Internet Connection via Building LAN
IT Firewall
The Turntide automation device requires an outbound connection on several ports to communicate with the Turntide Cloud. If there is no active connection with the Turntide Cloud confirm with the IT administrator that the below port settings have been configured. Stress to the IT administrator that these connections are for device initiated egress only (connections initiated only by the device from within their network).
The below ports must be open for all the TT hub services to connect to the cloud. For more information, see What Each Protocol Does below.
Destination | Protocol | Port | |
Required Egress | Turntide Cloud | MQTT |
TCP/8883 |
Required Egress | Turntide Cloud | SST | TCP/3199 |
Required Egress | Turntide Cloud | HTTPS | TCP/443 |
Required Egress | Configurable | DNS | UDP/53 |
Required Egress | Configurable | NTP | UDP/123 |
Required Egress | Protocol Specific | HTTP | TCP/80 |
Turntide Cloud URLs: app.turntide.com & machines.riptideio.com
A test for this can be done by
- Disconnect the Turntide automation device from the LAN
- Set your laptop’s IP address to the IP information designated for the Turntide automation device and connect your laptop to the LAN in place of the Turntide automation device.
- Use terminal or command prompt to perform the following commands:
- Ping app.turntide.com
- Ping machines.riptideio.com
If all return "host unreachable" there is likely a firewall or other IT issue that should be rectified with the IT administrator.
Incorrect Network Configuration
If communicating through a managed building LAN, ensure the automation device is assigned an IT provided IP address & subnet mask.
- Directly connect to the Hub UI and confirm all IP information entered matches what has been specified by the IT administrator.
- If it does not, update the IP address, Gateway and Subnet information; set DHCP to disabled. Save and restart the hub.
Faulty Physical Connection
Check to make sure all physical connections are secure and correct
- Ethernet cable connected to IP1 on the Turntide hub or to a switch that is also connected to IP1 on the Hub
- Ethernet is connected to the correct building network switch and port. This can be confirmed with the IT administrator
- All cables are connected and undamaged
What Each Protocol Does
- MQTT - Push data from hub to cloud. Send remote requests from cloud to hub (overrides and configuration changes via ops portal).
- SST - Remote secure access similar to SSH. This needs to be open to Console into the Hub from the ops page.
- HTTPS - Secure updates of hub. Used by snap-agent service to download snap packages.
- DNS - Lookup IP addresses using the hostname. Connection to cloud will fail if app.riptideio.com, machines.riptideio.com, app.turntide.com & machines.turntide.com are not resolved via a Domain Name Server. Default Hub DNS is configured for 8.8.8.8 and 8.8.4.4 which are Google hosted DNS servers.
- NTP - NTP is an internet protocol that’s used to synchronize the clock on the Hub within a few milliseconds of universal coordinated time (UTC). If an NTP server is not reachable the time on the Hub may drift and not be accurate.
- HTTP - HTTP is a protocol for fetching resources on the web. HTTP is only used by the Hub to fetch weather data from the NOAA weather service. If HTTP is not allowed egress the weather data may fail to update.
How to Verify MQTT is Connected
- Go to https://app.turntide.com/ops/#/devices and verify the hub has a green check and Online under Connection
- Log directly into the Hub and verify the Turntide Cloud says Connected in green
How to Verify SST is Connected
- Go to https://app.turntide.com/ops/#/devices and locate the Hub and select Console
- Click on the Terminal SSH icon
- If the Hub is connected via SST you’ll get a command prompt
- If the Hub is NOT connected via SST you’ll get the message “cannot assign requested address”