Jump to content

isy portal communications


Recommended Posts

Are there any specific ports that my isy994i needs to connect out to the ISY Portal?


I just purchased the portal to try it out with my Amazon Echo.  The ISY is added to the portal, but continues to say "Never connected".  The ISY Portals page shows "Offline  Never Registered".


Hopefully it's just a little slow tonight, because there isn't any info I can find that says there are any special ports that it requires outbound (my firewall DOES filter outbound traffic).


Any ideas?



Link to comment

You don't need any specific port opened, the portal takes care of that. But you do need to register the portal. Have you attempted to register? Did you receive an email about registering?

Link to comment

Yessir, I registered it.


Could be total coincidence, but when I set an exception in my firewall to allow the ISY unfettered access outbound, things started to get back on track.  I saw it ask for permission in the ISY Console, the icon went yellow in the portal, and after accepting it, it went green and now I'm off and running.


So IDK if it's coincidence or if the devs are using a non-standard port to communicate outbound to the portal servers.

Link to comment

That's what I was wondering.  If the ISY uses http/https (or a multitude of other ports I already have open), it would be OK.  If it's using something specific, I think it should be published somewhere so crazy guys with hardened home firewalls know what the device requires to operate. :)

Link to comment

Outbound ports shouldn't be too insecure to publish.  You can't connect to them, they're outbound.


The reason I don't allow "all ports" outbound is to reduce exposure for anything malicious that finds its way into my network.  (And because I'm a freak. ;) )


I just feel that if you have a connected device, you should ask for (or specify requirements for) communications; consider it a privilege, not a right.


It's not a huge deal.  Just thought if a dev read this, they could correct me or publish the info for "the next guy". :)

Link to comment



Constraints for outbound initiated traffic is more of a statement of if you trust the device initiating outbound transactions. Its been common for a while for home based "server" functions, including the HA appliances, NAS's, Smart TVs, thermostats, cloud backup up solutions like webroot, idrive.. etc, to pick the port that they would like to use.


The isy is a very specific purpose network appliance, not a formal full feature OS with capabilities that can catch a virus, etc. I'm good with that being unpublished



Link to comment

I really don't want to get off topic here.


The vast majority of networked appliances leverage https (sometimes http) to connect to servers in the cloud.  I have plenty of them.  Those that don't use standard ports typically publish their requirements somewhere.  Google something like "Sonos ports", or "ecobee network ports".  You'll see them explicitly define what they require for normal operation.  They typically wouldn't be prone to viruses either.


Anyway, thank you for the feedback!

Link to comment

OK, cool.  So 8001 was originally missing - it's not a "standard" port so I have it blocked by default.  Once I allowed all outbound traffic last night, things started working fine.


(I did double-check the HTTPS Client settings, and they were OK.)


I can go back and change the firewall rule to only allow 443/tcp and 8001/tcp for the ISY's MAC address instead of "everything".


Thank you for the response.



Link to comment


This topic is now archived and is closed to further replies.

  • Create New...