Difference between revisions of "CoolRemote"

From CoolAutomation Wiki
Jump to navigation Jump to search
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
__FORCETOC__
 +
== Documentation ==
 +
[https://coolautomation.com/lib/doc/CoolRemote/CoolAutomation_CoolRemote_User_Guide_(v.1.6_1)_final.pdf CoolRemote User Guide (PDF)]<br>
 +
 
== Firewall info ==
 
== Firewall info ==
 
'''Best Practices, on how to secure CoolMasterNet in the Firewall'''<br>
 
'''Best Practices, on how to secure CoolMasterNet in the Firewall'''<br>
 
As the Cloud IPs can change without any notice, as it’s an automatic service based on device geo-location, load balance and other parameters,
 
As the Cloud IPs can change without any notice, as it’s an automatic service based on device geo-location, load balance and other parameters,
we strongly suggest not to lock the CoolRemote cloud IP in the firewall.
+
we strongly suggest not to lock the CoolRemote cloud IP in the firewall.<br>
What we do suggest is the following:
+
What we do suggest is the following:<br>
Lock the CoolMasterNet IP by MAC address in the Firewall/Router (also called DHCP Reservation, or Network Object)
+
Lock the CoolMasterNet IP by MAC address in the Firewall/Router (also called DHCP Reservation, or Network Object).<br>
Create FW Rules, via Ports only and lock it to the CoolMasterNet network object.
+
Create FW Rules, via Ports only and lock it to the CoolMasterNet network object.<br>
Source/Destination: CoolMasterNet IP to/from Destination ANY ports:  
+
Source/Destination:<br>
10101 TCP/UDP
+
CoolMasterNet IP to/from Destination ANY ports:<br>
443 TCP/UDP
+
10101 TCP/UDP<br>
If you Firewall allows rule creation by FQDN host (DNS) it can also be done, but due to DNS propagation delays connectivity may occur.   
+
443 TCP/UDP<br>
The DNS to be set is app.coolremote.net
+
10101 TCP - outbound.<br>
 
+
10101 UDP - if your equipment is configured for pinholing then just outgoing otherwise both inbound and outbound.<br>
== Documentation ==
+
If your Firewall allows rule creation by FQDN host (DNS (port 53)) it can also be done but due to DNS propagation delays connectivity may occur.<br>  
[https://coolautomation.com/lib/doc/CoolRemote/CoolAutomation_CoolRemote_User_Guide_(v.1.6_1)_final.pdf CoolRemote User Guide (PDF)]<br>
+
The DNS to be set is [http://app.coolremote.net app.coolremote.net]
[http://coolautomation.com/lib/doc/quickstart/CoolAutomation-NEST-thermostat-InstallationSetupGuide-Rev1.3.pdf CoolAutomation - NEST Thermostat Installation & Setup Guide Rev1.3 (PDF)]<br>
 

Revision as of 08:22, 13 August 2020

Documentation

CoolRemote User Guide (PDF)

Firewall info

Best Practices, on how to secure CoolMasterNet in the Firewall
As the Cloud IPs can change without any notice, as it’s an automatic service based on device geo-location, load balance and other parameters, we strongly suggest not to lock the CoolRemote cloud IP in the firewall.
What we do suggest is the following:
Lock the CoolMasterNet IP by MAC address in the Firewall/Router (also called DHCP Reservation, or Network Object).
Create FW Rules, via Ports only and lock it to the CoolMasterNet network object.
Source/Destination:
CoolMasterNet IP to/from Destination ANY ports:
10101 TCP/UDP
443 TCP/UDP
10101 TCP - outbound.
10101 UDP - if your equipment is configured for pinholing then just outgoing otherwise both inbound and outbound.
If your Firewall allows rule creation by FQDN host (DNS (port 53)) it can also be done but due to DNS propagation delays connectivity may occur.
The DNS to be set is app.coolremote.net