Vera behind firewalls

What ports and firewalls rules should users be setting up to have Vera communicate across LAN and WAN?

None - if you use

Sorry, should have been more specific. I currently have a firewall in place. I will not be using the vera box as an access point only as a switch. I read that they are using SSH. Is that to say I only need port 22 open?

If you are going to use service to connect to your Vera, then you don’t need to open any ports - it uses an outgoing connection, not incoming.

Okay. But I have strict firewall rules. By default I block all incoming/outgoing traffic except very specific ports I open for services. So unless vera is using a VERY common port for outgoing, it will be blocked. Does anyone one know the specific ports its using?

I tried to monitor connections Vera opens, and it appears to be randomly selected port in 50000-60000 range, but I may be mistaken.

A 10,000 port window doesn’t seem very sensible. I could see 1 or 2 ports for a secure connection like port 22 for SSH, but 10,000? Can anyone give me some clarification?

Let me know if your firewall actually succeeds in blocking the findvera service. It should work regardless of the firewall. I haven’t seen a firewall yet that it wasn’t compatible with.

FindVera does not work for me, nor can I update my device. I gave it a static IP address via DHCP reservation and that is the only way I can access the device. Very buggy so far. I upgraded the Antenna on the device and it lost it’s settings. Then, the settings came back. Then after a reset, they were lost again. never worked for me and I’m not really blocking anything outgoing. I’m using a Linksys WRT300N with dd-wrt v24 SP1 MEGA firmware and has worked awesome with everything else. Any ideas?

PS: Is there a way to manually update the firmware?

My firewall was blocking NTp which was stopping the vera box from keeping the correct time.
A rundown of the ports would save some of us from unnecessary troubleshooting :o

mhedhli, can you ping our tech support? Either, click support and send an IM, or call the support phone #. This shouldn’t happen. Whatever it is, we’ll fix it, but I’d like to troubleshoot it with you to find the cause.

mark-hc, we just today changed the port to a number >1024. It seems some firewalls block responses to connections when the port is <1024, but with high numbers, it should work.

I’m not saying it is the case for mhedhli, but some people may unnecessary block all outgoing ports. In that case port 56861 needs to be open for to works, as explained here:

Also, it helps to enable SPI (Stateful Packet Inspection, aka Stateful Firewall). In Linux just insert this line before you drop all the other packets:

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT