Thermostats going in and out
-
Just one word about this, as I want you to think 'out of the box' (I'm not saying your setup is wrong, as I can't tell ) :
@stewart said in Thermostats going in and out:
This is an isolated resort covering many acres. No other interference that would account for this.
If you receive 3G/4G/5G on your premisses, everybody who has a cell phone can 'share' the data connection - and his phone becomes an Wifi AP.
All phones are not equal. Some just open the radio and start blasting away.
Not very good for a connection of the (your !) local AP and AC unit close by.@stewart said in Thermostats going in and out:
I can look into this.
System > Routing > Gateways :
On the PORTAL interface I have AP's like 192.168.2.2 192.168.2.3 192.168.2.4 etc.Check :
so that dpinger doesn't take action when it start loosing the ping.
It's the monitoring that you want. See : Status > Monitoring, select Quality (left) and the name you gave to it (right). -
I have 2 Honeywell thermostats in the house that had been performing flawlessly for a few years. Recently however there began some connectivity issues, red warning screens on the app, changes to settings not being acted upon, etc. I thought it was on Honeywell’s end and still believe that. Maybe they’ve been going through some unannounced upgrades. I hope that’s all it is. Very disruptive though.
-
We use IgniteNet APs so we can see all of the devices connected, how long they are connected for and gaps in connection time. This is what I can see from one of the units:
As you can see, always connected with regular traffic. -
Found something, maybe
Firewall logs show some oddities:
Not sure what to make of this.The rule that triggered this action is:
@5(1000000103) block drop in log inet all label "Default deny rule IPv4"
-
The obfuscation of the IP addresses makes it a little hard to follow. So I assume the 199.62.xx.xx address is your WAN IP and the 97.xxx is the Honeywell server end ??
If correct, then are the IP addresses in each block/pass sequence identical? That is weird. It's like the state is not working or something maybe.
Do you have any sort of multi-WAN configuration? I'm assuming "no" since you didn't mention it.
Edit: wait a minute... looking at those logs again is really confusing. Why is 443 the Source port? I would think that is the destination port, and there would be a random source port.
-
just a guess - you may try to set Firewall Optimization Options to conservativ, if not already set:
-
@bmeeks said in Thermostats going in and out:
The obfuscation of the IP addresses makes it a little hard to follow. So I assume the 199.62.xx.xx address is your WAN IP and the 97.xxx is the Honeywell server end ??
97.x.x.x is the WAN port. 199.62.x.x is the Honeywell server.
If correct, then are the IP addresses in each block/pass sequence identical? That is weird. It's like the state is not working or something maybe.
Weird indeed! Notice that it's like it the WAN receives 2 packets each time, the first is blocked while the second is allowed.
Do you have any sort of multi-WAN configuration? I'm assuming "no" since you didn't mention it.
Nope.
Edit: wait a minute... looking at those logs again is really confusing. Why is 443 the Source port? I would think that is the destination port, and there would be a random source port.
The thermostats connect out from the 97.x.x.x IP using a random port to 199.x.x.x on port 443. This is the reply back so it would come from 443 back to the random port.
-
@pete35 said in Thermostats going in and out:
just a guess - you may try to set Firewall Optimization Options to conservativ, if not already set:
I've set it, so we'll see how it goes.
-
@stewart said in Thermostats going in and out:
@bmeeks said in Thermostats going in and out:
The obfuscation of the IP addresses makes it a little hard to follow. So I assume the 199.62.xx.xx address is your WAN IP and the 97.xxx is the Honeywell server end ??
97.x.x.x is the WAN port. 199.62.x.x is the Honeywell server.
If correct, then are the IP addresses in each block/pass sequence identical? That is weird. It's like the state is not working or something maybe.
Weird indeed! Notice that it's like it the WAN receives 2 packets each time, the first is blocked while the second is allowed.
Do you have any sort of multi-WAN configuration? I'm assuming "no" since you didn't mention it.
Nope.
Edit: wait a minute... looking at those logs again is really confusing. Why is 443 the Source port? I would think that is the destination port, and there would be a random source port.
The thermostats connect out from the 97.x.x.x IP using a random port to 199.x.x.x on port 443. This is the reply back so it would come from 443 back to the random port.
Ah, okay. So I had the IP addresses backwards.
The double replies are indeed strange. Perhaps @pete35's solution will work. That setting will stretch out the state table entry expiration times. Still strange, though, that two replies seem to come back at essentially the same time (or certainly within one second of each other as the logger shows the times as the same due to its one-second resolution).
-
@bmeeks I had to undo it. Just got a call that for about the last hour or so calls have been going straight to voicemail intermittently. Looks like it broke the VOIP at the location.