Hammer Posted February 25, 2008 Share Posted February 25, 2008 I’m assuming internet access for Control4 “Basic Internet Services” (LASSO-metadata, TV Channel Lineups, Radio Station Lineups, and Software Updates) do not require any special cable or DSL router port forwarding and/or firewall rules given these are outbound service requests. However, given that the 4Sight Internet Services is an inbound request(s), I’m assuming port forwarding and/or specific firewall rules will need to be open to provide access to the Control4 Media Controller(S) for Remote Home Monitoring and Remote Home Programming Support to work properly.Can anyone comment on what inbound ports need to be opened/forwarded to the media controller to support 4Sight services in the most secure fashion?Thanks,George Link to comment Share on other sites More sharing options...
loudsubz Posted February 26, 2008 Share Posted February 26, 2008 I havnt had to do any port forwarding while using 4sight. I set it up a week ago and had no hitches from the start. Link to comment Share on other sites More sharing options...
RyanE Posted February 26, 2008 Share Posted February 26, 2008 George,The 4Sight system works by you putting in your 4Sight account information into the controller, which then opens up a VPN connection with Control4's servers. When you connect to the 4Sight system to control your system, it gives you that access through the existing VPN connection.Because this is how it works, it doesn't need any special port forwarding or NAT settings for most setups.RyanE Link to comment Share on other sites More sharing options...
Hammer Posted February 26, 2008 Author Share Posted February 26, 2008 Thanks guys for the responses.It is great to hear that it is an outbound VPN connection. Thanks again. Link to comment Share on other sites More sharing options...
movax Posted April 10, 2008 Share Posted April 10, 2008 I've had no success in getting my unit to call home to the 4Sight servers. First, with my ipcop box acting as a router (linux based + iptables), it did not get through, and there was no evidence of attempted VPN connection in any logs. I subbed in a standard, SOHO Netgear (WGT624v2), and it still can't connect to the control4 cloud to enable remote access in. I tried DMZing the unit as well, no dice...Anyone have any ideas?EDIT: I can still ping the controller from within the LAN, browse to its HTTP dir listing, browse to its Samba share, Composer ME sees it, etcetera. The problem is getting it to punch out a VPN/IPSec tunnel back to Control4, so my dealer can get some work done... Link to comment Share on other sites More sharing options...
ATOH Posted April 23, 2008 Share Posted April 23, 2008 Make sure the controller has your ISP's DNS information and not the router's IP address as the DNS server. That would be my first guess. Link to comment Share on other sites More sharing options...
badjesus Posted April 10, 2015 Share Posted April 10, 2015 Sorry to bring up an old post but all I can find are posts that have people port forwarding all system ports (opening themselves up to the internet).I just installed a SOPHOS UTM and no longer have access to 4sight... not surprising, it has blocked everything so far From Teamviewer, to plex, to pushover, etc... everything was blocked but I can't seem to open up 4sight no matter what I do. What is even more odd, is that in my house the app also seems to have an issue connection and I have to click on Troubleshoot then manually enter my IP (even though it is already showing the correct IP) to have it connect.I am assuming that 4sight is not establishing a VPN connection over port 80? Link to comment Share on other sites More sharing options...
msgreenf Posted April 10, 2015 Share Posted April 10, 2015 Def not 80, should be 443 Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
badjesus Posted April 10, 2015 Share Posted April 10, 2015 even over https, I am not getting anything from 4sight. I have enough other services running fine over 443 that it is definitely not an issue. Unless it requires a one to one nat rule... in that case.. that is quite brutal. Link to comment Share on other sites More sharing options...
AK1 Posted April 10, 2015 Share Posted April 10, 2015 Hmm, there's security and then there's paranoia. Sounds like the Sophos UTM out-of-box setup is not too different from simply turning off all your gear. Is it worth the hassle? Sorry to bring up an old post but all I can find are posts that have people port forwarding all system ports (opening themselves up to the internet).I just installed a SOPHOS UTM and no longer have access to 4sight... not surprising, it has blocked everything so far From Teamviewer, to plex, to pushover, etc... everything was blocked but I can't seem to open up 4sight no matter what I do. What is even more odd, is that in my house the app also seems to have an issue connection and I have to click on Troubleshoot then manually enter my IP (even though it is already showing the correct IP) to have it connect.I am assuming that 4sight is not establishing a VPN connection over port 80? Link to comment Share on other sites More sharing options...
pstuart Posted April 11, 2015 Share Posted April 11, 2015 it is establishing an openvpn connection outbound, I believe port 1194 off the top of my head. you will need to let port 1194 out to control4's vpn server to get 4sight to work. Link to comment Share on other sites More sharing options...
badjesus Posted April 23, 2015 Share Posted April 23, 2015 I have had a ticket open with C4 for nearly two weeks now and even they can't tell me what the issue is.The odd part, is that it seems to find my controller, but then it fails on authentication the first time, then continues to tell me that it can't find it. I know it has something to do with my new UTM but I don't think it is actually the firewall nor nat rules that are my limitation at this point. I (for testing only) opened everything wide open yet still nothing. I can't tell at this point if it is a cached setting on my controller that won't refresh properly (as the new UTM has the same IP as the old router) or if it is a port issue.It is pretty brutal that I called Control4 and all they could tell me is "You shouldn't forward ports"... yup.. thanks for the tip. But if I am blocking the connection then they should be able to tell me which external IP their service is on and which ports are needed for that connection. 2 weeks and a few escalations and still... nothing.... Link to comment Share on other sites More sharing options...
cdepaola Posted April 23, 2015 Share Posted April 23, 2015 Do you have a VPN running? We have a VPN always up at my work to a remote location and it produces similar issues to what you describe. Sent from my iPhone using Tapatalk Link to comment Share on other sites More sharing options...
badjesus Posted April 24, 2015 Share Posted April 24, 2015 No, no VPN. I was thinking of creating a connection so the app always thinks it's local. I am assuming this won't actually work? Link to comment Share on other sites More sharing options...
Joe Hettiarachchy Posted June 20, 2017 Share Posted June 20, 2017 I run a VPN server on port 1194. This causes 4sight to break, saying "no openvpn connections available" whenever I have clients connected to the VPN server. Is there some way to force control4 to try to establish a VPN connection using a different port? Link to comment Share on other sites More sharing options...
RyanE Posted June 21, 2017 Share Posted June 21, 2017 On 6/20/2017 at 8:31 PM, Joe Hettiarachchy said: I run a VPN server on port 1194. This causes 4sight to break, saying "no openvpn connections available" whenever I have clients connected to the VPN server. Is there some way to force control4 to try to establish a VPN connection using a different port? Unlikely. The VPN functionality built-into Control4 for 4Sight and other remote connections isn't configurable by the installer or homeowner. Your best bet would be to run your (hopefully configurable) VPN server on a different port. Sorry. RyanE Link to comment Share on other sites More sharing options...
qwerty88 Posted May 25, 2018 Share Posted May 25, 2018 Will 4sight work with ISP implementing Carrier Grade NAT? https://en.m.wikipedia.org/wiki/Carrier-grade_NAT Link to comment Share on other sites More sharing options...
livitup Posted May 25, 2018 Share Posted May 25, 2018 5 hours ago, qwerty88 said: Will 4sight work with ISP implementing Carrier Grade NAT? https://en.m.wikipedia.org/wiki/Carrier-grade_NAT Yes, it should, as everything from your home is client-side. Your controller reaches out to C4 to create a VPN tunnel. This should continue to work. Just curious what ISP is (or is considering) implementing Carrier Grade NAT. It's horrible for a bunch of reasons and my impression was the idea was pretty much abandoned in the US for residential broadband, in favor of using IPV6 for the last mile. Link to comment Share on other sites More sharing options...
bsanf3 Posted June 10, 2018 Share Posted June 10, 2018 On 4/10/2015 at 4:40 PM, badjesus said: Sorry to bring up an old post but all I can find are posts that have people port forwarding all system ports (opening themselves up to the internet). I just installed a SOPHOS UTM and no longer have access to 4sight... not surprising, it has blocked everything so far From Teamviewer, to plex, to pushover, etc... everything was blocked but I can't seem to open up 4sight no matter what I do. What is even more odd, is that in my house the app also seems to have an issue connection and I have to click on Troubleshoot then manually enter my IP (even though it is already showing the correct IP) to have it connect. I am assuming that 4sight is not establishing a VPN connection over port 80? Did you ever get 4sight working through your UTM? Somewhere along the many updates 4site stopped working for me and I think it's also blocking the Alexa integration. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.