Io-homecontrol / velux - something's in the bush

(Georges Toth) #164

I just wanted to play with it but noticed that after I open the port once, the orange LED turns on and the port is closed and does not re-open again.
I nmap’ed the KLF200…
Rebooting the device gives an open port again; but then the same happens.

This is weird and I am wondering if this is a bug or intended @klf200developer ?


(KLF200 Developer) #165

We are now ready with our public API site for KLF200.

I hope you will find it usefull.

(KLF200 Developer) #166

Hi sim0nx

  1. Right now and in the future I can see, we have configuration web page in KLF200 as http on WiFi. But all you can don on that web page you can also do with the API in wiren LAN.
  2. Can you come a little closer. You connect to port 51200 socket, and then do? The LED you mention, is that on LAN connector?

(Georges Toth) #167

Hi klf200developer,

Ok that’s fine I guess.

I do a simple nmap port scan:

nmap -vvv -n -Pn -p 51200
So I just test if that port is open.
If I now reboot my device, LED on top is green. I try that, port is open, all good.
Then the LED turng orange (on top of the device).
Now if I do the same test again, port is closed and stays closed until I reboot it again.

Either there is a problem with my device (latest firmware), or it does not like me opening the port without initiating a real session :slight_smile: ?

I am happy to debug this if you tell me how (beta firmware is no problem either, just sayin…).

Thank you

(Tom T) #168


Check out this: on page 10 you will find the solution.

The Ethernet module establishes a TCP/IP server listening at port 51200. Up to two
sockets can be established at the same time on wired ethernet.
TCP/IP socket will be closed after 15 min, with no communication. The command
GW_GET_STATE_REQ can be used to ping KLF200 from time to time, to keep the socked

(Georges Toth) #169

Thnx milyma, I actually did. From my understanding you open a connection and in order for that to be kept open >15min, you have to send that keep-alive. I might be wrong here; but hopefully not as that would mean a lot of trouble.
Imagine your script or openhab-module crashes and you only notice when its too late and you are not able to remotely reboot your KLF200… hmm

(Erlend) #170

This is really great stuff!

Velux just took the step from being the most closed and hopeless vendor to one of the most usable one. And I might add, without some stupid cloud-solution which require my home to be connected to the internet to be able to control my actuators.

klf200dev: let whoever took the decision to make the full api, public without any restrictions, know that this is much appreciated. I also love the level of the documentation. This is thorough!

One question though:
Why the binary protocol? Personally, I like this approach with an effective and un-bloated protocol (and I like the challenge). However, I did expect to see something more “modern” in a product released in 2017. Are there any plans to make some HTTP (REST/whatever) backend for this API?

Due to the limit of two simultaneous connections, I believe implementation will be limited to HW-boxes with permanent power and network connections.

Anyways; thanks a lot!

(KLF200 Developer) #171

Hi sim0nx
I have testet with nmap and I am able to reproduce what you see. It looks like nmap open a socket, but don’t close it again. KLF200 has an timeout at 20 sec for that, So you don’t need to wait 15 minutes. :wink:
Here is my debug log:
[2018-10-09 13:19:15.895] . Setting up the SSL/TLS structure…
[2018-10-09 13:19:15.898] TLS library asked for [5] bytes
[2018-10-09 13:19:35.896] WIZLAN: no data for socket 4
[2018-10-09 13:19:35.896] network_tcp_receive failed with result : [2]
[2018-10-09 13:19:35.896] failed
[2018-10-09 13:19:35.896] ! mbedtls_ssl_handshake returned -0x2
[2018-10-09 13:19:35.899] WIZCHIP: socket 4 SR is SOCK_CLOSED
[2018-10-09 13:19:35.899] WIZLAN: socket 4 was disconnected.
[2018-10-09 13:19:35.899] WIZLAN: socket 4 is in listen state.
[2018-10-09 13:19:35.899] server_51200: mandatory disconnected socket 0

(Georges Toth) #172

Hi klf200developer,

The problem I see is that neither a second connection (as per API docs) is permitted, nor is the port ever opening again.
My device hasn’t been rebooted in a few days now, the port is still closed.

Any idea how to debug this further?

(Seeers) #173

I’m a bit confused now. Can I use the new version/API with a wired network connection?
I do not want to use WiFi.

(Guenther Schreiner) #174

The new API is available on WLAN and LAN. As far as I see, the recent
web interface (json) is currently only available on WLAN.



(Tom T) #175

you can access the gateway via the lan port. but you need to use the slip protocol

(Jens v. Høyer) #176

I notised you where searching for the firmware to the KLF 200, have a look at

(John Bakker) #177

Hi Tom,
i am a newby on this but updated my klf200 with success and even the configuration was still there and working.
But there is one problem i dont know how to solve, i want to connect over the lan to the webinterface of the klf200 in your post you are saying “you can access the gateway via the lan port. but you need to use the slip protocol” .
But how can i managed that ?, if i look at the settings of tcpip on the networkcard i dont see anything like slip or so.
Can you explin to me how to fix that ?

thanks in advance, Johnny

(Guenther Schreiner) #178

Hi John,

with the firmware v1 you have been able to use your webbrowser to access the nice Velux KLF200 configuration webpage either via the LAN port or the WLAN of the bridge device.

Starting with firmware v2, Velux decided for security reasons to disable the webpage on the LAN interface but leaves it accessible via the WLAN (for the time being). With this approach only geographicly-local users are able to use the KLF200.

To put it in a nutshell:
(a) firmware v1 = Web based configuration on LAN plus WLAN,
(b) firmware v2 = Web based configuration on WLAN, SLIP-based configuration on LAN.

Regards, Guenther

(John Bakker) #179

Hi Guenther,
thanks for the msg and taking the time for me to explain.
But this where the things that i already noted and is clear to me.
What i was asking is how can i install the slip protocol in a way that i can use it over the lan and use the webpage over lan instead of only wifi.
I known that slip has being used in the past for dialup connections but never heard of slip over lan, so if you has answers for me i would be glad to hear them.

Regards Johnny

(Guenther Schreiner) #180

Hi Johnny,

there are several ways to use the slip protocol:

  • Velux is providing some PHP scripts for dealing with this slip protocol,

  • And, of course, the Velux binding uses the slip protocol for controlling the KLF200.

But, if you’re looking for a plain web page, it could be established by a javascript

program - if anyone invests some time in it.

Regards, Guenther

(Kenth Jensen) #181

I have been playing with new API for the last couple of weeks in C# in a UWP project (Universal Windows Project) so it can run on a Raspberry Pi running Windows 10 IOT.

The new API is really well done, it is really nice to be able to open a window to any position without having to create a scene for it in advance.

It took me a while to get things running with the self signed certificates and to understand the protocol, but now when I learned all that, things are pretty easy.

I actually found an issue yesterday which I believe is a bug in the firmware:
Earlier when I logged into the device with GW_PASSWORD_ENTER_REQ I used the password velux123.
Yesterday I ran into some problems with the network settings, due to a problem in my router, and I tried to restore the KLF200 to the factory settings.
Now I suddently couldn’t log into the device with GW_PASSWORD_ENTER_REQ using this password anymore, even though I could log into the GUI when connected to the KLF200s wifi using this password.
After a lot of trial and errors I found out that after the restore factory settings I should now suddently use the wifi password instead in the GW_PASSWORD_ENTER_REQ, which looks something like 9X2DfxeafR

(Kim Andersen) #182

Great info Kenth.
I really look forward to the binding supporting the new Api…

(Guenther Schreiner) #183


if you are already on the new firmware, you could test the binding which is compliant to the v1 and v2 firmware.