Today I went back to retry blocking KASA light switch cloud connections. (attempted this a year ago.. and failed) Trying to avoid anything cloud based for my IoT. I am blocking outbound based on KASA static IP.
The switches seem to work ok until periodically a few start flashing the wifi icon for about 30 seconds then stabilize . In addition, 4 of 5 have a perm wifi disconnect symbol in HE device list. But, they continue to work. NOTE: They all seem to show up fine following the KASA integration app scan.
If the wifi lights flash, that is the DEVICE detecting an issue. That is not uncommon with the older switches. Some things:
Make sure the firmware is up to date. Kasa has issued numerous updates to "improve wifi stability".
Check your Router for the potential of too many devices. Some routers put devices in standby if not used for a significant period. I saw this on my router and had to add a second router mesh unit to have all devices connect consistently. For my ASUS router, the number of devices was about 30.
It only does this when I block outbound. When connected to the mothership, no flashing, no drops. What is strange, it is only the exact same light switches that do the flashing. It's not round robin. (Random)
I have a PFSENSE (2.8) on an i5 box with less than 10% load.
Blocking on a firewall or are you disabling cloud binding?
I have disabled cloud binding on all my old Kasa devices via the Kasa integration drivers and they work fine. I am not blocking them from getting to the internet on a firewall.
I dont specifically look, but I have never noticed them making any DNS queries so I don't think they are trying to make any outbound communications.
I just disabled the FW rule so it cleared the msg. But, if I go under devices and list all KASA, (app 25) the status column will have a few red wifi symbols with a line through it, presumably indicating disconnected. I suspect these may have been cloud connect attempts. But, not 100%. I am going to re-enable the FW setting to see if they pop back up.
That disconnect symbol would have to come from either the Comms Error or Connection states. I am not sure which one Hubitat is looking at. So would need to see what those say when its showing it. You can also click on the events tab to see the history.
Is the Connection state showing LAN (like my screenshot)?
Otherwise the driver may be trying to reach the device via cloud, which then would result in that comms error. Maybe it is silently falling back to the LAN connection so still working.
Could also try running the configure command to rediscover the IP and it might reset the error.
It looks like either KASA discovery or something else overwrote static IP for the actual device in HE. The IP was changed to a conflicting IP with another appliance which was DHCP. No idea when it happened or why.
That should only happen if it discovers the device on that IP. You should not need to set the IP manually from the driver, the integration should be able to find it and set.
It can also happen if you have removed a device from the integration. The database would have to be purged to delete that one device and then rediscovered.
The only (current) workaround is not to use these old IP addresses. I will look at (but will not promise) adding a "purgeDatabase" option in the menu. If enabled, discovery will zero out the database on the first pass. I am worried about secondary risks involved in this.
I suspect I can disable the outbound FW rule and remove the static IP's if you are confident no outbound communications. That would make sense and make my life easier.
If the username and password are blank, then there is no mechanism to send a command to Kasa (requires both of those in before sending to the Hubitat comms methods.
OK this has helped a ton. One last question if I may..
I setup up all the KASA by the cloud app which includes ability to update FW.
Do I even need the app and/or just use Hubitat to install any new ones? If Hubitat only, what is best way to get FW updates?
I would keep the devices on a fixed DHCP IP, the integration works off the IP so if it does change it has to find it again, much more reliable if it never changes.
I would blank out the user/pass in the integration app as suggested, I forgot that I also did this on mine a long time ago.
You need the app to onboard the device to your Wifi, then once it is added to Hubitat you can disable the cloud binding.
Most new devices I think will use the newer TAPO protocol or Matter also. Not sure if they are selling any Kasa protocol device anymore?
Still selling some of the old protocol devices and better yet - to add to my frustration - they are taking some old models, new hardware versions and converting to TAPO.
For the TAPO devices, there is no cloud option. Just local. Transports are complicated; however, very stable. (Note: So far, the Matter devices also support the Tapo protocol.)
I would not currently recommend buying an old Kasa device. Buy the Kasa Matter devices or or the Tapo equivalent. The Tapo protocol devices are far more stable on wifi.
