Some content on this site is available only to logged-in subscribers. Contact Us for information on becoming a subscriber.

InSource.Solutions | InSource Training | InSource Client Portal
InSource Solutions Logo
Log In Sign Up
InSource.Solutions InSource Training InSource Client Portal Log In Sign Up
  • Home
  • AVEVA InTouch Access Anywhere
  • AVEVA InTouch Access Anywhere Tech Notes

TN IT030401 Resolving Ericom Secure Gateway Errors in Windows Event Viewer

Last updated: March 4th, 2026

Description

  • Author: Zach Burns
  • Published: March 4th, 2026

Details:

The "Ericom Secure Gateway" is installed with the InTouch Access Anywhere (ITAA) Secure gateway component. This is an optional InTouch Access Anywhere component used to provide secure remote access to InTouch and OMI applications. 

By default, the secure gateway listens on port 443 for HTTPS connections. Other services, such as IIS, are also configured to use port 443 by default. When these services are installed on the same node, port conflicts can occur, resulting in Windows Event Log errors such as the Event ID10003 (see image below):

You can confirm the secure gateway is running by checking the Windows Services console (Services.msc). The Secure Gateway should appear as “running” in the list of services:

Per the official AVEVA Secure Gateway Documentation:

“If Microsoft IIS is running on the same server that will host the Secure Gateway, make sure there are no port conflicts. Either change the IIS ports to values other than 80 and 443, or change the Secure Gateway port to a value other than 443 and disable the HTTP auto redirect feature after the installation. If there is a port conflict on either the HTTP or HTTPS port, the Secure Gateway does not operate properly.”

Note: It is strongly recommended not to  install ANY other AVEVA software on nodes hosting the ITAA secure Gateway (Please reference the Secure Gateway Admin Manual). 

Resolution
To permanently resolve these errors and eliminate port conflict messages, preform one of the following actions:
1. Uninstall the secure gateway component if not in use
2. Change default ports for the conflicting application/service or the secure gateway as suggested in the following technote:

https://knowledge.insourcess.com/aveva-intouch-access-anywhere-tech-notes/tn-it290-setting-up-ports-for-intouch-access-anywhere-secure-gateway

To uninstall the InTouch Access Anywhere secure gateway:

Navigate to control panel > Programs and features > right click uninstall/change:

Select “Remove”:

Click “Uninstall” and reboot:


For more information, please reference the InTouch Access Anywhere Secure Gateway Administration guide.

troubleshooting ericom gateway
Give feedback about this article

Recommended articles

[ISS Support Case] Ericom Secure Gateway Failed Listening on :: 443

In the Event Viewer, errors are coming in from the Ericom Secure Gateway component: Failed listening on [::]:443 (IPv6 and IPv4, Secured). Reason : An attempt was made to access a socket in a way forbidden by its access permissions Additional Info: The local IIS is configured to listen on port 443 for the HTTPS binding of "Default Web Site" site. Will retry again in 15 seconds.

Read More

[ISS Support Case] Unknown Error

Unknown errors in the logger: Error Focus WWPackageServer Failed to deploy code modules for object[4140] Error: "'Error failed to deploy code modules to target" when deploying objects to another node. The AppServer Enterprise PC's have fixed IP addresses, are part of a workgroup, and there are no WINS or DNS or Host files. Reinstall AppServer on target node. This will redeploy the bootstrap and resolve the IP address issues. From aaPim Access Denied. (80030005) raised at line 4283 in PimPF.cpp (in D:\BldSrc1\178\s\src\PlatformInstallManager\WWPim\). Summary As previously noted in Tech Note TN10225, security improvements made in System Platform 2017 Update 3 included changes made to the user accounts and groups to utilize Virtual Service Accounts. These accounts and groups are needed for Wonderware products to function properly. Some customers have policies to eliminate unrecognized accounts and groups. This Tech Alert highlights information about the importance of the aaPim account's group membership. Situation aaPIM is the platform installation manager that is responsible for installing platforms. In previous versions aaPIM is launched on demand as a process with Adminintrator privilege. However, in System Platform 2017 Update 3, it is changed into a windows service and added to the Administrators group as a service account. It's important not to remove the NTService\aaPim account from the Administrators group unless you follow recommendations outlined in TN10297 Managing Service Accounts with Group Policy for System Platform 2017 Update 3. Symptoms If aaPim is removed from the Administrator group on System Platform 2017 Update 3, AppServer Deployment will fail. The error message will be similar to this: Error: Failed to deploy RemotePlatformName : Remote Node's UserId/Password don't match GR Node's Action Use exceptions in your IT Policies or Scripts to not delete the required Virtual Service Accounts or follow workaround recommendations outlined in TN10297. From

Read More

[ISS Support Case] lost connection to PLC

PLC L33er- compact logix is able to ping the PLC

Read More
Support Icon

CONTACT SUPPORT

How to reach us

10800 Midlothian Turnpike Tpke, Suite 209, Richmond, VA 23235

1.877.INSOURCE

Technical Support - 1.888.691.3858

Contact Us

  • InSource Solutions
  • InSource Training
  • InSource Client Portal
  • Log In
InSource Solutions Logo

© 2026 InSource Solutions. All Rights Reserved.

Knowledge Base Software powered by Helpjuice

Expand