Hi!
I am installing some smart Honeywell thermostat which should be controlled by my Google Home application
Most of the time, the Google Home application told me that it cannot reach the Honeywell servers
I had assign a static address to that device, so it is easier to debug.
On System log/connections WebUI page, i noticed that there is many connections to that device
Some of the connections have a SYN_SENT status (which, if I remember correctly, means the the exchange did not success correctly).
AiProtection is enabled.
Also, I have Firewall enabled without any rules
and for debugging purposes, I enabled temporarily the logging of BOTH packet types, which shows:
...
Mar 11 15:13:42 kernel: DROP IN=eth0 OUT= MAC=2c:56:dc:da:9c:40:00:17:10:98:07:1b:08:00 SRC=199.62.84.151 DST=192.222.xxx.xxx LEN=41
TOS=0x00 PREC=0x00 TTL=239 ID=21822 DF PROTO=TCP SPT=443 DPT=55077 SEQ=964735646 ACK=3220371466 WINDOW=64240 RES=0x00 ACK URGP=0
Mar 11 15:13:43 kernel: DROP IN=eth0 OUT= MAC=2c:56:dc:da:9c:40:00:17:10:98:07:1b:08:00 SRC=199.62.84.151 DST=192.222.xxx.xxx LEN=41
TOS=0x00 PREC=0x00 TTL=239 ID=21823 DF PROTO=TCP SPT=443 DPT=55077 SEQ=964735646 ACK=3220371466 WINDOW=64240 RES=0x00 ACK URGP=0
...
So, it seems that the firewall is dropping some packets.
I browsed the different pages of the merlin WEBUI but cannot find a page where I can enter some 'whitelist firewall rule'
permitting all in/out access between the device and specific server on port 443.
Did I missed something ?
Do I need some ADDON ?
Do I have to manually enter the rule on the router ?
Any help will be appreciated,
Thanks
I am installing some smart Honeywell thermostat which should be controlled by my Google Home application
Most of the time, the Google Home application told me that it cannot reach the Honeywell servers
I had assign a static address to that device, so it is easier to debug.
On System log/connections WebUI page, i noticed that there is many connections to that device
Some of the connections have a SYN_SENT status (which, if I remember correctly, means the the exchange did not success correctly).
AiProtection is enabled.
Also, I have Firewall enabled without any rules
and for debugging purposes, I enabled temporarily the logging of BOTH packet types, which shows:
...
Mar 11 15:13:42 kernel: DROP IN=eth0 OUT= MAC=2c:56:dc:da:9c:40:00:17:10:98:07:1b:08:00 SRC=199.62.84.151 DST=192.222.xxx.xxx LEN=41
TOS=0x00 PREC=0x00 TTL=239 ID=21822 DF PROTO=TCP SPT=443 DPT=55077 SEQ=964735646 ACK=3220371466 WINDOW=64240 RES=0x00 ACK URGP=0
Mar 11 15:13:43 kernel: DROP IN=eth0 OUT= MAC=2c:56:dc:da:9c:40:00:17:10:98:07:1b:08:00 SRC=199.62.84.151 DST=192.222.xxx.xxx LEN=41
TOS=0x00 PREC=0x00 TTL=239 ID=21823 DF PROTO=TCP SPT=443 DPT=55077 SEQ=964735646 ACK=3220371466 WINDOW=64240 RES=0x00 ACK URGP=0
...
So, it seems that the firewall is dropping some packets.
I browsed the different pages of the merlin WEBUI but cannot find a page where I can enter some 'whitelist firewall rule'
permitting all in/out access between the device and specific server on port 443.
Did I missed something ?
Do I need some ADDON ?
Do I have to manually enter the rule on the router ?
Any help will be appreciated,
Thanks
Last edited:
