Subnets

The gateway has two independent network interfaces: The uplink network and the anchor network.

Uplink network

The uplink network is used to connect the gateway to your home or company network. On the gateway this is the physical ethernet port labeled LAN1 or UPLINK. Through this port, the gateway is expected to reach the internet. By default the gateway will request an IP address from the DHCP server running on this network, but it’s also possible to define a static IP address for the gateway.

Anchor network

The anchor network is used to connect the anchors to the gateway. The ethernet ports labeled ANCHOR NETWORK on the gateway are internally all connected and are used for the anchor network. It is strongly recommended that only anchors (and network switches) are connected to this network. On the anchor network of the gateway, a DHCP server is configured which assigns IP addresses within the subnetwork 10.0.0.1/24. When a device is connected to the anchor network, it will receive an IP address from the gateway, and it will be able to access the gateway through the static IP address 10.0.0.254.

Sometimes, it may occur that the subnet 10.0.0.1/24 is already in use for a different application. This is fine and will work if the anchor network is physically separated from the other network. Although if this is not the case and switches are shared for different applications, VLANs need to be configured on the switches. This will give problems if the subnet or any overlapping subnet is used in another part of the network. In these situations we can configure a different subnet on the gateway for the anchor network, contact us on enterprise@pozyx.io.

Ports

For a proper operation of the Pozyx system from the cloud, make sure that the correct ports are opened if you are using a firewall. The Gateway: Info page in the web application will highlight the required ports in green if they are accessible, or in red otherwise. The following ports are used:

Port number

Type

Direction

Purpose

443

TCP

OUT

HTTPS and WSS

Required for usage of the Pozyx web application in the cloud and OpenVPN (the gateway needs to authenticate itself to our cloud and request a VPN certificate before it can establish a VPN connection to our VPN server).

123

UDP

OUT

NTP

Enables optional network system time synchronization. NTP is only needed for time synchronization with an already existing network. Internal synchronization of our RTLS (= synchronization of the clocks in the Pozyx anchors) does not require this.

1194

TCP/UDP1

OUT

OpenVPN

Required for remote support by Pozyx engineers.

53

TCP/UDP2

OUT

DNS

Required for usage of the Pozyx web application in the cloud and OpenVPN.


1 https://openvpn.net/faq/why-does-openvpn-use-udp-and-tcp/

2 https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/dns-works-on-tcp-and-udp