Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 6 subscribers
  • Views 6164 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help with opening multiple Ports for multiple IP's for Vera Home Automation Hub

Cyber Army

Hi all,

I have an extensive Home Automation setup at my home, and i use Vera as my home automation hub.

However for Vera to work I've been informed by the Vera customer support to open multiple ports. These are their notes.

MMS: 443
Relay: 23, 232, 252, 443, 554
Web: 443
Log: 21
Storage: 21, 20

The list of IP’s that should have the above ports opened is :

173.255.250.75

198.74.52.112

54.187.71.199

54.88.109.246

82.77.233.165

82.77.233.166

65.49.38.12

184.105.134.140

Can someone guide me on how i can go about opening these ports for these IP's above? or should i just open the ports for "Any"?



This thread was automatically locked due to age.
Parents
  • 0

    Since you mention IP's that should have access, I assume you're talking about opening incoming ports to your device.

    In this case you could start by making a Network group under Definitions & Users -> network definitions.

    In this group you can simply group all above IP's (by adding them one-by-one as a host definition).

    Then for incoming traffic you need to make DNAT rules for every port that should be opened. Looking at the ports I also see port 23 (which usually is telnet). If this is used for telnet access than I would highly recommend NOT opening it at all, but if you need to open it, be very sure to select the Network group definition you just created as the source!

    For opening port 443 (usually https) you might also be able to use web application filter (WAF) as a reverse proxy so there's no direct access from internet hosts to your device. In that case just skip DNAT for port 443 and configure WAF.

    If you need more information, please be as specific as you can so we can help you as best and as efficient we can.

Reply
  • 0

    Since you mention IP's that should have access, I assume you're talking about opening incoming ports to your device.

    In this case you could start by making a Network group under Definitions & Users -> network definitions.

    In this group you can simply group all above IP's (by adding them one-by-one as a host definition).

    Then for incoming traffic you need to make DNAT rules for every port that should be opened. Looking at the ports I also see port 23 (which usually is telnet). If this is used for telnet access than I would highly recommend NOT opening it at all, but if you need to open it, be very sure to select the Network group definition you just created as the source!

    For opening port 443 (usually https) you might also be able to use web application filter (WAF) as a reverse proxy so there's no direct access from internet hosts to your device. In that case just skip DNAT for port 443 and configure WAF.

    If you need more information, please be as specific as you can so we can help you as best and as efficient we can.

Children
No Data