Which ports and protocols do I need to permit from my guest network to my trusted network (where Hubitat resides) so that I can:
Add new phones connected to my guest network
Detect presence of phones connected my guest network
Display dashboards on phones connected to my guest network
Thx!
Add new phones to what?
How are you detecting presence currently?
Dashboards are webpages, so IP addresses on your guest network and trusted network would be using http/https and their associated TCP ports, 80 and 443, to communicate with one another.
To my Hubitat hub. i.e. does an iPhone need to be one the same LAN as my Hubitat hub to add a guest user?
With the Hubitat iOS app.
Guest user accounts can be created and registered with the hub by an admin user, as the link you posted explains. It doesn’t matter where the guest user is when that occurs.
Similarly, they don’t have to be connected to your LAN at all to login to the Hubitat mobile app. While on an isolated guest network, they won’t be able to use local dashboards without appropriate firewall rules though.
The mobile app’s presence sensing uses a geofence, which could be set, for example, with a radius that far exceeds your home’s WiFi coverage. So again, doesn’t really matter whether a phone is on a guest or trusted SSID.
Not necessarily, but it depends on your particular VLAN and firewall configuration. I'm pretty sure Hubitat uses MDNS for device discovery.
I tested and if I'm recalling correctly, local access was not required at all:
Selecting the hub without local access was somewhat surprising but sensible since the user was already added to the hub.
Download the Hubitat app
