Advanced network settings
Data usage
See Data usage for more information about the data usage of the SmartgridOne Controller.
For troubleshooting high data usage, see also Troubleshooting - Data usage
Wiring
See wiring & connectivity guidelines for wiring the Ethernet network.
Security policy
Security policy: Download the PDF.
Firewall
Network ports for outbound connections
Most home and small business networks allow all outbound connections by default. You do not have to do anything in this case.
The SmartgridOne Controller requires that outbound connections in the network firewall are allowed on the following ports:
- TCP port 80 & 443: General Internet connection port. Without this port, the SmartgridOne Controller cannot function. Some monitored & controlled devices use port 80 locally for communication, but this port is not generally used for internet communication.
- TCP port 1194: Remote service connection port for updates, diagnostic services and remote support. The SmartgridOne Controller can function without this port, but may not receive updates, and remote support is not possible. It is recommended to enable this port. You can change this port in the SmartgridOne Controller configuration to port 1192 or any port in the range 35000 to 40000 if needed.
- TCP port 1883 and 8883: Used for MQTT; required in case the SmartgridOne Controller must be able to receive live control signals (e.g. when coupled to the imbalance / FCR energy markets!)
- UDP port 123: NTP Port (Clock). Without this port, the SmartgridOne Controller cannot update its internal clock. This is important for proper communication.
Network ports for inbound connections
The SmartgridOne Controller does not require opening any network ports for inbound connections.
It is strongly discouraged and NOT necessary to configure your firewall to port forward or allow incoming TCP and UDP connections on the listed ports above! This is a serious security risk.
Domain whitelist
To avoid connectivity issues after future updates, it is recommended to whitelist all the eniris.be and eniris.io domains with a wildcard:
- *.eniris.be
- *.eniris.io
- a2j3w1vc0ecyne-ats.iot.us-east-1.amazonaws.com (Only when using Yuso)
At least the following Eniris domains are used at present by the SmartgridOne Controller:
- api.eniris.be - (telemetry & energy measurements) - TCP port 443:
- authentication.eniris.be - (authentication) - TCP port 443
- public-health.eniris.be - (device health monitoring system) - TCP port 443
- mender.eniris.be - (device update system) - TCP port 443
- public-mender.eniris.be - (device update system) - TCP port 443
- mqtt.eniris.be - (MQTT) - TCP ports 1883 & 8883
- neoregistry.eniris.be - (device update system) - TCP port 443
- neodata-ingress.eniris.be - (data ingress api) - TCP port 443
- vpn.eniris.be - (remote support) - TCP & UDP ports 1192-1194 and 35000-40000
- ntp.eniris.be - (clock synchronization) - UDP port 123
Fixed IP addresses
The SmartgridOne Controller is by default configured to use DHCP. You can change this to a fixed IP address in the 'Settings' tab of the commissioning interface.
If you lose access to the commissioning interface after setting a fixed IP address, then check out the troubleshooting section.
VLAN
For additional network security, you can place the SmartgridOne Controller in a VLAN. Make sure that the devices it has to be able to communicate with are in the same VLAN.