Page 1 of 1

TAKTIKAL 9700

Posted: Sat Nov 12, 2022 6:00 am
by swfl_extreme
I recently purchased this LTE router. I do know that it has a Quectel EP06 modem, but does anyone know the other hardware of this unit? I think it might be a WE826, but I'm not sure. TIA

Re: TAKTIKAL 9700

Posted: Sat Nov 12, 2022 5:55 pm
by Didneywhorl
WE826 .. question is, is it a WE826T2 or WE826Q. Probably find it in the system or kernel logs. One is a Qualcomm 9537 the other is a mediatek chip. Cant recall which.

Re: TAKTIKAL 9700

Posted: Sun Nov 13, 2022 9:05 am
by swfl_extreme
It's definitely the Mediatek chipset, so is that T2 or Q?

MediaTek MT7620A ver:2 eco:6

Re: TAKTIKAL 9700

Posted: Sun Nov 13, 2022 11:57 am
by Didneywhorl
T2/T

The Q uses a Qualcomm QCA9531

Re: TAKTIKAL 9700

Posted: Mon Nov 14, 2022 11:43 am
by swfl_extreme
Excellent! I'm a total n00b with Goldenorb. I'm trying to troubleshoot one of my devices (Smart Thermostat) not connecting to the cloud. Is there a way to monitor the traffic for this one node? I have the IP and MAC address and I need to make sure that it is communicating across the proper ports. Any advice?

Edited to add: My current setup is the WE826 serving as the main router (DHCP, DNS, NAT, etc.) but I have disabled the Wifi and have a TP-Link Archer A7 in AP mode serving the Wifi on my network. Obviously have ethernet cable connected to WAN port on the TP-Link going to LAN port on WE826.

Re: TAKTIKAL 9700

Posted: Mon Nov 14, 2022 8:24 pm
by Didneywhorl
Monitor, as in when connected to the router, or remotely?

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 5:26 am
by swfl_extreme
I need a packet sniffer like tcpdump or equivalent. I just need to see the packets coming from the thermostat 192.168.1.235 and verify that the router is passing the data upstream and receiving the data downstream. It could also be an AT&T issue, but I'm trying to troubleshoot this issue.

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 10:28 am
by Didneywhorl
There is a firewall log i believe, and rooter is openWRT based so you can pretty much install any openWRT package on it. I've never done traffic analysis myself.

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 11:47 am
by swfl_extreme
So, this has to be something with the firewall. I connected the thermostat to my iPhone via hotspot and it worked straight away. Once I switched it back to my Wifi, it continued to work for about 15 minutes and then the thermostat went offline. When I look at the Firewall, it is just the basic General Settings and Traffic Rules that are setup. I'm assuming that I need to create some rules for the thermostat.

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 1:42 pm
by swfl_extreme
I read the other post about this same issue and that guy gave up and bought a different Thermostat. I'm prepared to win this battle! I will not throw in the towel. lol

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 2:48 pm
by Didneywhorl
It might be that the thermo is setup to be pinged externally and not as a "man on the inside", and since cellular wireless uses CGNAt, there is no public facing IP. Maybe? I'm guessing that is why one brand would work for someone and the other wouldn't?

Just spitballing.

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 6:09 pm
by swfl_extreme
That is very possible. This is what their tech support told me:

"make sure the thermostat can connect to the following connection points:
Resideo- App Devices:
provprod.clouddevice.io
fwuprod.clouddevice.io
weather.clouddevice.io
lcc-prodsf-lcc01sf-iothub.azure-devices.net
lcc-prodsf-lcc02sf-iothub.azure-devices.net
T series thermostats use a persistent AMQPS connection on Ports 5671 and 5672, negotiated by a port 443 request."

Re: TAKTIKAL 9700

Posted: Tue Nov 15, 2022 6:12 pm
by swfl_extreme
Is there anyone on this forum that is a firewall guru with Goldenorb that might be able to figure out how to make this work?

Re: TAKTIKAL 9700

Posted: Wed Nov 16, 2022 8:17 am
by swfl_extreme
Didneywhorl wrote: Tue Nov 15, 2022 2:48 pm It might be that the thermo is setup to be pinged externally and not as a "man on the inside", and since cellular wireless uses CGNAt, there is no public facing IP. Maybe? I'm guessing that is why one brand would work for someone and the other wouldn't?

Just spitballing.
I just watched your video about Torguard. Would that be a solution for me? Most VPNs allow you to setup port forwarding and IF CGNAT is my problem, then theoretically it should work since I will have a dedicated IP, right?

Re: TAKTIKAL 9700

Posted: Wed Nov 16, 2022 8:24 am
by Didneywhorl
That should help yes, but you may experience slower speeds as running a VPN on the 400MHz single core 826 router base isn't real optimal. Wireguard is lightweight, but I'm just giving you a heads up that it might be noticeable.

Make certain you get a good geographically close VPS.

Re: TAKTIKAL 9700

Posted: Wed Nov 16, 2022 9:36 am
by swfl_extreme
Do you know of any tutorials for setting up port forwarding through Torguard?

Re: TAKTIKAL 9700

Posted: Wed Nov 16, 2022 11:33 am
by Didneywhorl
I'm not a routing table expert, or even close.

openWRT Wireguard port forwarding is what I would search the interwebz for. Most liekly it's just port forwarding through firewall zones.

Re: TAKTIKAL 9700

Posted: Wed Nov 16, 2022 2:42 pm
by mtl26637
Usually these issues are related to DNS settings. IOT devices like to hard code their own dns settings and can cause issues sometimes. Also IOT devices like to phone home and are in constant communication to servers such as amazons aws ec2 servers. I would imagine that for whatever reason your IOT device (thermostat) can not contact its server and is being blocked for whatever reason. What is strange is the fact you said it was working for awhile after hooking it back up?

Most of the time the IOT device will initiate the connection to the server which should work correctly. What will not work is if the server initiates the connection with the IOT device. Almost all LTE plans are behind carrier CGNAT and you can not start a connection from the outside (internet side). The only way this can be set up is through a tunnel or VPN setup where you can access your home internal network from the outside internet. What you need to find out is how that device's connection is established and whether the device initiates the connection. You need to also check and see if you can communicate with the list of servers they gave you but that may be tricky as you might not be able to simply ping the addresses since they may only have those specified ports open.

Its hard to say what the problem is without seeing the comms but thought this might help track it down or give you some things to look at..