Gateway Port Requirements and Protocols

If you're using the ethernet cable to connect your Conserv gateway to a network, here are some tips on our ports and protocols that you might find useful.

 

Outbound access requirements:

There are two protocols that we use (TCP and UDP) and our gateway will connect out on the following ports:
1700 (UDP)  to host router.us.tti.v3.conserv.io - This is the port our gateway uses to send sensor messages.  Outbound access on this port is required for sensor messages to be sent successfully.  The gateway will connect to  via this port.
1883 / 8883 (TCP and UDP) to host gateway-oam.tektelic.com - These are the ports our gateway uses to connect its MQTT connection, used for gateway statistics and extended system health information.  Sensor messages will still be sent if this port is blocked, but some extra information used for troubleshooting by Conserv support will not.  We may ask you to open this port if we are working on an issue together.
ICMP (Ping) to host 8.8.8.8 - Our gateway uses a "ping" request to Google's DNS servers to determine whether or not the ethernet connection has internet access.  If the gateway is unable to ping this address, the gateway will continue to route traffic over its cellular connection even when the ethernet cable is plugged in.

Open ports on the Conserv Gateway

Conserv gateways ship with most services disabled for security purposes.  The one exception to this is SSH, or Secure Shell, access.  SSH is occasionally used by Conserv to assist local IT teams in troubleshooting the gateway.  SSH access to the gateway is secured with a complex set of credentials.

If corporate policy requires that all ports on devices be closed, please contact Conserv support and we can disable that port on your gateway.  Note that this might make it harder for Conserv to support you in the future.  As an alternative, you can consider putting the gateway onto a separate VLAN to isolate it from the rest of your network.