IoT monitoring on RT-AC3200 asuswrt-merlin v384.13_10

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

itibi

Occasional Visitor
Hi!

I am installing some smart Honeywell thermostat which should be controlled by my Google Home application

Most of the time, the Google Home application told me that it cannot reach the Honeywell servers

I had assign a static address to that device, so it is easier to debug.

On System log/connections WebUI page, i noticed that there is many connections to that device

1615497181855.png


Some of the connections have a SYN_SENT status (which, if I remember correctly, means the the exchange did not success correctly).

AiProtection is enabled.

Also, I have Firewall enabled without any rules
and for debugging purposes, I enabled temporarily the logging of BOTH packet types, which shows:

...
Mar 11 15:13:42 kernel: DROP IN=eth0 OUT= MAC=2c:56:dc:da:9c:40:00:17:10:98:07:1b:08:00 SRC=199.62.84.151 DST=192.222.xxx.xxx LEN=41
TOS=0x00 PREC=0x00 TTL=239 ID=21822 DF PROTO=TCP SPT=443 DPT=55077 SEQ=964735646 ACK=3220371466 WINDOW=64240 RES=0x00 ACK URGP=0
Mar 11 15:13:43 kernel: DROP IN=eth0 OUT= MAC=2c:56:dc:da:9c:40:00:17:10:98:07:1b:08:00 SRC=199.62.84.151 DST=192.222.xxx.xxx LEN=41
TOS=0x00 PREC=0x00 TTL=239 ID=21823 DF PROTO=TCP SPT=443 DPT=55077 SEQ=964735646 ACK=3220371466 WINDOW=64240 RES=0x00 ACK URGP=0
...

So, it seems that the firewall is dropping some packets.

I browsed the different pages of the merlin WEBUI but cannot find a page where I can enter some 'whitelist firewall rule'
permitting all in/out access between the device and specific server on port 443.

Did I missed something ?
Do I need some ADDON ?
Do I have to manually enter the rule on the router ?

Any help will be appreciated,
Thanks
 
Last edited:

JaimeZX

Senior Member
Skynet will make your firewall life easier. Good luck!
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top