title
OPNsense Networking

Providing access from the PLC network to the internet

Sometimes machine vendors need remote access to the PLC. If they have a device installed inside of the machine that is trying to connect to the internet, then this tutorial is for you. By default, connections to the internet are disabled by default (and should keep being disabled)

Providing access from the PLC network to the internet

Some machine vendors require you to open ports. You can also do that in the firewall, however, we strongly recommend against it.

⚠️
Please note that enabling full internet access for PLCs may pose security risks. We strongly recommend disabling or restricting this access as needed.
  1. Connect to OPNsense

  2. Go to Firewall → Rules → PLC (or similar).

Untitled-13

  1. Click the plus icon to add a new rule.
  2. Create a rule similar to the following:
    Untitled-1-2
    Untitled-2-1
  3. Click save and apply the changes.

You can enable or disable the firewall rule in the same section. For more information, refer to the official OPNsense documentation.

You can enable or disable the firewall rule here: