Philips hue bridge with T80

edited January 22 in Firebox - Other

hello everyone, i'm new to setting up firebox firewall, now i run into the following problem i use a philips hue bridge that i can control locally perfectly but remotely this doesn't work for unknown reason, i already have see via traffic monitor to opened the necessary ports that the hue bridge uses tcp and udp 80, 443, 123, 53 I myself have a suspicion that it has something to do with proxy settings. does anyone have experience with hue brige in combination with firebox.
I use a firebox t80 with all licenses.
thanks in advance for your responses.
Nick.

Comments

  • Do you have a snat action and a rule for that? I always try to avoid open ports to outside because of security reason. I also use the hue bridge behind a firebox and solve that with client vpn.
  • dear Watchguardian, I have applied the following currently see screenshot, can you provide me with a link what you mean by vpn client? is this an ip within your own network range, for example 10.0.1.223 that goes through a vpn? or am i seeing this wrong?

    https://postimg.cc/bdDDGvzp

  • I have applied the following currently see screenshot

    can you provide me with a link what you mean by vpn client? is this an ip within your own network range, for example 10.0.1.223 that goes through a vpn? or am i seeing this wrong?

    • I mean a Mobile VPN configuration on your Firebox like IKEv2

    Here are some information, about Mobile VPN with IKEv2:
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/mvpn/ikev2/mvpn_ikev2_about_c.html

    What device are you using to control the light?

  • the problem occurs with philips hue bridge, i want to make it work through the hue app but can't apply the following see screenshot, according to the app there is no hue bridge on my network. my previous router was a unifi dream machine then it just worked without any settings?

    https://postimg.cc/kR9KH8Qd
    https://postimg.cc/3WCcxFbm

  • As I can see, port forwarding doesn't work with the hue bridge. I also try it without my vpn connection. I have the same issue. I created an any out rule to bypass the proxy rule.

    I would say the problem is not the firebox. Maybe you reset the hue bridge and try it again.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @djsl1210
    The Hue bridge won't work through a proxy, as it tries to send non HTTP data over port 80, which the proxy will quickly drop. Lots of consumer devices do this because port 80/TCP or 443/TCP (the HTTP/HTTPS ports) are almost never blocked on home routers.

    If you haven't already done so, setting a DHCP reservation for the hue bridge would be a good idea.
    You'll need to create a custom packet filter for HUE, and then make a policy via that custom packet filter.

    Make a new policy using the packet filter list, and find HTTP.
    -Make the rule from the IP of the hue bridge.
    -Make the TO field any-external.
    -Make sure the new policy is above/before any HTTP proxies.

    Hue is designed to work on a home network (so a large flat single subnet network.) It'll likely detect having different networks (like an IoT subnet, or optional DMZ) as being external.

    -James Carson
    WatchGuard Customer Support

  • Now works for me with and without a proxy rule. Maybe there were problems in the backend

  • Dear Watchguardian, James, thanks for your feedback, meanwhile the problem is solved, the solution is to add proxy exception.
    *.data.meethue.com
    *.ecdinterface.philips.com
    *.diag.meethue.com
    *.philips-hue.com
    Thanks in advance for pointing me in the right direction.

Sign In to comment.