Ecobee thermostat can’t connect to servers
-
@Gblenn I am on ISC currently, but I have tried both and have had no luck. I updated Pfsense Beta 25.03 to check if it would resolve the issue, but it did not.
-
@stephenw10 I am 99% sure that both the 2100 and 1100 receive the same IP address from my modem (Nighthawk CM200) as my IP does not change often. I will double-check this when I have some time to test it. Additionally, I want to mention that I created an OpenVPN network, assigned it to a VLAN, and connected the thermostat to that network. It successfully reached the Ecobee servers.
-
The OpenVPN was also on the 2100?
Mmm, it pretty much has to be something at the remote side somehow. The 2100 and 1100 are very similar. One the traffic in past the built in switch the routing for it would be nearly identical.
-
If anyone stumbles upon this, I resolved the issue by changing my IP address
-
@xmacj Perhaps the remote side didn't like something about your original ip address.
I have an ecobee premium (upgraded by ecobee due to wifi issues on a ecobee 3 lite - data drop outs, morse code).
No wifi issues (it's bound to 2.4ghz band). But it does like to phone home to amazon every 50s. None of the amazon features are enabled, but it still insists.
To mitigate this, 2 different measures are in place. On the dns side, only requests to *.ecobee.com are resolved (adguard home). All others return 0.0.0.0 .
On the pfsense side, amazon asn is blocked for this device just in case the dns filters are off (sometimes happens during testing).
-
Has anyone figured out a long term solution for this? I have a Netgate 4100 and been dealing with this issue for months. My Ecobee loses connection to the servers, I spoof my mac to get a new CPE IP from my ISP and it works for about 2 weeks before it fails again. I had the exact same issue with my Google Nest too.
I have stood up a parallel network using a Cisco router instead of my Netgate and have my Ecobee going to the internet via that and in the 2 months since i did that the Ecobee hasn't lost connectivity to the Ecobee servers once.
There is something wrong with the pfSense software that causes the connections to the servers to no longer work.
Changing my CPE IP every 2 weeks to keep it working is not a wise solution.
-
@ezhawk How are you identifying a connection loss?
-
Yup what connections do you see when it's working? What do you see when it stops working?
-
@GPz1100 said in Ecobee thermostat can’t connect to servers:
@ezhawk How are you identifying a connection loss?
With my current Ecobee, I can see that it no longer communicates with the Ecobee app and on the device itself, in the wifi details, everything says connected but the connection to ecobee.com will be down even though it can be ping'd.
@stephenw10 said in Ecobee thermostat can’t connect to servers:
Yup what connections do you see when it's working? What do you see when it stops working?
When it is connected and working normally by going around my pfSense I can see the connection to ecobee.com on the device itself says connected. And I can connect to it via the ecobee app. When it is behind the pfSense it'll work for ~2 weeks before it no longer can connect to ecobee.com and the communication from the app no longer works as it can't connect to the servers. I can bandaid it for 2 weeks by spoofing a different mac and getting a different public ip but after ~2 weeks it'll happen again.
I thought ISP for a while, but now that i have a second router Cisco and I have my Ecobee using that as it's internet connection I've never lost connection once and it's been using that router for a few months. It is connected to the same modem as my pfsense so the path and everything are the same. the only difference is ecobee traffic isn't going to my pfsense. everything else on my network goes through the pfsense and works just fine.
-
Ok what I would do here is connect it behind pfSense, where it presumably will initially be working, and note the connections it opens to the servers.
Then compare that with the open connections when it stops working.
Two weeks is an odd period of time. It's hard to think what might change in that time. Your public IP changes perhaps?
Some server address resolves to something different? Maybe the Cisco router is not resolving directly and pfSense is?
-
@ezhawk Your IP address might be getting blacklisted by Ecobee servers. I’m not sure which provider they use to host their services, but it could be blocking your ip for doing fishy activities online. Are you running any services that are possibly scraping the internet or continuously attempting to reach the internet anything that could determine your IP to be fishy? In my case I was running a service that was testing proxy urls to check which ones worked non stop 24/7. After I put that service on a vpn I have had no issues with Ecobee lol… So this may not even be a Pfsense issue for you..
-
@stephenw10 said in Ecobee thermostat can’t connect to servers:
Ok what I would do here is connect it behind pfSense, where it presumably will initially be working, and note the connections it opens to the servers.
Then compare that with the open connections when it stops working.
------The last time I looked at the states for the Ecobee between when it was and wasn't working, nothing was different.Two weeks is an odd period of time. It's hard to think what might change in that time. Your public IP changes perhaps?
-----My public IP doesn't change until I spoof macs to get a new one. As soon as I get a new one, it'll start working. It is almost like the connection gets stale and doesn't refresh. I've tried deleting all states, but that didn't resolve it either.Some server address resolves to something different? Maybe the Cisco router is not resolving directly and pfSense is?
---My clients do not use pfSense as a resolver or the Cisco. I have my own DNS servers that are being used regardless if the connection is going out the pfSense or the Cisco.@xmacj said in Ecobee thermostat can’t connect to servers:
@ezhawk Your IP address might be getting blacklisted by Ecobee servers. I’m not sure which provider they use to host their services, but it could be blocking your ip for doing fishy activities online. Are you running any services that are possibly scraping the internet or continuously attempting to reach the internet anything that could determine your IP to be fishy? In my case I was running a service that was testing proxy urls to check which ones worked non stop 24/7. After I put that service on a vpn I have had no issues with Ecobee lol… So this may not even be a Pfsense issue for you..
No, I don't have any services that do scraping. Also, I had this same exact problem with Google Nest as well. I thought it might of been Google so I switched to Ecobee and still have the same problem.
-
Hmm, states may be the same. The client device will still be trying to reach the servers. Or should be at least. But perhaps the servers just stop responding?
-
@stephenw10
If the servers just stop responding, why do they only stop responding behind pfSense and not when it is behind a Cisco device? -
Good question. And they may not stop responding. We need to gather more data from the failed situation.
I assume you see nothing blocked in the logs?
-
@ezhawk When behind pfsense, and lost ecobee connectivity, did you try rebooting the ecobee?
You can reboot it by pulling it off the wall, or a better way is flip the breaker for the hvac system. Leave it off a few sec, then turn it back on.
As I mentioned earlier in this thread, the only issues i've had with ecobee have been with the lite version where after a period of time it would develop morse code in the data. Likely due to a memory leak or some run away process. Rebooting it would fix this for a while. Ecobee eventually replaced the unit with the premium (which has better cpu/more ram), which hasn't has this issue.
Edit: I didn't have to make any special adjustmentsfor pfsense states/ecobee client settings. Whatever default state timeouts are in place work fine here.
Is the cisco router using the same primary internet connection as pfsense?
-
@stephenw10 said in Ecobee thermostat can’t connect to servers:
Good question. And they may not stop responding. We need to gather more data from the failed situation.
I assume you see nothing blocked in the logs?
I've put my Ecobee back through the pfSense. We'll see how long it lasts until it stops connecting. I did just update to 25.07.1 on the pfSense yesterday.
@GPz1100 said in Ecobee thermostat can’t connect to servers:
@ezhawk When behind pfsense, and lost ecobee connectivity, did you try rebooting the ecobee?
You can reboot it by pulling it off the wall, or a better way is flip the breaker for the hvac system. Leave it off a few sec, then turn it back on.
As I mentioned earlier in this thread, the only issues i've had with ecobee have been with the lite version where after a period of time it would develop morse code in the data. Likely due to a memory leak or some run away process. Rebooting it would fix this for a while. Ecobee eventually replaced the unit with the premium (which has better cpu/more ram), which hasn't has this issue.
Edit: I didn't have to make any special adjustmentsfor pfsense states/ecobee client settings. Whatever default state timeouts are in place work fine here.
Is the cisco router using the same primary internet connection as pfsense?
I've rebooted the Ecobee countless times. If that was the fix, I'd be glad, but it isn't. I don't have a lite, I have a premium.
Yes, the Cisco and pfSense are literally plugged into the same modem with each device getting its own unique public IP.
-
@ezhawk Each firewall is getting a different public ip. That complicates things.
Test with the same public IP for each device.
-
@GPz1100 said in Ecobee thermostat can’t connect to servers:
@ezhawk Each firewall is getting a different public ip. That complicates things.
Test with the same public IP for each device.
I cannot run both at the same time with having the same IP and I also don't have static IPs. As I've said multiple times, behind pfSense it'll work for a few weeks and the stop. The temp fix is to spoof and get a new IP. I had the Ecobee behind the a Cisco with the same IP for more than 2 months and it never dropped once. I've been through more than a dozen different IPs trying to figure it out by using spoofing methods. The IP itself isn't the issue.
-
And just to confirm when this happens everything else behind pfSense remains functional? Only the Ecobee seems to be affected?
