The source port is randomly assigned by the computer generating the http call, and is usually between 1024 and 65535. Thus, by declaring only port 80 source traffic, your firewall rule is blocking the traffic.
1 Like
I'm not sure I understand. If HTTP uses port 80 (that's not new information to me), how would the source port be anything other than 80?
Port 80 is the destination port used by http. The source can be any port.
It sounds like this is all new to you. As such, may I ask why you’re attempting to create multiple VLANs and are using firewall rules to link them together? Seems like a bit of added complexity for a simple home network, at least to me...
2 Likes
Just wanted to add this to @ogiewon’s excellent explanation. The other destination TCP ports that you should consider opening for traffic destined for the Hubitat hub are 8081 and 8080. If you use https, then also open 443 and 8443 destination ports.
And unless you have a specific reason for doing so, I would recommend not specifying the port numbers that source traffic should originate from (especially as you have no control over the source port chosen).
Hubitat is new to me. I'm not a network engineer, but networking isn't new to me.
Not attempt. I've done it. Successfully. 
Many have. I didn't come up with the idea, but the idea is to separate IoT and guests into their own networks for security purposes. I know it's not exactly likely that one of my devices would become compromised (hacked), but if it did, it would then not be able to (in theory) compromise the computers and phones on my main network. I didn't purchase the router for that purpose, but since it supports the feature I decided to take advantage of it.
Now the source port being different from the destination port, that IS new to me. 
The main VLAN can access the IoT VLAN, but not the other way around. So no problem accessing dashboards or the Web UI of the hub from a PC or phone on the main network.
It's not rocket science:
- Get a battery backup system for your Hubitat
- Install Hubitat Hub Controller via Package Manager
- Install iPhone WiFi Presence Sensor via Package Manager
- create a new virtual device and change the driver to iPhone WiFi Presence Sensor
- Point your "WiFi Presence Sensor" device at a suitable IP device that will respond to HTTP commands and isn't on battery backup.
- Setup your WiFi Presence Sensor with an appropriate "Timeout Minutes" so Hubitat knows it's actually offline. eg I use 10 minutes because I don't want reboots and updates to trick WiFi Presence Sensor into thinking it's offline.
- Setup a Rule Machine rule as I showed earlier to glue it all together. I use a 6 hour timer because my backup unit can run my C7 for about 7 Hours.
2 Likes
I was asking for detail on Hubitat Controller, where to get it (you answered that), and how it works. I'll figure it out, I'm sure.
Well, I thought I would figure it out, but it's not obvious. After installing the app from the package manager and creating a new virtual device for the Hubitat Hub Controller, am not sure what to do next. My original question from many posts ago still stands:
What type of action did you choose in order to have "shutdown() on Hubitat Controller" as a choice when adding the action?
"Run custom action"
2 Likes
How about a list of instructions, please? 
I don't use Hubitat controller so I don't have it as a device to select after you set this to then select the dropdown for the shutdown command.
This.
Is there a consensus on a timeout value for Iphone going to sleep and disconnecting from wifi?
I'm using iPhone Wifi Presence Sensor for both mine and my wife's iPhones along with the Combined Presence app. For whatever reason, her phone decides to take a virtual walk outside of the geofence from time to time when her phone ALSO happens to be taking a coffee break and disconnects from wifi while asleep. Of course, she is still home working away in the office until..
THIS fools the Combined Presence app into thinking she is out of the house and sets the HSM to Away and the Blink cameras to Away..
Within moments, I get a notification on my iPhone that there's been an intrusion at the house. I then get a nice video of her freaking out because the Aeotec siren is going off, the dog is barking, and I'm persona non grata when I get home due to my "little smart home" hobby.
Don't use wifi for anything other than fast arrival detection - iPhones turn off their wifi to conserve power.
What are you using for geofencing?
I'm using the Hubitat app geofence. I still have the Smartthings app which seemed to have pretty good geofencing, but have migrated all but two wifi smart plugs over to Hubitat, so I turned off the presence function on the app to conserve battery power and also because I'm clueless how to use it in combination with Hubitat.
BTW, thanks for the quick reply!!
As of today, due to the false alarm... I made use of my leftover Smartthings button for HSM activation and deactivation. No more presence sensing for that beast. I do want to continue to turn on/off the Blink cameras via presence.
1 Like
These two events are probably not coincidental. iPhones use WiFi to help with location accuracy.
I was wondering if there was a connection. I don't think she ever experienced a "false alarm" while using the phone actively. (May she never read this forum... but I thought the wifi sleep issue wouldn't be a problem because her phone was in use about 99% of the time due to whenever I see her it's in her hand)
