Need to open ports in the Firewall for Smartthings

I_am_Root · March 4, 2019, 2:25pm

I have a Sophos UTM firewall, and with this firewall, and by default, the incoming and outgoing connections both are blocked.
Please note, I repeat the outgoing connections are blocked as well.
After I have integrated the firewall for my home network, ST has stopped working.
When I allow all the connections from ST IP to outgoing traffic the automation works, and hub shows green led. But I would just rather open the required ports rather than opening the entire traffic to and from to this hub.
So what protocols and ports do i need to open on the firewall for ST to work?

sidjohn1 · March 4, 2019, 2:33pm

I_am_Root · March 4, 2019, 2:46pm

Gosh, this is not about blinking led. I know all that, I have been using ST for a while.
The issue is about what ports I need to open for outgoing traffic to that connects ST to ST cloud.

DavinD · March 4, 2019, 3:01pm

Would be interesting to know. Have you tried just https (443)?

TylerDurden · March 4, 2019, 3:16pm

From @sidjohn1’s post:

What to do: A solid blue light is expected during the normal setup process and when downloading firmware updates (in some cases). However, if the light remains solid blue for longer than 5 minutes, this indicates the Hub is unable to establish a connection with our servers. This problem can occur when outbound traffic from a local network is being blocked. Double-check your network settings and make sure the following ports are open during initial setup: 11111, 9443, 443, 39500, and 37

I_am_Root · March 4, 2019, 8:42pm

I have https (443) open on this vlan (IoT)

I_am_Root · March 4, 2019, 8:45pm

@TylerDuren, thats exactly my problem.
When i reboot the hub, the led turns green, and within mins it turns solid blue.
I am looking at the firewall logs, and it says that the traffic outgoing has been blocked.
I can just allow the traffic from this IP, but that will literally open the entire port range for that IP, which i dont want to do.
Rather grab the port numbers that ST requires and open those ports for the ST hub’s IP address.
So we dont need to allow incoming connections right? just opening the ports 11111, 9443, 443, 39500, and 37 for outgoing should be enough?

TylerDurden · March 5, 2019, 12:58am

I’m just telling you what @sidjohn1’s link to the official SmartThings Support document says. You’ll have to try it and see.

This old thread may be helpful too.

Port Forwarding Devices & Integrations

Hello, I was reading about the ST setup process and saw that I need to open some ports with port forwarding on my router. I’ll have to do this manually as I don’t have UPnP enabled on my router setup any more. I’ve searched the FAQ’s, the KnowledgeBase, the forums but I don’t see any info or tutorial of what needs to be set for the port forwarding. Have I missed it somewhere? Will I get any use out of my hub until I figure out the port forwarding needed? Could anyone possibly post the ports that need to be opened and some basic info on which ip address I’ll be forwarding to, even if it’s just a screenshot of your own setup with the ports that are required? (I’m guessing the ST hub, but I don’t want to make an idiotic assumption.) ST will be set in my router with an internal static ip addr…

mkjansen · October 1, 2020, 4:38pm

HI! I’ve been having a similar problem! I had to allow ST to ping the router… on Ubiquiti, I had to allow ping to subnet gateway address in Guest_Local firewall ruleset!

Need to open ports in the Firewall for Smartthings

Customers

Developers

Download the SmartThings App