Search
MENU
  • Expressions / Script language
  • Users and Permissions
  • Backup, restore, reset to factory settings
  • Software release notes
  • Network architecture

    1. All 'on-site' operations are fully independent from network or internet connection.
    2. When user is connecting from local network, all communication between mobile phone / tablet and control unit is performed within local network. Fully independent from internet connection.
    3. When user is connecting remotely (outside LAN) TapHome Cloud server is used to initiate and securely forward data between user and control unit (public IP address is not required). All decisions are left on control unit. Also, it is possible to setup remote connection without using TapHome servers.

    TapHome account vs. local account

    TapHome accounts are the preferred way to connect to a location. It logs in with an email and password, authentication is performed by the TapHome cloud server, which also returns a list of locations that the account has access to. A TapHome account can have remote access to a location enabled or disabled.

    Local accounts are predefined by the device owner and can be reused, e.g. Hotel room. e.g. admin / admin, room432 / uQ492i. Authentication takes place directly in the control unit, so this login method will work independently of the TapHome cloud servers. Local accounts are denied remote access to the site. In practice, local accounts are not of much use.

    For more info check Users and Permissions: https://taphome.com/sk/support/85721089.

    Online vs Offline

    TapHome provides the best of 2 worlds: fully functional and autonomous in offline mode and zero-configuration and safety of remote access via cloud.

    Local connection

    When both the user and the control unit are in the same local network, all communication takes place without any servers or Internet access.

    Mobile app

    No intermediate server

    Control unit

    Listens to broadcasts of control unit to quickly connect to it, even if its IP address was changed

    • HTTP socket, Port 80

    ← Direct communication →

    Control unit broadcasts its identification data for fast detection for apps in local network

    • Port 80
    • IP address can be obtained by router via its DHCP service or manually as static IP via TapHome application or static IP address reservation on router side
    • Possible to create autonomous remote access using Dynamic DNS, Static IP or VPN

    Remote access via tunneling server

    The tunneling server provides a secure Internet bridging (tunnel) between the application and the control unit - if they are not located in the same local network. No data is stored on this server.

    Mobile app outside LAN

    Mobile app

    Microsoft Azure Cloud

    Control unit

    App outside local network initiates safe connection with tunnelling server

    • HTTPS socket, port 443
    • SSL encryption

    → TUNNELLING SERVER ←

    • Provides basic authentication
    • Minimalistic infrastructure, therefore costs are extremely low and this service can be offered for free

    Control unit initiates safe connection with tunnelling server

    • HTTPS socket, port 443
    • SSL encryption
    • Not visible on internet, therefore lower probability of internet attack

    First login with TapHome account (email and password)

    → TapHome API SERVER

    • Authentication of email and password
    • Get list of available locations

    The controller has the final say on accepting or rejecting the connection from the TapHome account

    Firewall settings

    Recommended settings

    Allow outgoing TCP connections from Taphome Core to all IPs (all ports)

    Minimum settings

    Allow outgoing connections from Taphome Core to:

    TCP
    cloudapi.taphome.com (port: 80, 443)
    tunnel1.taphome.com (port: 80, 443)
    tunnel2.taphome.com (port: 80, 443)

    TapHomeUpgradesCore.azurewebsites.com (port: 80, 443)
    coreupgrade.taphome.com (port: 80, 443)

    miscutils.taphome.com (port: 80, 443)
    miscutils.azurewebsites.com (port: 80, 443)

    NTP
    pool.ntp.org

    Storage of historical data

    When you enable storing of values or statistics of specified devices, short-term data are stored inside control unit for a limited time. If control unit is connected to internet, it collects the data, optimizes it and sends it to Storage Cloud Server.

    Table below shows how long the data is stored:


    Offline

    Online

    Instant values

    up to 5 hours

    Unlimited

    Hourly statistics

    up to 7 days

    Unlimited

    Daily statistics

    up to 365 days

    Unlimited

    Advantages of a cloud backend

    1. No IP address setting required, no need to change router settings
    2. If the ISP replaces the router, no configuration change is required in TapHome
    3. Internet security - the IP address of the controller is not visible from the public internet
    4. Reliable servers with global availability - TapHome uses Microsoft Azure, one of the world's top cloud service providers.

    TapHome provides cloud backend for free.

    Privacy

    Data is only stored in the cloud if a TapHome account is used and the user has enabled the history of device values. In this case, the data is linked to the account name.

    The account name can be a random text, a virtual email or a real email. The only situation in which stored statistics can be linked to a person is if the account name is a real email and contains the user's name.

    Service server

    OPTIONAL

    • Update the Linux components of the control unit
    • Automatic bi-weekly deposits
    • SSH encrypted connection, port number: random (unprivileged)
    • DNS: service.taphome.com

    Alternative connectivity scenarios (optional)

    Setup static IP Address Manually via TapHome Application (version 2019.x and above):

    • Go to Settings → My Location → Network Setting → uncheck Enable DHCP.
    • Type new static IP for Core. You can also edit Network mask, gateway and DNS Server. Please make sure that new static IP address is out of range of dynamically assignable IP addresses used by router.
    • Confirm changes by "Save network settings and restart" button. After restart the new settings become working.


    Set static IP address in DHCP settings of the router and use Dyn DNS service to connect directly:

    • Go to router settings and create DHCP Static IP reservation for TapHome Core. For this option TapHome Core mac address is required.


    Other:

    • VPN can be used as well
    • Core can be completely disconnected from local network and it would be controlled with light / blind switches or Multi-zone Controller.