The gateway facilitates communication between the cloud-based security system and on-site devices.
Download the Gateway Installation PDF.
For reference, download the Intel NUC8CCHK/NUC8CCHB Technical Product Specification.
Contents
The following items are included in the box when receiving a gateway.
- One (1) gateway unit
- One (1) sticker label containing the System ID
- One (1) power cord
- One (1) power adapter
- Four (4) rubber feet
- Mounting screws
Only the power and Ethernet ports will be used. Other ports (HDMI and USB) are disabled.
Gateway Installation
Before installing the gateway, make note of its System ID. The System ID is printed on a label affixed to the gateway.
The gateway depends on the network being configured for DHCP. If a static IP address is needed for the gateway, it must be configured through MAC address mapping on the DHCP server.
Connect the Gateway
- Connect the gateway to an internet-accessible network. Use the Ethernet port located on the back of the gateway.
Proxies are not explicitly supported. If a proxy is implemented, it must be transparent to the gateway and downstream clients (i.e,. does not require any changes to client trusted certificates or configuration changes to use the proxy).
This port is only used for internet access. Do not connect access controllers to the Ethernet port.
- Connect the gateway to power.
- Power on the gateway.
After being connected and powered on, the gateway communicates over the internet. All connections that the gateway establishes are outbound. The firewall does not need any ports opened for inbound connections.
Configure the Gateway
- In Elements, on the Devices page, add the gateway by selecting .
- Enter a Name for the gateway.
- Enter the System ID.
- Select Save.
Status
The gateway has a single LED to indicate the status of the gateway.
Single LED Behavior | Status |
---|---|
Fast blinking white | Initialization |
Fast blinking red | No network connection or IP address |
Double blinking red | System registration service unreachable or no internet connection (IP address assigned) |
Blinking yellow | System registration service reachable, not connected to IoT |
Alternate blinking red, yellow | Lost connection to IoT Hub |
Steady green | Gateway operational |
LED off | Gateway powered off |
Training video: Gateway LED Status Sequence
Architecture
Application and service connectivity information is provided so that the network may be secured.
High level architecture diagram
Security
Limit access to the network by enabling a firewall to secure ports and endpoints.
Communication for the Gateway
Outgoing: HTTPS (TCP 443) and MQTTS (TCP 8883)
Endpoints:
- deviceregistration.elementssecure.com:443
- deviceregistration.elementslive.net:443
- elements-prd-ioth.azure-devices.net:8883
- elementsprdsa.blob.core.windows.net:443
- gatewayfirmware.elementssecure.com:443
- gatewayimages.elementssecure.com:443
Communication for Video
Communication with Milestone services from the Elements gateway is done on following ports:
- Milestone OnvifServer Default Port: TCP 580
- Milestone OnvifServer Default Port: TCP 554
- Milestone Recording Server Default Port: TCP 7563
- Milestone XProtect Configuration Server: TCP 80, 443
Configure the network infrastructure to allow connections to and from the above addresses on the following ports:
- stun:global.stun.twilio.com
- turn:global.turn.twilio.com
- Port 3478 - Protocol: STUN, TURN UDP
- Port 443 - Protocol: TURN TLS
- Ports range 10000 - 60000 - Protocol: UDP/SRTP/SRTC