I know it may sound a little redundant since most people can set IP restrictions on their router (which unfortunately mine cannot do) but would it be possible to add this feature to the web interface?
Why not just add a router that supports it? Personally, and honestly no offense intended, but Iād rather have more smart home device and hub features added and existing features improved vs asking for something that a extremely small number of owners will ever use.
5 Likes
Also....
There are other devices that need the same treatment. If you are going to be using TTS, then the speaker: google or alexa, want fixed IP's too. Lutron needs it. On and On.. so solving the problem re: Hubitat means solving it for your home.
3 Likes
Router shopping time 
1 Like
I agree, it's a major feature lacking Google WiFi however I truly like the other features it offers
Oh my, it's Google WiFi?! That's pathetic that they didn't put that in there!
If you're looking for a good mesh router that doesn't cost too much, check out the TP-Link Deco M5 or the new Deco M9. I have the M5 and it's been fantastic. Coverage and speed are excellent. Built in protection, great parental controls, and a pretty decent feature set too. They even have the ability to Split the networks if you need that, but so far I haven't had any trouble. Everything that only joins at 2.4 GHz has had no issue. Including Wyze cam which some have said it a problem with other mesh routers.
The only thing that bothers me about it right now is the IP address reservation table is stupidly limited to 16 devices, but they've said that will be increased in coming firmware update.
is this inaccurate??
I'm assuming it's a year out of date, but is still 'popular'
1 Like
No issue with setting DHCP reservations, the issue I'm talking about is IP restrictions for port forwarding. With Google WiFi you can't sent any ACL or rules to port forwarding (to restrict access to my hub from the outside for example). Even though the hub has an authentication page, people on the outside could still hit the login page if I open up 80/443. I would want to restrict this to a known set of IPs, such as my office, for example.
Maybe I'm not understanding your goal here?
DHCP IP Reservation does not activate nor require port forwarding. You can reserve the IP for your HE without exposing it's http/https port outside of the LAN.
If you ultimately want to enable remote access to the HE UI the best and only truly secure method would be to setup a VPN server. Since Google WiFi and generally no mesh WiFi systems have this capability, with a few exceptions ex. Netgear Orbi and Asus AiMesh, the best way to do this would be to have a 24/7 server on your lan that you can setup a vpn server on and then only setup that port forward on the Google Wifi.
I'm doing this with my eero system which does not have a vpn server option (currently) and running the vpn server on my linux based media server. You could do the same thing with a Raspberry Pi and some NAS devices.
Again, I may be misunderstanding your goal here, sorry if this explanation/example was not applicable.
I agree VPN is the way to go, but yet again another feature Google WiFi is missing. I figured since the hub is running some form of Linux and probably has IP tables, a filter could be set to secure access to the web interface.
I strongly recommend against port forwarding to gain remote access to your Hubitat hub. This device is not a security-hardened device, IMHO. Please just set up a Raspberry Pi (or other device) to run an OpenVPN server. There are many threads that describe options for secure remote access.
