Ports to be forwarded for CODESYS access

Viktors · January 26, 2026, 11:34am

Hello,

I have the following setup:

I connect to a projects network via OpenVPN
Inside this network there is an intermediate firewall/router
This device port-forwards traffic to a WAGO CC-100 PLC
The PLC itself is not directly reachable from the VPN network
Port forwarding to the PLC web interface works, and the web UI is accessible

My question is:

What is the minimal network and PLC configuration required to allow CODESYS engineering access (login, download, online mode) in such a setup?

Specifically:

Which TCP/UDP ports must be forwarded to the PLC?
Is TCP 1217 alone sufficient, or are additional ports required?
Is there anything that must be enabled or configured on the PLC side (e.g. in the web interface) to allow CODESYS connections when the PLC is accessed via port forwarding behind a VPN?

This is for standard CODESYS programming access (not OPC UA or WebVisu).

Thanks in advance.

bjornidar · January 26, 2026, 12:28pm

This is what I’ve listed in an old tech.doc. with e!Cockpit:

Wago
Software download : 11740-11743/tcp Engineering
Service-port : 6626/tcp Engineering
WBM/WebVisu : 80 Operation

quenorha · February 13, 2026, 10:39am

The webserver is running on 443 (https).
By default port 80 is disabled (http)

Topic		Replies	Views
CODESYS Virtual Control for LINUX CODESYS docker , linux	8	793	May 13, 2025
Accessing a Wago Linux PLC via OpenVPN Cloud Connexa Hardware and Linux	0	482	January 5, 2024
Wago 750-8212 cannot connect with Codesys 3.5 CODESYS pfc200	5	183	October 21, 2025
WAGO 750-8212 connect to UDP CODESYS pfc200	7	383	January 20, 2025
Get a request via proxy CODESYS	6	249	December 2, 2024