Announcement

**Rupp** · January 22, 2020, 09:18 AM

It sounds like a firewall or anti-virus issue. Did you try shutting down Windows firewall and your firewall, and all AV software and test?

**waynehead99** · January 22, 2020, 09:58 AM

Where did you setup the port forwarding in PFSense? When I first set this up, it got me too. Make sure you have a rule in your NAT tab as well as your WAN tab (usually it will auto add to your wan if you start at NAT, but there is a setting to disable that somewhere).

HS admin site doesn't use 10200 to access it, so my guess is you have either 443 or 80 open directly to your machine (or VPN, please don't forward 80

)

Send what your firewall rules look like and we can get this worked out for ya.

**lifespeed** · January 22, 2020, 11:46 AM

Originally posted by Rupp View Post

It sounds like a firewall or anti-virus issue. Did you try shutting down Windows firewall and your firewall, and all AV software and test?

Originally posted by lifespeed View Post

I have tried turning off the windows firewall (rules are still there), but that didn't help.

I'll take a look at pfSense rules when I get home. I'm aware of NAT menu, and that it auto-adds a corresponding firewall rule when so configured. Currently HS3 web interface is running on port 8081, NAT'd and allowed through the firewall without issue. Which is why I'm confused about my inability to get HSTouch working. I checked the pfSense firewall logs, and it isn't rejecting attempts to access the Win 10 machine on port 10200.

Will report back tonight, thanks for the responses.

**randy** · January 22, 2020, 01:11 PM

It also could be a NAT reflection or “hairpinning” issue. This is an aspect of the router that redirects local IP calls back to the local network. pfSense does not enable it by default. It got me when I first installed pfSense. It has been a while since I used pfSense but IIRC it is on the firewall/NAT tab under advanced system settings. If not there Google “pfSense nat reflection”.

EDIT: look here.

**lifespeed** · January 22, 2020, 04:35 PM

Originally posted by rprade View Post

It also could be a NAT reflection or “hairpinning” issue. This is an aspect of the router that redirects local IP calls back to the local network. pfSense does not enable it by default. It got me when I first installed pfSense. It has been a while since I used pfSense but IIRC it is on the firewall/NAT tab under advanced system settings. If not there Google “pfSense nat reflection”.

I believe I was aware of this configuration option when I created the NAT and firewall rules, and have not been using it. I'll double check when I get home and post config screenshots. The problem NAT reflection is attempting to cure, best resolved by "split DNS", may be the problem I am facing, however.

**Demusman** · January 23, 2020, 09:09 AM

NAT Redirection would not cause this. It redirects public addresses to your LAN, so if you have a server setup that you access remotely using your public address, you can use that same setup from on your LAN.

If you can't connect using the local address from your LAN, it has nothing to do with pfSense.
I would guess HSTouch needs to be updated with the new IP address scheme but that's just a guess right now.
Can you deploy to the android from the designer?
What are you using for an AP? you changed to pfSense (best thing you can do!) but how is the Android connecting? Thinking maybe you're using an old router for an AP that may be giving it the old IP scheme?

Check your ip on the Android, try to ping from the Android. Do the basics first is my point.
Don't go to the firewall, if you can't connect from your LAN.

**lifespeed** · January 23, 2020, 12:58 PM

Originally posted by Demusman View Post

NAT Redirection would not cause this. It redirects public addresses to your LAN, so if you have a server setup that you access remotely using your public address, you can use that same setup from on your LAN.

If you can't connect using the local address from your LAN, it has nothing to do with pfSense.
I would guess HSTouch needs to be updated with the new IP address scheme but that's just a guess right now.
Can you deploy to the android from the designer?
What are you using for an AP? you changed to pfSense (best thing you can do!) but how is the Android connecting? Thinking maybe you're using an old router for an AP that may be giving it the old IP scheme?

Check your ip on the Android, try to ping from the Android. Do the basics first is my point.
Don't go to the firewall, if you can't connect from your LAN.

This is what I thought. If I can't even access HSTouch server using the local IP, something is wrong other than pfSense. While it does appear I may still have some pfSense issues with the new network, it isn't clear this is one of them.

For an AP I am using Ubiquiti NanoHD, which is not a DHCP server - pfSense hands out IP addresses. What do you mean "HSTouch needs to be updated with the new IP address scheme"? I have two server configurations entered in HSTouch Android client right now: The original pointing to mydomain.com, and a new one pointing to the local IP of the Win 10 machine as a test. In the past pointing HSTouch client to mydomain.com worked fine both inside and outside the LAN. Currently, mydomain.com works from a web browser to access HS3 server interface inside and outside the LAN.

**Demusman** · January 23, 2020, 01:09 PM

Assuming your HS server now has a new IP address.

Open designer, go to tools/project defaults. You'll need to update the IP address in there.

Again, this is just a guess.

Also, can you deploy to the Android?

**lifespeed** · January 23, 2020, 01:49 PM

Originally posted by Demusman View Post

Assuming your HS server now has a new IP address.

Open designer, go to tools/project defaults. You'll need to update the IP address in there.

Again, this is just a guess.

Also, can you deploy to the Android?

Thank you, I was unaware of an IP address configuration in the menu you described. I will check this when I get home tonight. I don't know what "deploy to the Android" means, probably because I have not used designer. So far I've just used HSTouch as-is.

**Demusman** · January 23, 2020, 02:02 PM

As is? I don't think that's possible.
Are you sure you're not using HS mobile?

**drhtmal** · January 23, 2020, 03:16 PM

Originally posted by Demusman View Post

As is? I don't think that's possible.
Are you sure you're not using HS mobile?

There is a default HS Touch project you can deploy.

**Demusman** · January 23, 2020, 03:25 PM

Originally posted by drhtmal View Post

There is a default HS Touch project you can deploy.

Right, DEPLOY. He said he never deployed anything.

**drhtmal** · January 23, 2020, 03:43 PM

Originally posted by Demusman View Post

Right, DEPLOY. He said he never deployed anything.

Understood. If you load/install --or what ever word you want to use to describe getting the app on the device-- HS Touch on a tablet or phone the default project is there so there is no need to deploy anything because the default project is installed by default.

**Demusman** · January 23, 2020, 04:19 PM

Originally posted by drhtmal View Post

Understood. If you load/install --or what ever word you want to use to describe getting the app on the device-- HS Touch on a tablet or phone the default project is there so there is no need to deploy anything because the default project is installed by default.

Ok, gotcha. It didn't work that way for me.
i got a blue screen saying I had to "do something" that I can't remember anymore.
So how would it control your system if you didn't give it anything to control?

Announcement

can't access HS3touch server on upgraded network

can't access HS3touch server on upgraded network

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment