So I added a battery backup to my HE C7 which can run for about 7+ hours so it would still function as a Security system during a power outage.
And I was thinking about what I could use that I already have for Power Failure detection ... and then I thought, what about my WorkShop Pi 3B+ Computer? I dont care if it loses power and I already have the "iPhone Wifi presence sensor" devices installed for speedy coming home detection.
So I added a wifi presence device for the Pi and glued it all together with RM, and hey presto! It works perfectly for power failure detection! Now if I do have a long duration outage, it'll shutdown cleanly after 6 hours.
Seems like pretty much any always-on device would work for this purpose including your router assuming it doesn't stay up for longer than the ups for your hub.
Android 11 does the same thing on a per network basis. You can go into the wireless network and set the privacy settings under advanced to use device mac:
Btw, just for lol’s I pointed a wifi sensor at my Synology RT2600ac router, after a few minutes it blocked it from pinging it. Worth noting for folks with a decent router that has excellent security.
I'm having a bit of trouble getting this to work with the firewall rules on my Edgerouter. IoT devices, including HE, are on VLAN 30. Rules prevent almost all communication from devices on that VLAN to the main private LAN except for specific things like DNS and DHCP.
With rule 6 disabled, iPhone WiFi presence works. With it enabled, despite having created rule 5, it does not. When source address is removed from rule 5, I can ping my iPhone from a laptop on VLAN 30, but the presence app in HE still does not work. Is there other traffic that I need to allow for this app to work?
The source port is randomly assigned by the computer generating the http call, and is usually between 1024 and 65535. Thus, by declaring only port 80 source traffic, your firewall rule is blocking the traffic.
Port 80 is the destination port used by http. The source can be any port.
It sounds like this is all new to you. As such, may I ask why you’re attempting to create multiple VLANs and are using firewall rules to link them together? Seems like a bit of added complexity for a simple home network, at least to me...
Just wanted to add this to @ogiewon’s excellent explanation. The other destination TCP ports that you should consider opening for traffic destined for the Hubitat hub are 8081 and 8080. If you use https, then also open 443 and 8443 destination ports.
And unless you have a specific reason for doing so, I would recommend not specifying the port numbers that source traffic should originate from (especially as you have no control over the source port chosen).
Hubitat is new to me. I'm not a network engineer, but networking isn't new to me.
Not attempt. I've done it. Successfully. Many have. I didn't come up with the idea, but the idea is to separate IoT and guests into their own networks for security purposes. I know it's not exactly likely that one of my devices would become compromised (hacked), but if it did, it would then not be able to (in theory) compromise the computers and phones on my main network. I didn't purchase the router for that purpose, but since it supports the feature I decided to take advantage of it.
Now the source port being different from the destination port, that IS new to me.
The main VLAN can access the IoT VLAN, but not the other way around. So no problem accessing dashboards or the Web UI of the hub from a PC or phone on the main network.
Many have. I didn't come up with the idea, but the idea is to separate IoT and guests into their own networks for security purposes. I know it's not exactly likely that one of my devices would become compromised (hacked), but if it did, it would then not be able to (in theory) compromise the computers and phones on my main network. I didn't purchase the router for that purpose, but since it supports the feature I decided to take advantage of it.
