I would need all cells to receive any notification anytime, from any of the (3) hubs, without being logged into a certain hub.
I will have service staff that needs to get "all" and any notification for all hubs, so they call go service the location. They will not be logged into any certain hub
In my case I have several hubs that I get all notification from. My wife only receives notifications from the primary hub (no need to set her phone on the other hubs). And only certain notifications from the primary hub (I mean I want to know when a particular thing goes on but she doesn't want to hear that notification because it wouldn't apply to her anyway). I've added my son to certain notifications as he has a phone now.
Since my c7 hub in on a cell circuit with all ports open, now that i have the hub working, which port do i need to leave open, i want to bloc apo and only allow the hubitat server in to my cell circuit
Not sure what you mean. Basically just allow everything outbound from the hub... As far as inbound port redirection, that is blocked on hubitat for security.
As long as it has outbound access it will create a secure tunnel. All my stuff blocks inbound packets but the majority of my devices outbound have full permissions
how does a command sent from the cell app (say turn on a relay) get to the hub from the app and/or hubistat cloud server if all my ports are blocked not allowing any IP:port to my LAN?
If you are local (phone/tablet/pc on the same local subnet) it simply commands straight to the ip address. If you are off lan (out of the house, cellular etc) then the app goes through their cloud servers. Your hubitat creates a secure tunnel outbound to Hubitat inc's aws cloud servers. The cloud servers relay the commands to the hub.
so how does the cloud server get to "my" hub if all "inbound" ports are blocked.
When I set my cell modem to block all port, the command from my cell app does not work? What am i missing? I need open a port to get to my hub, correct?
I need to secure my cell but still allow access to my hub for commands, correct? I fully understand to allow all outgoing traffic
Because outbound is not and the hub initiates a secure tunnel out which allows 2 way communication. Now if you block it from that communication out, then it won't create the tunnel and you won't be able to communicate with it..
That's all ya gotta do, the hub will take care of the rest
This is what is happening which is confusing to me.
My test is the following:
(1) cell phone (iphone)
(1) hub account
(1) c7 hub on cell service
(1) c8 on fiber circuit at my office
Both hubs on its on separate LAN
Both hub have notification setup and assign the notify my cell
At first c8 hub notification never worked, "until" I deleted the notification app, and re-added it back and setup notification back to notifying my cell
Here the confusion:
Now both Hubs can notify me cell no matter which hub is selected on my cell hubitat app. You mentioned that it would ONLY notify if my cell if the "hub was selected.
If I select c7 on my app I can get notification from C7 and c8
If I select c8 on my app I can get notification from C7 and c8
And i did not implement pushover
I want to fully understand how these hubs work before implementing something I may not need such as in Pushover
I always understood that if it wasn't logged in it wouldn't get it... Something obviously changed. If it's working then you don't need pushover (unless you want different sounds based on severity)
I have tested rebooting each hub, logging out of all browsers connected to both hub, closing my cell hubitata, then tested trigging alarms at on both hubs, getting alarms from both hubs no matter which hub is selected on my app
Another test a ran, selected my c8 hub in my cell app, then opened c8 dashboard, then tripped an alarm on my c7, and i got the c7 notification on my cell while viewing c8 dashboard