proxorp Posted December 3, 2015 Posted December 3, 2015 I'd appreciate suggestions from anyone on this issue... Problem: Can't Arm ELK M1G from ISY Admin Java App. Other communication to/from ELK M1G working. Suspected Reason not working: The documentation I've seen says an ELK user/password needs to be entered in the Configuration->Elk->Configuration tab. HOWEVER, on my Windows 10 system, there is no such field found in this configuration tab (see attached screenshot). Only the Elk M1XEP related fields (Enabled/IP Addr/Port/SSL/Access Code/Disable on/off) are exposed...no field for user/password that will allow arm/disarm commands. Suspected Root Cause: I suspect something is preventing the ISY Admin App from presenting the User/Password fields in the Configuration->Elk->Configuration tab. Perhaps some Java/Firmware compatibility issue??? Any ideas or suggestions? Things I've done to try and fix and other observations: - ELK firmware has been updated to latest: M1G HW:v0.13, Boot:v3.3.6, Firmware: v5.3.8 M1XEP HW:v1.0, Boot: v2.0.2, Firmware: 2.0.34 I've attached screenshot of my Elk M1G - ISY 994izw firmware has been updated to the latest (see attached grab) ISY Firmware v.4.3.26 UI v.4.3.26 Product ISY 994i PRO (1100) (w/ OpenADR 21010, Elk Security system 21090, Z-wave 21100) ISY z-wave firmware has been updated to v4.55 (bootloader v1.03) - Java has been updated to latest Java Version 8 Update 66 (build 1.8.0_66-b18) - ISY is connected to the Elk M1G over the Elk non-secure port. - Elk M1G Globals Serial port 0 has check boxes set (see attached screenshot) - I've created a user on M1G with Arm/Disarm/Bypass checked and Access not selected. I just need to somehow get this user into ISY...but can't see the fields to enter. - I can view/manipulate ELK zone info. Java Admin event viewer shows these commands successful. However, Java Admin commands to Elk. - I've ensured that the ElkRP2 app is disconnected from the M1G while testing. - I've watched the Event Viewer as commands are sent to the M1G and only the Arm/Disarm related commands are failing. I see other commands to the M1G and status from the M1G successfully transfer. - I've reviewed various forum topics....like this one: http://forum.universal-devices.com/topic/7045-elk-wiki-connection-troubleshooting/ Since I am able to query and manipulate zones/outputs of the M1G, I don't suspect a network issue. It all points back to my inability to find the user/password field that will allow the ISY to login as an ELK user and control the arm/disarm commands. Again, any help appreciated. See attached screen grabs, especially the ISY configuration shot with missing user field. Thanks! David.
Scottmichaelj Posted December 3, 2015 Posted December 3, 2015 In the ELK screen on the ISY you should have the master code for your Elk system in the access code section, SSL checked and then the correct SSL port that is shown on the Elk RP M1XEP page under secure port. Also make sure when you are in the Elk RP software that port and IP is the same on the bottom right by the lock. Hope this helps.
proxorp Posted December 4, 2015 Author Posted December 4, 2015 Thanks. For some reason I can't get M1G and ISY to connect via secure port. But it does connect via unsecured port. Regardless, would that explain why my Elk->Configuration screen doesn't have fields for the Elk User used to communicate arm/disarm requests? Can anyone confirm that my Elk->Configuration screen is missing those fields compared to your Elk->configuration tab? See attached screenshot.... Maybe I'm just looking in the wrong place and the user field exists somewhere I've missed? I'm not talking about the 6-digit access code needed to communicate with M1G, but the User configured in M1G that ISY will use to send Arm/Disarm type events. That field and 4-digit pin code must be entered somewhere on ISY...I thought the docs said this was in the Configure->Elk->Configure tab of the Admin Java app, but it doesn't present on my system.... Again, everything not related to Arm/Disarm seems to be working (even using the unsecure port)....Except the Arm/Disarm feature. I'm presently writing programs using Elk zone status/states to manipulate ISY z-wave devices and vice versa....but inabilility to arm/disarm via ISY is annoying. This is such a basic problem, but I've spent hours trying to resolve... Thanks!
Scottmichaelj Posted December 4, 2015 Posted December 4, 2015 Thanks. For some reason I can't get M1G and ISY to connect via secure port. But it does connect via unsecured port. Regardless, would that explain why my Elk->Configuration screen doesn't have fields for the Elk User used to communicate arm/disarm requests? Can anyone confirm that my Elk->Configuration screen is missing those fields compared to your Elk->configuration tab? See attached screenshot.... Maybe I'm just looking in the wrong place and the user field exists somewhere I've missed? elk configure.png I'm not talking about the 6-digit access code needed to communicate with M1G, but the User configured in M1G that ISY will use to send Arm/Disarm type events. That field and 4-digit pin code must be entered somewhere on ISY...I thought the docs said this was in the Configure->Elk->Configure tab of the Admin Java app, but it doesn't present on my system.... Again, everything not related to Arm/Disarm seems to be working (even using the unsecure port)....Except the Arm/Disarm feature. I'm presently writing programs using Elk zone status/states to manipulate ISY z-wave devices and vice versa....but inabilility to arm/disarm via ISY is annoying. This is such a basic problem, but I've spent hours trying to resolve... Thanks! Maybe your getting confused by the term "access code" - the access code on the ISY configuration side is the code you use to disarm the alarm, your user code per say. This is confusing because on the ELK side the access code is something entirely different to allow programming on the Elk keypads. You also say the secure port is not working, have you opened it on your router and forwarded to the Elk M1XEP IP?
shannong Posted December 5, 2015 Posted December 5, 2015 The ISY does not support username/password auth for TLS. That's why those fields aren't available in the Admin console. It's by design. They'll tell you it's because auth is not actually part of the TLS library, which is true. TLS is just a secure connection protocol and authentication is part of the underlying application.However, they could choose to include it just like HTTP has the basic that's wrapped inside HTTPS/TLS. I wish they would add it. So to do a secure connection from the ISY to the M1, you'll have to disable username/password authentication on your M1XEP. This would mean no applications connecting to your M1XEP could utilize the u/p authentication.
oskarw Posted December 10, 2015 Posted December 10, 2015 This topic is also discussed under http://forum.universal-devices.com/topic/15809-cant-connect-to-secure-port-after-firmware-upgrade/
Recommended Posts
Archived
This topic is now archived and is closed to further replies.