Suggestion to limit connections to wifi attachment

[lnevo]

I thought it was required to read and write to the RA as well. Is that not the case?

[binder]

I thought it was required to read and write to the RA as well. Is that not the case?

i thought everything was like this:

• wifi authentication limits read and write access to the RA (except the /sa which always is a read only, but this needs to be confirmed). so you create a username & password combination to access the RA.
• portal key limits the sending of data to the portal from the RA with the matching key

If my understanding is wrong, then I need to be corrected, but this is how I thought everything worked.

[rimai]

There is an open issue pending testing and approval.
Branch issue71: https://github.com/reefangel/Libraries/issues/71
There is a mention about this branch in here:
http://forum.reefangel.com/viewtopic.php?p=22824#p22824
If anyone wants to test it, we can merge to dev and include to next release.
It will require some changes in the apps and in the portal code.
I'll also have to revisit this to refresh my memory.

[AlanM]

OK. the /sa location is supposed to let people in without authentication, from what I understood, but I just had to disable authentication in order for reeftronics to be able to reliably connect. I never had a problem with the app because it actually does the authentication

Russ uses the /sa to get his data, but he very frequently gets a 401 access denied message with that URL even though it's not supposed to have auth on it.

I opened up an issue on this and one other here:

https://github.com/reefangel/Libraries/issues/217

where sometimes Russ gets a response beck to his /sa query which looks like traffic which is supposed to go to the portal.

In the meantime, how do I switch the port that the RA runs on since I have auth currently disabled? I assume I'll need to do it in the .ino file because the RA needs to tell the portal what port to use.

[binder]

In the meantime, how do I switch the port that the RA runs on since I have auth currently disabled? I assume I'll need to do it in the .ino file because the RA needs to tell the portal what port to use.

This is handled at your firewall/router. You need to tell the firewall to forward port 12345 to port 2000 on the RA. Or whatever port you want to use instead of 2000. You can use any port from 1024 through 65535. Whatever port you pick, I would keep it private though, so nobody else knows. Typically the higher port numbers are used by outgoing connections (like your web browser traffic when you browse the web) and the low number ports (below 1024) are used for servers for common, well known protocols.
Then, you must update the following:

• Portal to use the new port
• Apps to use the new port
• whatever else to use the new port

Now, any data coming into your network on the new port will be sent to your RA and port 2000 will be closed on your firewall. Your RA wifi will still think it is operating on port 2000. The firewall handles all the requests and the "magic" of directing the ports appropriately.

This is exactly how I do it and it is pretty simple. My router allows me to change the ports around like that and I'm assuming others do too.

[AlanM]

This is handled at your firewall/router. You need to tell the firewall to forward port 12345 to port 2000 on the RA. Or whatever port you want to use instead of 2000.

Great. Easy enough to do. Thanks. I'll update the port with Russ and AquaticLog too.

[lnevo]

If you did want to change the port the RA listens to it's a setting in the wifi module.