AL HARMON Posted July 18, 2017 Posted July 18, 2017 First- I'm not a computer genius. Secondly- I've reset the router and ISY so many times they both have identity crises. I can easily access the isy from my home network, have a z-wave Schlage lock as a single device which I can control. I can access the UDAjax page which operates fine and the isy configuration page works also.I just have not been able to access any of it from my guest wireless internet, which I understand would be similar to a remote location.I have some screenshots and just don't know what is wrong. I find some conflicting advice online about the issue, and after a month at this, I'm ready to scream or hire an expert.
Xathros Posted July 18, 2017 Posted July 18, 2017 First- I'm not a computer genius. Secondly- I've reset the router and ISY so many times they both have identity crises. I can easily access the isy from my home network, have a z-wave Schlage lock as a single device which I can control. I can access the UDAjax page which operates fine and the isy configuration page works also. I just have not been able to access any of it from my guest wireless internet, which I understand would be similar to a remote location. I have some screenshots and just don't know what is wrong. I find some conflicting advice online about the issue, and after a month at this, I'm ready to scream or hire an expert. Screenshot (2).pngScreenshot (2).pngScreenshot (4).pngScreenshot (5).pngScreenshot (6).pngScreenshot (7).pngScreenshot ( .pngScreenshot (9).pngScreenshot (10).png Hello Al, Your guest network is NOT like a remote network. For one, it's inside the router not on the WAN. Secondly, most routers that offer guest networks enable "Strict Isolation" on the guest network that prevents an IP on the guest network from seeing any other local IP except that of the gateway. This allows access to the internet for the guest but prevents them from connecting to your private LAN or any other guest. If your router supports loopback, you might be able to hit the outside IP from another machine on the private LAN for a test. I find it unlikely that loopback would work at all from the guest side. If your unable to access the ISY via public IP from the private LAN, you can hit the UDAjax page from your phone (blatantly assuming that everyone has a smartphone) using cellular rather than WiFi or try from a friends network instead. Hope this helps. -Xathros
AL HARMON Posted July 18, 2017 Author Posted July 18, 2017 Thank you Xathros for the reply. Did you notice anything incorrect from any of the screenshot settings? My linksys 2500 only supports 2 dynamic companies and I am using NoIP for the dynamic DNS. I can access a wifi hotspot in my neighborhood which would be out of my router network. ps. Sold the smart phone when I retired from business a few years back.
larryllix Posted July 18, 2017 Posted July 18, 2017 You have exposed your external ISP IP address to the world here...makes you more hackable. Get rid of the port forwarded (to 192.168.0.147 = ISY) ports 80, 5800, 5900. 8080. ISY doesn't need them to be open to the world. Port 80 is the defacto port number that is usually used inside your LAN to access almost anything. It is making your ISY exposed to the world. Port 443 (or your choice of higher numbered ones) are secure ports and require the usage of https://www.xxx.yyy.zzz:443. Note "s" and the ":443". This is the only port forward required to access your ISY from the outside world (external to your LAN) Inside your LAN you can access your ISY with port 80 and http://192.168.1.147. Note no "s" and port number 80 is assumed by browsers etc. Your password was always the last line of defence with what you exposed but not good for security. Like Xathros posted, guest networks only allow users to access Internet OUT to protect your personal stuff. Your router may be hackable with some effort with what you posted also. Then you have problems. To change your external IP address mow, usually a router power off for a few hours will usually have a new one issued to you. Maybe call your ISP and they can do it.
AL HARMON Posted July 19, 2017 Author Posted July 19, 2017 Thank you Larryllix for the advice and I shall make those changes. Actually my Son came by and with his iPhone we did access the ISY features, so apparently the remote access does work. I assume his iPhone was not on my network, but on Verizon's network. Now I shall make those router changes.
stusviews Posted July 19, 2017 Posted July 19, 2017 If your son has ever accessed your WiFi network, then it's possible that his phone was on your network and not Verizon's.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.