Network architecture
- All 'on-site' operations are fully independent from network or internet connection.
- When user is connecting from local network, all communication between mobile phone / tablet and control unit is performed within local network. Fully independent from internet connection.
- When user is connecting remotely (outside LAN) TapHome Cloud server is used to initiate and securely forward data between user and control unit (public IP address is not required). All decisions are left on control unit. Also, it is possible to setup remote connection without using TapHome servers.
Online vs Offline
TapHome provides the best of 2 worlds: fully functional and autonomous in offline mode and zero-configuration and safety of remote access via cloud.
Offline mode | Online mode | |
|---|---|---|
Basic usage | ✅ | ✅ |
Initial setup | ✅ | ❌ |
Configuration everything | ✅ | ✅ |
Firmware updates (modules, control unit) | ✅ | ✅ |
Storage of historical data | limited to 3 hours | ✅ unlimited |
Global vs local accounts
Global accounts are the preferred way of connecting to location. It is unique combination of email and password. If forgotten, password can be reset by sending temporary password to user's email, e.g.:name@gmail.com / password.
Local accounts are predefined by owner of the installation, and can be reused, e.g. hotel room. e.g. admin / admin, room432 / uQ492i.
Global account e.g. john.smith@gmail.com | Local account e.g. admin / admin | |
|---|---|---|
Possibility to login without creating personalised account | ❌ | ✅ Useful for hotel rooms |
Possibility to reset forgotten password | ✅ | ❌ |
Possibility to change password | ✅ | ✅ |
Possibility to switch between installations | ✅ | ❌ |
No internet access required on initial login | ❌ | ✅ |
For more info check Users and Permissions: https://taphome.com/sk/support/85721089.
Local connection
Mobile app inside LAN
Mobile app | No intermediate server | Control unit |
|---|---|---|
Listens to broadcasts of control unit to quickly connect to it, even if its IP address was changed
| ← Direct communication → | Control unit broadcasts its identification data for fast detection for apps in local network
|
Firewall settings
Recommended settings
- outgoing TCP connections from Taphome Core to all IPs (all ports)
Minimum settings
- outgoing connections from Taphome Core to:
TCP
cloudapi.taphome.com (port: 80, 443)
tunnel1.taphome.com (port: 80, 443)
tunnel2.taphome.com (port: 80, 443)
TapHomeUpgradesCore.azurewebsites.com (port: 80, 443)
coreupgrade.taphome.com (port: 80, 443)
miscutils.taphome.com (port: 80, 443)
miscutils.azurewebsites.com (port: 80, 443)
NTP
pool.ntp.org
Tunnelling server
Provides bridge between app outside local network and control unit. No data is stored on this server, it only provides secure tunnel between client applications (that are not present in local network) and control unit.
Mobile app outside LAN
Mobile app | Microsoft Azure Cloud | Control unit |
|---|---|---|
App outside local network initiates safe connection with tunnelling server
| → TUNNELLING SERVER ←
| Control unit initiates safe connection with tunnelling server
|
First login using global account (email and password) | → TapHome API SERVER
| Control unit has final word to accept or decline connection from global account |
Storage of historical data
When you enable storing of values or statistics of specified devices, short-term data are stored inside control unit for a limited time. If control unit is connected to internet, it collects the data, optimizes it and sends it to Storage Cloud Server.
Table below shows how long the data is stored:
Offline | Online | |
|---|---|---|
Instant values | up to 5 hours | Unlimited |
Hourly statistics | up to 7 days | Unlimited |
Daily statistics | up to 365 days | Unlimited |
Advantages of a cloud backend
- No IP address setup is required, it is not necessary to go into router settings
- Internet provider or router can be changed with no need to change anything in configuration
- Highest possible security, customer’s IP address is not visible from public Internet
- Perfect uptime and global reachability. TapHome uses Microsoft Azure, one of the best cloud providers in the world.
TapHome provides cloud backend for free.
Privacy
Data is stored in the cloud only if the Global account is used and device value history has been enabled by the user. In such case, the data is linked to the account name.
The account name can be a random text, virtual email or a real email. The only situation in which the stored statistical data can be linked with a person is when the account name is a real email and it contains the name of the user.
Service server
OPTIONAL
- Update the Linux components of the control unit
- Automatic bi-weekly deposits
- SSH encrypted connection, port number: random (unprivileged)
- DNS: service.taphome.com
Alternative connectivity scenarios (optional)
Setup static IP Address Manually via TapHome Application (version 2019.x and above):
- Go to Settings → My Location → Network Setting → uncheck Enable DHCP.
- Type new static IP for Core. You can also edit Network mask, gateway and DNS Server. Please make sure that new static IP address is out of range of dynamically assignable IP addresses used by router.
- Confirm changes by "Save network settings and restart" button. After restart the new settings become working.
Set static IP address in DHCP settings of the router and use Dyn DNS service to connect directly:
- Go to router settings and create DHCP Static IP reservation for TapHome Core. For this option TapHome Core mac address is required.
Other:
- VPN can be used as well
- Core can be completely disconnected from local network and it would be controlled with light / blind switches or Multi-zone Controller.