Network
- If possible, the reader-controllers should be in a dedicated subnet or VLAN.
- This is not a requirement, but can be considered a best practice for IoT style devices.
- High traffic devices (such as IP cameras) that share the same subnet as reader-controllers may negatively impact the controller’s ability to maintain a stable path of communication with Pure Access.
- The PoE switch should have enough power to run all ports and account for in-rush.
- We recommend the ethernet cable length does not exceed 100 feet unless a PoE injector is in use at the reader-controller. See pages 13-14 of the installation manual for more information.
Port Speeds
We recommend that the network switch/switches your ISONAS reader controllers are running on are set to 10Mb full duplex and that auto-negotiate is disabled.
Firewall
- If Intrusion Detection and Prevention is enabled, double check the firewall logs for dropped packets with a source IP that matches a device and create bypass rules as needed.
- A firewall egress rule allowing the IP addresses of the devices is required.
- Note: The devices do not proxy.
- Multiple NATs and multiple firewalls are strongly discouraged as they can cause communication issues for the ISONAS devices.
- If these must be used for security purposes, ensure that all rules are configured properly and that the IP address and ports are free to communicate through the multiple layers of firewall and/or NAT.