You’ve got a PLC on the factory floor. You need its data in your SCADA, MES, historian, or cloud platform. OPC UA is the way to get it there — securely and without vendor lock-in.
But the steps depend on what PLC you have. Some PLCs have OPC UA servers built right in. Others need external software or hardware gateways. This guide covers all the main scenarios so you can get connected regardless of your equipment.
Table of Contents
Three Ways to Connect a PLC to OPC UA
Before diving into specific brands, understand that there are three approaches to getting PLC data into OPC UA.
Option 1: Built-in OPC UA server
Many modern PLCs have an OPC UA server embedded directly in the controller. You enable it in the PLC’s configuration software, select which tags to expose, and connect your OPC UA client directly to the PLC’s IP address on port 4840.
This is the cleanest approach — no middleware, no extra software licenses, no additional hardware. The PLC is the OPC UA server.
PLCs with built-in OPC UA servers: Siemens S7-1200 (firmware 4.4+), Siemens S7-1500 (firmware 2.5+), Beckhoff TwinCAT 3, some Schneider Electric Modicon controllers, OMRON NX/NJ series, B&R Automation, and Codesys-based controllers.
Option 2: OPC UA gateway software
If your PLC doesn’t have a built-in OPC UA server, you can run gateway software on a PC or industrial PC that connects to the PLC using its native protocol and exposes the data via OPC UA.
Popular OPC UA gateway products include Kepware (now PTC ThingWorx Kepware Server), MatrikonOPC, Softing, and Ignition’s built-in OPC UA module with native PLC drivers.
The gateway connects to the PLC over Ethernet using the PLC’s native protocol (S7 protocol for Siemens, EtherNet/IP for Allen-Bradley, Modbus TCP for many others) and makes the data available through an OPC UA server interface.
Option 3: Hardware gateway
For PLCs that only support serial communication or proprietary networks, a hardware gateway device sits between the PLC and your Ethernet network. It handles the protocol translation in a dedicated box.
This is the approach for legacy PLCs like older Siemens S7-300/400 on MPI/Profibus, Allen-Bradley PLC-5 or SLC 500 on DH+, or any PLC on serial Modbus RTU.
Connecting Siemens PLCs
Siemens has the strongest built-in OPC UA support of any major PLC vendor. Both the S7-1200 and S7-1500 families include an embedded OPC UA server.
Requirements
For S7-1200: firmware version 4.4 or higher. For S7-1500: firmware version 2.5 or higher. TIA Portal V16 or later is recommended — earlier versions may require a separate OPC UA license, but from V16 onward the license is included.
Note: the S7-1200 can only act as an OPC UA server. The S7-1500 can act as both client and server.
Step-by-step: Enable OPC UA on S7-1500
Open your project in TIA Portal. In the project tree, navigate to the PLC’s Device Configuration. Click on the CPU and open Properties. Find the OPC UA section and click on Server. Check “Activate OPC UA Server.” Note the server address — it will be something like opc.tcp://192.168.0.10:4840. This is what your client will connect to.
Under the Security settings, TIA Portal automatically generates a self-signed server certificate. For production, you should replace this with a CA-signed certificate.
Configure which security policies the server supports. For production, enable only Basic256Sha256 with Sign & Encrypt. Disable weaker policies.
Expose your data
By default, tags in Siemens data blocks have the “Accessible from HMI/OPC UA” checkbox enabled. This means they’re visible to OPC UA clients. If you want to restrict which tags are exposed, uncheck this option for tags that should remain private.
For large projects, Siemens recommends exposing only the tags that OPC UA clients actually need. Every exposed tag adds CPU load to the OPC UA server scanning process.
You can also create a modeled OPC UA Server Interface in TIA Portal to organize your exposed data into a structured hierarchy — instead of just exposing flat data blocks.
Connect a client
Download and install UaExpert (free from Unified Automation). Click “Add Server” and enter the PLC’s endpoint URL: opc.tcp://192.168.0.10:4840. Select the endpoint with your desired security policy. Accept the server certificate (or install it in your trust list for production). Browse to Root > Objects > ServerInterfaces or Root > Objects > PLC_1 to find your exposed tags. Drag tags into the Data Access View to start reading values.
Connecting Allen-Bradley (Rockwell) PLCs
Rockwell’s OPC UA support has evolved significantly. Newer ControlLogix and CompactLogix controllers now support OPC UA, though the feature set is newer and less mature than Siemens.
Built-in OPC UA (newer controllers)
Starting with firmware v36, certain ControlLogix (1756-L8x series, except L81) and CompactLogix (5380 series) controllers support built-in OPC UA client functionality. Some newer models also support OPC UA server functionality.
The setup involves configuring the OPC UA connection in Studio 5000, managing certificates through FactoryTalk Policy Manager, and defining which tags are accessible.
Important note: Allen-Bradley’s OPC UA implementation is relatively new (released around early 2024). Documentation is still evolving and some features like secure connections with full certificate management require additional Rockwell software.
Gateway approach (most common)
For the majority of Allen-Bradley installations, the proven approach is using an OPC UA gateway. Kepware has an Allen-Bradley suite that supports ControlLogix, CompactLogix, GuardLogix, MicroLogix, SLC 500, and PLC-5 over EtherNet/IP. Ignition includes native Allen-Bradley drivers that connect via EtherNet/IP and expose data through its built-in OPC UA server. MatrikonOPC also offers Allen-Bradley drivers.
The gateway connects to the PLC using EtherNet/IP (CIP protocol), reads the controller’s tag database, and serves it to OPC UA clients. This approach works with virtually any Allen-Bradley Ethernet-enabled controller.
Connecting Beckhoff PLCs
Beckhoff’s TwinCAT 3 platform has excellent OPC UA integration. Both OPC UA client and server can be installed directly into the TwinCAT 3 runtime.
Setup
Install the TwinCAT OPC UA Server (TF6100) through the TwinCAT Package Manager. The OPC UA server integrates tightly with the PLC program, allowing real-time configuration changes and high-performance data exchange.
Tags are exposed by marking PLC variables with special attributes in the TwinCAT project. You can define which variables are visible and how they’re organized in the OPC UA address space.
Beckhoff’s approach is notable because the OPC UA server runs in the same real-time environment as the PLC program. This gives better performance than external gateways, especially for edge computing applications.
Connecting Schneider Electric PLCs
Schneider Electric offers OPC UA support through its Modicon M580, M340, and some M251/M262 controllers.
The M580 ePAC platform has a built-in OPC UA server that can be configured through Unity Pro or EcoStruxure Control Expert. For older controllers, Schneider’s OPC Factory Server (OFS) software acts as a gateway.
Connecting Other PLCs via Gateway
For PLCs that don’t have built-in OPC UA — including most legacy systems — a gateway is the answer.
Kepware
The most widely deployed OPC UA gateway. Kepware supports over 150 PLC drivers covering virtually every manufacturer: Allen-Bradley, Siemens, Mitsubishi, Omron, ABB, Schneider, GE, Yokogawa, Emerson, and many more.
Install Kepware on a Windows PC or industrial PC on the same network as the PLC. Add a channel with the appropriate driver for your PLC brand. Configure the connection parameters (IP address, rack/slot, etc.). Add tag groups and tags either manually or by browsing the PLC. Kepware’s built-in OPC UA server automatically exposes all configured tags to OPC UA clients.
Ignition
Ignition includes native drivers for Siemens, Allen-Bradley, Modbus, Omron, Mitsubishi, and DNP3 devices. It also includes a full OPC UA server and client. Since Ignition often serves as the SCADA/HMI platform anyway, using its built-in drivers eliminates the need for a separate gateway.
Open-source options
For developers and smaller projects, open-source OPC UA servers like open62541 (C), Eclipse Milo (Java), or node-opcua (Node.js) can be used to build custom gateways. These require programming but give you full control over the implementation.
Common Connection Problems and Fixes
“Cannot connect” or “Connection refused”
Check that the OPC UA server is actually enabled on the PLC or gateway. Verify the IP address and port (default is 4840). Make sure there’s no firewall blocking the port. Confirm the PLC is on the same network or the correct route exists.
“Certificate not trusted”
This is the most common issue. The OPC UA client doesn’t trust the server’s certificate (or vice versa). In the client, find the rejected certificates folder and move the server’s certificate to the trusted folder. In the server, do the same for the client’s certificate. For production, set up proper CA-based certificate management.
“Bad_UserAccessDenied”
Your user credentials don’t have permission for the requested operation. Check that the username and password are correct. Verify that the user has read (or write) access to the specific tags you’re trying to access.
“BadNodeIdUnknown”
The tag you’re trying to read doesn’t exist in the server’s address space. Verify the NodeId is correct. Browse the server’s address space to find the right path. On Siemens, check that the tag has “Accessible from HMI/OPC UA” enabled.
Slow performance
Reduce the number of monitored items or increase the sampling interval. On Siemens, expose only the tags you actually need — every exposed tag adds CPU load. Use subscriptions instead of polling. Check that your publishing interval isn’t faster than the PLC’s scan cycle.
Security Checklist
Before going live, make sure you’ve covered these basics.
Replace self-signed certificates with CA-signed certificates. Disable the “None” security policy — use Basic256Sha256 with SignAndEncrypt. Set up user authentication — don’t allow anonymous access in production. Enable only the minimum set of tags that clients actually need. Place the OPC UA server behind a firewall and segment your network. Document your certificate management process including renewal timelines.
Conclusion
Connecting a PLC to OPC UA comes down to your equipment. Modern PLCs from Siemens, Beckhoff, and others have it built in — enable the server, expose your tags, connect a client. Older PLCs or brands without native support need a gateway like Kepware or Ignition.
Regardless of the path, the result is the same: your PLC data is available through a standardized, secure, vendor-independent interface. Any OPC UA client — SCADA, MES, historian, cloud platform — can connect without custom drivers or proprietary protocols.
Start with a test connection using UaExpert and the “None” security mode. Get your data flowing. Then tighten security before going to production. That’s the fastest path from zero to connected.