The Modbus Discovery tab enables you to read values from one or more Modbus slave devices over the Modbus TCP protocol.

Modbus servers typically run on TCP port 502. The Port Scan is able to scan this port on the local network to detect available Modbus servers.

Prerequisites

You will need the Discovery user permission on the target devices in order to use this feature.

In order to run Modbus discoveries, at least one of modpoll or mbpoll must be installed on the device. These will be detected on loading the discovery tab. If not installed, an install button will be displayed. Installing mbpoll or modpoll may take several minutes, depending on the quality of the internet connection to the target device.

Running a discovery

To run a discovery, enter the desired options as described below and click "Run".

Options

Discovery Tool: (mbpoll | modpoll) Indicates which binary will be used to read values.

IP Address: the IPv4 address of the modbus TCP server

Port: the TCP port of the modbus server, typically 502.

Modbus Addresses: One or more modbus slave addresses or slave address ranges to read values from. Multiple addresses can be entered separated by commas (,). Address ranges can be entered with the lower and upper values separated by a colon (:).

Examples:

• 5 Slave address 5

• 1,6,10 Slave addresses 1, 6 and 10

• 1:5,10:15,20 Slave addreses 1, 2, 3, 4, 5, 10, 11, 12, 13, 14, 15 & 20

Registers: One or more modbus registers to read values from. This option uses the same format as Modbus Addresses to specify multiple registers.

When reading double-register modbus values, address ranges will be rounded up to the nearest even number of registers. For example, if you ran a scan against register 3, the tool will attempt to read registers 3 & 4 to produce Two-register float, Two-register integer and their big-endian values.

Simlarly, specifying a range of 1:5 will result in registers 5 & 6 being read to produce the two-register values reported at register 5.

Start at: (0 | 1) 0 indicates if the first reference is zero, as used in PDU Addressing. If this is not desired, select 1.

Register Type: (Input | Holding) Indicates which type of register should be read.

Results

If the scan completes successfully, a table of values read from the modbus slaves will be displayed.

These results will be stored in the app until the user exits the workgroup, logs out, closes the browser tab or runs another scan.