NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RAXE300-100NAS will not accept port triggering rules
I have two Sensi 2 thermostats that send TCP traffic on ports 8883 and 443, receives updates on UDP traffic to port 8092 and TCP traffic to port 80. I was able to program these rules on a 6 year Nig...
VideoGuy wrote:
I have two Sensi 2 thermostats that send TCP traffic on ports 8883 and 443, receives updates on UDP traffic to port 8092 and TCP traffic to port 80. I was able to program these rules on a 6 year Nighthawk R7900P but on my new RAXE300, I enter the data in all the fields, press 'Accept' and it returns to the table with no entries.
Curiosity question: Where is the idea coming from you need any port forwarding (including port trigger) configured on the NAT router? In general, nothing is establishing a connection from the Internet -to- the IoT device like your thermostats. The IoT devices are establishing outgoing connections to the respective cloud service, from there your thermostats will be reachable. Without any port forwarding, and even less with port triggering.
Yes, it's well possible these IoT require -outgoing- connections from your LAN to the Internet, and it's cloud service by TCP on port 8883, 443, and 80. The UDP connection does typically serve as some kind of connection protocol, almost like a VPN.. This is what some unknown guidelines are commonly asking for - sometimes with some questionable wording.
This is the quote from the Sensi 2 app note:
Sensi smart thermostat and Sensi Touch send TCP traffic on ports 80, 8091 and UDP traffic on port 8092. Sensi Touch 2 and Sensi Lite send TCP traffic on ports 8883 and 443. To receive over-the-air firmware updates, please make sure UDP traffic to port 8092 (34.233.82.197) and TCP traffic to port 80 (52.55.206.183) is open. For Sensi Touch 2, also make sure that TCP traffic to port 8883 (54.210.127.220) is open. This traffic needs to be able to navigate any network firewalls, proxies, or filter devices.
https://sensi.copeland.com/en-us/support/router-compatibility/advanced-troubleshooting-information
I can receive information FROM (i.e. request the current temperature) the thermostats (via the Sensi app or Alexa skill), but I cannot SEND commands (i.e. set a temperature) from either method. I assume that the OEM will push out firmware updates to it also.
I was able to set these rules up on my prior Netgear router and it was working (it wasn't before I set them up). The RAXE300 is not having it for some reason. I'm not knowledgeable enough to know why. Its got to be something really stupid.
VideoGuy wrote:
This is the quote from the Sensi 2 app note:
Sensi smart thermostat and Sensi Touch send TCP traffic on ports 80, 8091 and UDP traffic on port 8092. Sensi Touch 2 and Sensi Lite send TCP traffic on ports 8883 and 443. To receive over-the-air firmware updates, please make sure UDP traffic to port 8092 (34.233.82.197) and TCP traffic to port 80 (52.55.206.183) is open. For Sensi Touch 2, also make sure that TCP traffic to port 8883 (54.210.127.220) is open. This traffic needs to be able to navigate any network firewalls, proxies, or filter devices.
https://sensi.copeland.com/en-us/support/router-compatibility/advanced-troubleshooting-information
This is the standard nomenclature describing all the outgoing connections from the LAN are open to reach the Internet and the Sensi cloud infrastructure, no Proxy infrastructure or similar (as usual on business networks) That's why I wrote there is no word of port forwarding or port trigger.
VideoGuy wrote:
I can receive information FROM (i.e. request the current temperature) the thermostats (via the Sensi app or Alexa skill), but I cannot SEND commands (i.e. set a temperature) from either method. I assume that the OEM will push out firmware updates to it also.
I was able to set these rules up on my prior Netgear router and it was working (it wasn't before I set them up). The RAXE300 is not having it for some reason. I'm not knowledgeable enough to know why. Its got to be something really stupid.
These commands are triggered from the IoT App and sent to the cloud infrastructure. Some reverse proxy connections (kind of a VPN) are keeping up the communication between the cloud infrastructure and the IoT devices.
All I can confirm is that there is no port forwarding or port trigger required. Typically, having these configured might imply a certain risk, but should not break the communication in either direction.
Something stupid might go on, but I doubt this is in your well-intended config. For the moment, I would suggest (keep in mind I'm neither Netgear nor Sensi) to remove the port forwards and trigger config, then cold reboot the router, and finally the IoT devices.
Something stupid might go on, but I doubt this is in your well-intended config. For the moment, I would suggest (keep in mind I'm neither Netgear nor Sensi) to remove the port forwards and trigger config, then cold reboot the router, and finally the IoT devices.
Well right now, there are no port command rules that have been saved. I have rebooted the router. I am loathe to reboot (or factory reset) the thermostats because then I lose all of my time/day programming and I can no longer push new programming to them from the Sensi app. These thermostats are going to be the death of me.
I am surprised that you state that no port rules are necessary based on the app note description. They are the only IoT devices in my house that don't "just work". I even took the radical step of buying a new high-end router to try to solve this ridiculous problem.
VideoGuy wrote:
Something stupid might go on, but I doubt this is in your well-intended config. For the moment, I would suggest (keep in mind I'm neither Netgear nor Sensi) to remove the port forwards and trigger config, then cold reboot the router, and finally the IoT devices.
Well right now, there are no port command rules that have been saved. I have rebooted the router. I am loathe to reboot (or factory reset) the thermostats because then I lose all of my time/day programming and I can no longer push new programming to them from the Sensi app. These thermostats are going to be the death of me.
This reads like an -awful- way of a cloud based IoT implementation.
VideoGuy wrote:
I am surprised that you state that no port rules are necessary based on the app note description. They are the only IoT devices in my house that don't "just work". I even took the radical step of buying a new high-end router to try to solve this ridiculous problem.
Carefully re-read the App note. No word of a required port forwarding!
Don't let some first level support mislead on potentially "required" but undocumented port forwarding. A consumer router like your RAXE300 does unlikely have block anything outgoing, certainly not out of the box. All assuming no ISP or government enforced blockings of certain FQDNs. However, as your IOT does establish the connection to it's cloud infrastructure ....
There could be something on the router blocking (or unexpectedly stopping) that UDP traffic where the reverse proxy style traffic is flowing forth and back, allowing bi-directional communication Cloud<->IoT. Something to talk with the IoT device vendor requiring some troubleshooting.
The RAXE300 is your new router? Which router showed that similar issue before?