Run a Modbus TCP slave on port 502 (or any port). Test on 127.0.0.1:502, across your LAN, or through a VPN — no hardware required. Free 30-day trial.
No registration · No credit card · Windows 10/11
Port 502 was assigned to Modbus by IANA (Internet Assigned Numbers Authority) when Modicon introduced Modbus TCP in 1999. It's the official registered port for the Modbus TCP/IP protocol and is used by default on virtually every Modbus TCP device — PLCs, energy meters, building automation controllers, VFD drives, and SCADA servers.
On Windows, port 502 is not reserved for any other service, so a Modbus TCP simulator can bind to it without conflict. However, if you're testing multiple slave instances on the same PC, or if port 502 is blocked by your company firewall, ModbusSimulator.com lets you run on any custom port (e.g., 5020, 1502, 8502).
| Scenario | Slave IP | Port | Use case |
|---|---|---|---|
| Same PC testing | 127.0.0.1 | 502 | SCADA/HMI and simulator on the same machine |
| LAN testing | 192.168.x.x | 502 | PLC or HMI on same network as simulator PC |
| Multi-instance | 127.0.0.1 | 502, 503, 504 | Multiple simulated devices on one PC |
| VPN / remote | VPN IP | 502 | Testing over WFH VPN connection |
| Firewall restricted | PC IP | 5020 or custom | When port 502 is blocked by firewall |
Select Modbus TCP Slave. Enter 0.0.0.0 as the bind address (accepts connections from all interfaces) or 127.0.0.1 for localhost-only. Port: 502. Click Start. The status bar shows "Listening on 0.0.0.0:502".
For localhost-only testing, no firewall change is needed. For LAN access: Windows Defender Firewall → Advanced → Inbound Rules → New Rule → Port → TCP 502 → Allow. Or run:
netsh advfirewall firewall add rule name="Modbus TCP 502" dir=in action=allow protocol=TCP localport=502
In your SCADA, PLC programming software, or test script, configure the Modbus TCP driver with IP 127.0.0.1 (or your PC's LAN IP) and port 502. The master connects and the simulator's transaction log shows incoming requests in real-time.
Quick test with pymodbus:
from pymodbus.client import ModbusTcpClient
c = ModbusTcpClient('127.0.0.1', port=502)
c.connect()
result = c.read_holding_registers(address=0, count=10, slave=1)
print(result.registers) # Shows values set in the simulator
Run on any TCP port. Multiple instances of the simulator can run simultaneously on different ports — simulate device 1 on port 502, device 2 on port 503, and device 3 on port 504 all on the same PC.
Modbus TCP allows multiple master clients to connect to the same slave at the same time. ModbusSimulator.com supports this — SCADA, HMI, Python script, and PLC can all poll the simulator simultaneously.
Choose which network interface the slave listens on: 0.0.0.0 (all interfaces), 127.0.0.1 (localhost only), or a specific LAN IP. Restrict access to localhost during development, open to LAN for integration testing.
Switch between Modbus TCP (port 502) and Modbus RTU (serial COM port) with one click. Same register configuration, same UI. No need to install separate tools for TCP and RTU testing.
Every TCP frame is logged with the full MBAP header: Transaction ID, Protocol ID, Length, Unit ID — plus the PDU (Function Code, Data). Useful for debugging Unit ID routing issues in Modbus TCP gateways.
IANA assigned port 502 to Modbus TCP when Modicon (now Schneider Electric) submitted it for registration in 1999. The choice was arbitrary at the time — it was an available port. Today, 502 is deeply embedded in industrial standards, device firmware, and SCADA configurations worldwide. Changing from 502 requires configuration changes on both the master and slave.
Ports below 1024 (including 502) require administrator privileges to bind on Windows. You need to run ModbusSimulator.com as Administrator to listen on port 502. Alternatively, use a port above 1024 (e.g., 5020) which doesn't require admin rights, and configure your master to connect on the custom port.
MBAP (Modbus Application Protocol) is a 6-byte header added to every Modbus TCP frame: Transaction ID (2 bytes, echoed back by slave), Protocol ID (2 bytes, always 0x0000 for Modbus), Length (2 bytes, remaining bytes in frame), Unit ID (1 byte, the slave address). The PDU follows the MBAP header. ModbusSimulator.com displays all MBAP fields in the transaction log.
Yes. You can run a TCP slave server (responding to SCADA reads) in one tab while running a TCP master client (polling a real device) in another tab — simultaneously. This is useful for testing Modbus gateway scenarios where your PC acts as a protocol bridge.
Slave + Master · Port 502 or custom · Localhost + LAN · Windows 10/11