This article provides network and connectivity specifications for Kisi devices. The information given is intended to make the process of configuring a network for Kisi devices easy and reliable, for both initial setup and regular maintenance. It is intended for systems and network administrators, as well as standalone users.
Kisi Network Access Requirements
The Kisi devices (Controller and Readers) are able to connect to the Internet using both Ethernet and WiFi. Ethernet is the preferred connection method and it will be prioritised over WiFi. However, we recommend setting up Kisi to work with both networking options (Ethernet and WiFi) for redundancy. If the Kisi Controller is located in an area with no WiFi connection, it might be relevant to set up a dedicated 4G hotspot.
The Kisi Controller is capable of connecting to a network via a wired ethernet connection. It supports 10 Mbps and 100 Mbps connections.
The Kisi devices can operate on both 2.4 GHz and 5 GHz frequencies. The Kisi devices do not require an open network for them to work, as they can operate on WPA, WPA2, and Open networks. As a best practice, we recommend your Kisi Controller be is installed next to the router.
The Kisi devices do not currently support enterprise-level WiFi authentication (802.1x), which requires a user to log in with a username and password as well as the customary SSID. You will not be able to connect your Kisi Controller to such a network unless this is downgraded to 802.11n WiFi operating in the 5 GHz band. Kisi devices are also compatible with 802.11a, 802.11b and 802.11g networks.
The Kisi devices do not support networks that require a user to enter login details before network access is granted (Captive Hotspot networks). This is most commonly encountered with public hotspots and some guest networks in office environments.
Network Address Specifications
The Kisi Controller only makes outbound connections, as such the device must have Internet connectivity and be able to resolve DNS names in the following domain: *.electricimp.com
For the Controller to be able to make outbound connections, it is also necessary for specific TCP and UDP ports to be allowed through your firewall. Below is a list of specific ports that need to be whitelisted.
|31314||✓||Initial device-server connection|
|993||✓||Fallback device-server connection|
|443||✓||Fetch device firmware|
|80||✓||Fallback fetch device firmware|
|53||✓||Allow DNS lookups|
The Kisi Controller will attempt to connect via TCP port 31314. If that fails, it will attempt to use TCP port 993, which is typically open by default for email traffic. Ports 443 and 80 are used to request and transfer WiFi chip updates. This port is typically open by default for HTTP/HTTPS.
Most customer networks with an outside connection to the Internet will have some form of security in place, such as a firewall. In order for the Kisi devices to access the Kisi Cloud with full functionality, your firewall must be set to allow connectivity on all the ports and addresses provided above. The Kisi Controller is able to connect across multiple levels of firewall and NAT (Network Address Translation).
Should a customer experience any connection loss with Kisi devices, the customer firewall will be considered as a likely factor and should be verified in the first instance.