Hmm, I’m only aware of the DNS lookup and outgoing coap TCP connection for Cores/Photons/etc. So in theory allowing outgoing TCP on 5683 and DNS for that device should be adequate. Are you sure the device is getting an internal IP address from your DHCP server in the prior configuration?
In particular you can see the cloud connection routine here:
I could be out of date, but I’ll pass this along to our firmware team as well in case I’ve missed something.
Hi @Stan It’s unclear to me wether those ports were being used by the Photon, or some other device on your network. Do you think you could do a bit more sleuthing to narrow it down so that we can make this a priority to resolve? You can help me with ideas here since you know your hardware and network best, but what if you temporarily change the router password with a computer connected over LAN, and only put the new password on the Photon. Block all ports on your firewall. With Photon off, make sure your firewall is happy. Fire up the Photon… see which ones are complaining. Open the normal ones and see if you can gain a Cloud connection on your Photon without 16284-16386. I would also like to get a firmware dump from your device before you change anything on it, in case we may use it to replicate what you are seeing.
With your Photon in DFU mode, this command will upload all flash to a 1MB binary:
dfu-util -d 2b04:d006 -a 0 -s 0x8000000:0x100000 -U photon-ports.bin
If you could email that to me at that would be appreciated!
After capturing the firmware from the Photon and also confirming these ports are required by the Photon, please try running the following command and see if it continues:
Hi - I am pretty sure those ports were blocked (originally) from the ip address of the photon.
I will make some changes - but this will require careful coordination - I got ripped a new one last night after applying a firmware change to the firewall - which required a firewall restart - and my wife was in the middle of a battle on a game on her Ipad…