KEPServer

AA_13475335 · ‎May 13, 2025

I am currently using KEPServerEX 6 demo and trying to establish an OPC UA connection with UA Expert for testing purposes. I have successfully configured a device (Omron NJ via Ethernet) and am able to browse and render the tag database correctly within KEPServerEX.

However, I am experiencing the following issue:

When I try to connect to the server using UA Expert, I get the following error:

BadSecurityChecksFailed
or
The server does not support the configured security policy "None"

It seems that KEPServerEX is not allowing connections using the "None" security policy.I want to change the security policies in kep, but i cannot find any option to enable or change the supported security policies. It looks like the interface doesn't expose these controls.

What I have tried:

Checked and restarted the KEPServerEX Runtime.

Confirmed that the OPC UA endpoint is active at:
opc.tcp://<my-ip>:49320

Tried changing the security mode in UA Expert to match KEPServerEX (e.g., None/None, Basic128Rsa15, etc.)

Deleted and reset the UA Expert certificate trust store.

Verified firewall rules allowing port 49320.

Ensured device drivers and tags are working correctly (Omron NJ).

Request:

Could you please assist me in:

Enabling support for the "None" security policy in KEPServerEX.

Verifying the correct procedure to expose and modify supported OPC UA security policies.

Confirming whether version limitations or trial licenses may restrict security configuration.

System Info:

KEPServerEX Version: 6.x (latest) demo

Device: Omron NJ via Ethernet driver

Client: UA Expert

OS: Windows 10/11

Thank you in advance for your support.

Best regards,
Amandine

pshashipreetham · ‎Jun 02, 2025

Hi,

To allow UA Expert to connect to KEPServerEX using Security Policy “None,” you need to explicitly enable it in the KEPServerEX OPC UA Configuration settings. By default, newer versions of KEPServerEX disable the “None” policy for security reasons.

Steps to Enable “None” Security Policy:

Open KEPServerEX Configuration
- Launch KEPServerEX Configuration application.
Access OPC UA Configuration
- Go to Project > OPC UA Configuration from the top menu.
Go to Endpoints Tab
- In the configuration window, go to the Endpoints tab.
Edit the Endpoint
- Click the existing endpoint (e.g., opc.tcp://localhost:49320) and then click Edit.
Enable “None” Security Policy
- Under the list of supported security policies, check the box for:
  - Security Policy: None
  - Security Mode: None
Apply and Restart
- Click OK, then Apply.
- Restart the KEPServerEX Runtime to apply changes.
Reconnect with UA Expert
- In UA Expert, make sure you select opc.tcp://<your-ip>:49320 with Security Policy = None and Security Mode = None.

Additional Notes:

Trial Version Limitation: The demo version of KEPServerEX does not restrict security settings. The issue is related to default configuration, not license limitations.
Windows Firewall: You already allowed port 49320, so no change needed unless a third-party antivirus or firewall blocks OPC UA traffic.
Certificate Trust: Since you're using “None” security, certificates won't be enforced, but it’s good practice to clear trust lists if testing with security enabled later.

After enabling the “None” policy and restarting the server, your UA Expert client should connect without error.

Thanks,

Shashi Preetham,
Email: psp316r@outlook.com,
Mobile: +91 8099838001.