Subnostr

OK, I think I have my Hue Bridge locked down. It’s on it’s own VLAN that allows mDNS and response to the LAN, but no other networks. I then have an NAT rule to redirect all NTP traffic to my firewall’s NTP server because it only wants to talk to ntp[1-4].aliyun.com (Alibaba’s NTP server in China).

HomeKit works. The Halloween app can talk to it still because that’s local traffic only. The Hue app is broken and I DGAF about that.

Anything I missed?

Reply to this note

Please Login to reply.

Discussion

sommerfeld 2y ago

You can only allow routing local traffic from LAN IPs that will actually control it like your phone. You don't want a rogue device potentially talking to your other local machines and servers.

Can it do any DNS queries?