How To Network Your Device
When bringing your safe online, its a good practice to review the LED on the device to understand the current state and potential adjustments that need to be made.
If you encounter connectivity issues, the light indicators will flash rapidly for a period of time, followed by a slow, specific number of times. To diagnose the issue, please see the steps below for troubleshooting and resolutions.
Troubleshooting & Resolutions
| Light Color | Resolution |
|
1 Long Red Flash
2 Long Red Flashes
3 Long Red Flashes
|
These errors are typically related to localized elements from network setup. Resolution will need to be an evaluation of the network for the device or the connection itself. Some potential troubleshooting steps are:
Note: Our device can only negotiate at 10-base-T or 100-base-T.
|
| 4 Long Red Flashes Unable to complete device provisioning (X509) |
This typically means that the MAC address has not been entered correctly. You can find the MAC address on the Device Management page by selecting a device and choosing ‘Settings’. A possible resolution is:
All of these commands should return “true”. They can be run on Windows Powershell and can be run if there are any suspected firewall issues. Test-NetConnection – ComputerNamefirmware.app.bioconnect.com -Port 443 -InformationLevel QuietTest-NetConnection –
|
| 5 Long Red Flashes Unable to connect to MQTT server |
This would typically be a firewall issue that is preventing access to our cloud server. A possible resolution is:
Test-NetConnection –
|
| 6 Long Red Flashes Unable to log into MQTT server |
This would typically indicate a server error. If the safe has been added correctly into the Link Admin Console, and all required ports have been checked for outbound traffic, please contact BioConnect support. |
BioConnect Link Required Port List
Below are the port requirements to ensure that your BioConnect Link device can function properly. Please ensure that your network team is made aware prior to the installation of the device(s).
Note: Our device can only negotiate at 10-base-T or 100-base-T.
| Service | Direction | Direction | Description |
| DHCP | 67/UDP 68/UDP |
In & Out |
Devices need DSHCP to obtain their IP address on the local network [Currently IPV4 Only] |
| DNS | 53/TCP/UDP | Out |
Domain Name Service: Used to resolve hostnames. Default DNS Entries are 8.8.8.8 and 8.8.8.4 |
| NTP | 123/UDP | In & Out | Network Time Protocol used to obtain current time of day required or validating server certificates and loggin |
| HA Device Message System | 8883/TCP | Out | TLS1.2 secured connection to message queue service; this is mutually authenticated. Used to send scans and receive responses, firmware upgrade requests, and configuration settings. |
| Azure DPS | 8883/TCP | Out | Used for device provision (TLS-Secured) |
| Azure IOT | 8883/TCP | Out | Used for Logging (TLS-Secured) |
| OTA Upgrade | 443/TCP | Out | Used for downloading Over-The-Air firmware updates (TLS-Secured) |
| Activation Server | 443/TCP | Out | Used for initial device activation (initial config paramaters and signing of x509 certificates) |