Deactivating ADS
- The unencrypted ADS is transmitted via the TCP port 48898 (0xBF02)
- The discovery ("Broadcast Search") is transmitted via the UDP Port 48899 (0xBF03)
Both ports can be blocked in the firewall.
The target system can be configured with respect to the ports to be used.
The following keys are available below KEY_LOCAL_MACHINE\SOFTWARE\[WOW6432Node\]Beckhoff\TwinCAT3\System:
ADS Ports |
|
|
DisableAdsTcpListening | REG_DWORD | 1 = prevents the opening of the TCP port 0xBF02 for unencrypted ADS. |
DisableAdsTlsListening | REG_DWORD | 1 = prevents the opening of the TCP port 8016 for Secure ADS |
DisableAdsDiscovery | REG_DWORD | 1 = prevents the opening of the UDP port 0xBF03 for the ADS discovery ("Broadcast Search") |
The attribute SecureOnly="True" can additionally be used via the StaticRoutes.xml file. The ADS port 0xBF02 is thereby kept open, but no further ADS communication is allowed via the port.
<RemoteConnections SecureOnly="True">