Remote access not working after moving rainmachine to new subnet

Follow

Rmilewsk

June 29, 2020 22:40

I've moved my rainmachine to it's own IoT subnet and am able to connect by creating a new direct connection to the new IP address but I'm not able to connect via remote access. Is there some type of access I need for the rainmachine or from my regular subnet to the IoT subnet? The IoT subnet has all access to the internet but only established and related connections are allowed from my trusted subnet to the IoT subnet. 

0

• 

  RainMachine Nicholas June 30, 2020 07:18

  You need to allow outbound to port 8000 (to Amazon AWS servers but this might be difficult to control)

   

  0

  Comment actions Permalink
• 

  Rmilewsk June 30, 2020 17:34 (Edited June 30, 2020 18:08)

  All outbound connections to the internet are enabled. I'm only blocking traffic from my IoT network to all internal LANs. Are there any ports that need to be enabled from the IoT vlan to the internal LANs that I have my contolling devices (ipad, android phone) on? I was able to see and control the rainmachine using remote access and direct access when I moved my ipad to the IoT network. I'm guessing something has to be enabled between my IoT network and internal trusted networks. 

  I figured this was something not setup properly between my IoT subnet and trusted subnet because everything worked properly after I moved the rainmachine back to my trusted subnet. 

  0

  Comment actions Permalink
• 

  Rmilewsk June 30, 2020 17:35

  I also read online that the device discovery will never work unless the device looking for the rain machine is on the same subnet. Is that correct? 

  0

  Comment actions Permalink
• 

  RainMachine Nicholas June 30, 2020 19:35

  Yes, device discovery only works on same subnet but this is only for local network access. For access over internet it will be discovered by querying our servers using port 8000.

  If you with to access RainMachine without going through internet between the IoT VLAN and LAN you will need to allow 443/8080(https) and optionally 80/8081 (http) inbound to IoT VLAN.

  That's all the ports involved for UI access. 

  0

  Comment actions Permalink
• 

  Rmilewsk July 01, 2020 02:25 (Edited July 01, 2020 02:28)

  Direct access works fine its only remote access that isn't working. Is only port 8000 needed for remote access? If so port 8000 needs to be opened between the rainmachine and aws? I'm looking for which devices need to have which ports opened between that device and wherever they are talking to. I'm looking for source and destination for the traffic. 

  0

  Comment actions Permalink
• 

  Rmilewsk July 01, 2020 03:08

  It may be working now. I didn't turn on my firewall rule for port 8000 but I did enable the igmp snooping and the mdns multicast dns. Do you know if either of those are needed on the unifi gear? 

  0

  Comment actions Permalink
• 

  RainMachine Nicholas July 01, 2020 05:07

  I'm not sure, when you say the remote access didn't work were you referring to the mobile app or https://my.rainmachine.com ?

  The entire list of ports used is here: https://support.rainmachine.com/hc/en-us/articles/228019128-Cannot-Connect-to-RainMachine

  0

  Comment actions Permalink

Please sign in to leave a comment.