknown
TC3TESTA1-CP67X 192.168.0.105.1.1 192.168.0.105     0.0       Unknown

PS> Remove-AdsRoute -Name "CP-15ECA0","TC3TESTA1*"

Removes the Routes "CP-15ECA0" and "TC3TESTA1-CP67X" from the local system.

Removing Routes from the local registered configuration

PS> Get-AdsRoute | Remove-AdsRoute -silent

Removes all registered routes from the local system.