Mysa HQ Support logo
Mysa HQ Support logo
All articles

Detailed Network Optimization GuideUpdated a year ago

Wi-Fi & Internet Requirements:

  • Wireless protocol: 802.11 a/b/g @ 2.4Ghz (5.0Ghz not supported)
  • Wireless encryption: WEP/WEP128, WPA.

Step 1: Establish a Dedicated IoT Network

  • Purpose: Isolates IoT traffic, improving security and performance.
  • Action: Configure a separate SSID for IoT devices. Implement VLANs if possible, to further segregate and manage traffic.

Step 2: Enable Device Communication

  • Purpose: Allows Mysa devices to interact, share data, and operate cohesively.
  • Action: Adjust network settings to permit device-to-device communication. Ensure multicast DNS (mDNS) is supported and properly configured within the IoT VLAN.

Step 3: Implement Sticky DHCP

  • Purpose: Prevents IP address changes, aiding in device management and network stability.
  • Action: Configure the DHCP server to assign permanent (or long-term lease) IP addresses to Mysa devices based on their MAC addresses.

Step 4: Configure Ports and Whitelisting

  • Ports: Ensure the network firewall and router settings allow traffic on ports
  1. 1883 (MQTT)
  2. 8883 (Secure MQTT)
  3. 8345 for specific Mysa services.
  • Whitelisting: Add the specified URLs to the network’s whitelist to ensure uninterrupted access to Mysa services.

Pay special attention to the protocol (http vs https) and port numbers.

  1. https://rotate.zen.mysa-dev.cloud:8345 for secure device management and updates
  2. http://rotate.zen.mysa-dev.cloud:1883 for device communication without TLS
  3. https://zenprodstore.blob.core.windows.net for access to firmware updates and resources
  4. https://zen-prod-hub.azure-devices.net:8883 for secure device-to-cloud communication
  5. Encrypt OCSP server: http://r3.o.lencr.org/ to verify the revocation status of digital certificates.

Note that this server uses HTTP, not HTTPS, which might be blocked by some routers.

Step 5: DNS Resolution and Proxy Configuration

  • DNS Resolution: Verify and, if necessary, adjust DNS settings to ensure reliable domain name resolution. Consider using well-known public DNS services for reliability.
  • Transparent Proxying: If your network employs a transparent proxy, configure it to allow traffic for OCSP (Online Certificate Status Protocol) checks. This is crucial for the security verification of Mysa devices.
Was this article helpful?
Yes
No