Ecobee thermostat can’t connect to servers
-
I have an Ecobee smart thermostat that suddenly stopped connecting to its servers. Everything was working fine until last week when the device reported it could not connect to ecobee.com, which means I can no longer control it remotely from the Ecobee app.
I want to note that I didn’t change anything in pfSense—this issue started occurring randomly. My setup includes a Netgate 2100 router, a managed switch connected to the router, and a Unifi AP connected to the switch for WiFi in my home.
I checked my firewall rules, and there is nothing blocking the connection. I also performed a packet capture, and the logs show that the thermostat is reaching the Ecobee servers without issues.
To troubleshoot further, I replaced the Netgate 2100 with my spare Netgate 1100, keeping everything else the same, including the Unifi AP. Surprisingly, the thermostat worked perfectly fine with the 1100. Based on this, I decided to reset the 2100 to factory settings, but the thermostat still couldn’t connect. The thermostat is connected to the network, receives an ip address, and is able to ping the gateway and any ip address including ecobee and 1.1.1.1.
At this point, I’m wondering if there’s something about the Netgate 2100 that could be causing this issue. I have never had problems with any other IoT devices on my network, so this is very confusing.
Any help would be greatly appreciated!
-
@xmacj What version of pfsenes are you running, and what version of DHCP server, KEA or ISC? If you use KEA I'd suggest a test going back to ISC to see if that resolves the problem...
-
Hmm, hard to imagine anything in the 2100 that could do that without it being configured specifically to do so.
Do you get a different WAN address when using the 1100 vs 2100? You might have something blocking your IP at the remote side.
-
@Gblenn I am on ISC currently, but I have tried both and have had no luck. I updated Pfsense Beta 25.03 to check if it would resolve the issue, but it did not.
-
@stephenw10 I am 99% sure that both the 2100 and 1100 receive the same IP address from my modem (Nighthawk CM200) as my IP does not change often. I will double-check this when I have some time to test it. Additionally, I want to mention that I created an OpenVPN network, assigned it to a VLAN, and connected the thermostat to that network. It successfully reached the Ecobee servers.
-
The OpenVPN was also on the 2100?
Mmm, it pretty much has to be something at the remote side somehow. The 2100 and 1100 are very similar. One the traffic in past the built in switch the routing for it would be nearly identical.
-
If anyone stumbles upon this, I resolved the issue by changing my IP address
-
@xmacj Perhaps the remote side didn't like something about your original ip address.
I have an ecobee premium (upgraded by ecobee due to wifi issues on a ecobee 3 lite - data drop outs, morse code).
No wifi issues (it's bound to 2.4ghz band). But it does like to phone home to amazon every 50s. None of the amazon features are enabled, but it still insists.
To mitigate this, 2 different measures are in place. On the dns side, only requests to *.ecobee.com are resolved (adguard home). All others return 0.0.0.0 .
On the pfsense side, amazon asn is blocked for this device just in case the dns filters are off (sometimes happens during testing).
