My facility has a secure firewall, will this work?

Our solution can work within secure networks. In many cases simply connecting the LoRa Gateways to your network will work out of the box with no changes necessary.

• The easiest way to work around the issues of a secure firewall is to connect the gateways before the secured portion (e.g. in a partitioned zone with full access). The Lora Gateways and Sensors use secure transmission and connectivity to communicate directly with each other (and not to other devices within your network) and so allowing them a direct connection to the Internet is a safe and easy path forward.

• If your setup must enforce security behind a firewall and you need details on Ports to open, please refer to the below list of ports.

Gateway ports (based on Lora network configuration)

• Gateways shipped preconfigured with Azure - TCP ports 8883 & 443

• Bring your own gateways configured using these instructions: UDP 1700

• Gateways configured for TTN - UDP 1700 and TCP 443

• If an Ethernet gateway isn’t coming online after confirming the ports above are open on the network:

  • Check with your network administrator that there is no MAC Address filtering or device whitelisting on the local network. If these are present, the solution will still work, but the network administrator will need to individually whitelist all gateways connected.

  • Check that the Ethernet port you’ve plugged the gateway into has a valid internet connection for something else (like a laptop or PC).

  • Have the network’s administrator whitelist the following hostnames:

    • us-east-prod-mydev-hub.azure-devices.net

    • prod-dps.azure-devices-provisioning.net

    • global.azure-devices-provisioning.net

    • eu-west-prod-mydev-hub.azure-devices.net

    • au-east-prod-mydev-hub.azure-devices.net

    • jp-east-prod-mydev-hub.azure-devices.net

    • in-south-prod-mydev-hub.azure-devices.net

  • The gateway also makes NTP connections to synchronize its clock, so allow traffic to:

    • *.pool.ntp.org