The zencontrol Onsite tool communicates with the zencontrol control systems via TLS over the local network. This article assumes that the site is commissioned online and later switches to using the onsite software (see: What are the network requirements for cloud connected devices?).
The site's network must be synchronised with an NTP server in order for scheduled events to happen simultaneously and to facilitate secure communications. The most robust way to provide this is to map ntp.buildinglogin.com to your local NTP server at the router level.
It is recommended that the network enables ICMP types 0, 3 and 8 to allow for network diagnostics and discovery of control systems, and that static IP Addresses are assigned either at the router level via static assignment by MAC address or directly at the control system. The Onsite software doesn't automatically resolve issues which are caused by control systems moving IP addresses when on DHCP.
It's also recommended that any aggressive QoS settings on switches are configured not to throttle or otherwise interfere with traffic from zencontrol controllers or between the zencontrol head end and zencontrol controllers.
The onsite tool must have a route or otherwise have local network access to all control systems which it needs to supervise.
The following table shows the required ports that must be enabled within the local area network:
|C2C MNCP||Controller||5110||TCP/UDP||Internal||MNCP 2.0 & TLS 1.2 PSK|
|Onsite MNCP||Controller||5113||TCP||Internal||MNCP 2.0 & TLS 1.2 PKI|
|API||Controller||5108||UDP||Internal||Third Party Interface|
Multicast groups (IGMP)
Additional internal C2C communication takes place over 18.104.22.168. Further multicast groups for creating logical zones of control systems may be added via commissioning, and these should also be communicated to the network administrator.
Article is closed for comments.