HC2 behind firewall, ports & protocols for remote access

[Guest JBs]

Hi All,

My HC2 is installed behind a firewall and remote access does not work. What are the ports that should be forwarded and the protocols used by the HC2 for remote access?

I was also thinking about publishing the admin GUI of the HC2 on Internet but I would really like to avoid publishing it in HTTP considering my entire house can be controlled from here, is there any way to switch the GUI to HTTPS instead? If not, may I suggest the Figaro team to think about adding such a feature in the next releases?

[rantta 2]

Connecting via home.fibaro.com does not fit your needs?

[Guest JBs]

Nope after declaring my HC2 on the portal, nothing happens, I cannot connect the box's GUI.

[petergebruers 1,268]

I have my box behind a firewall... with no incoming ports allowed. But home.fibaro.com works. Which tells me the HC2 makes an outgoing connection to the fibaro external network. I can't say how because I am on an unmanaged switched network and so I can't do any sniffing.

[rantta 2]

Nope after declaring my HC2 on the portal, nothing happens, I cannot connect the box's GUI.

Clicking the gearwheels won't establish connection?

Tried already removing and re-adding your HC2?

Does anyone know, on what protocol and port HC2 uses connecting to Fibaro? On very strict firewall settings it is possible, that HC2 could not establish the connection. I would first drill holes for these outgoing connections, rather than exposing HC2 directly to network.

And also, support could probably assist you fixing your remote access.

[Guest JBs]

Nope does not make any change. I'll drill down into the FW logs as soon as I'll get a bit of time, I was just thinking that maybe somebody would have already had the same issue and knew the ports and protocols required by the box.

I'll put the results of my logs investigations here if this is any concluding.

[ Added: 2014-12-27, 17:07 ]

So I sent through the FW logs and was not able to identify anything intended to or from my HC 2 that would be filtered/blocked.

I discovered that the HC 2 is pinging every second the following ip address: 74.125.230.242, and have no idea what is behind that address. From time to time I can also see some connections to and IP in Poland 109.x.x.x, which I guess is related to Fibaro.

My HC2 gear in home.Fibaro.com however remains desperately grey and remote access is not possible

Please login or register to see this image.

/emoticons/default_sad.png" alt=":(" srcset="https://forum.fibaro.com/uploads/emoticons/[email protected] 2x" width="20" height="20" />

[TGeissler 0]

Thats the same as me!

I have got a juniper SRX as my Firewall. I nothing allowed for incoming traffic. Only Output. In my LAN i can establish the Connection over remoteaccess. If i try to connect from outside it does not going.

Any idea?

[Guest JBs]

Well, I've tried engaging the Fibaro support on this but pushing them, the only info I could get is ports 22 and 80 are used. For firewall usage only, this should make it, however, if this is coupled with a reverse proxy, forget it (I had no answer from them regarding how to publish the hc2 using a RP).

In my case, opening everything between the hc2 and Internet did not allowed me to have it accessible from Internet ....

[sj3fk3 27]

I have my box behind a firewall... with no incoming ports allowed. But home.fibaro.com works. Which tells me the HC2 makes an outgoing connection to the fibaro external network. I can't say how because I am on an unmanaged switched network and so I can't do any sniffing.

I have done some sniffing and for 1 there is ssh traffic from the HC2 to .pl servers. So I'm guessing they do a SSH tunnel (forwarding port http/80 would be my guess).