Using dedicated guest WiFi restricted by MAC address and no internet access

[rchukka]

Lot of modern routers allow setting up dedicated guest WiFi with MAC filtering and mark it hidden (Unifi network or TPLink Extenders), in which case something like NodeRed flow can process MQTT data and forward via MQTT or REST to HomeAssistant?

Would this work without needing any additional reverse engineering?

NotReallyAnIssue

[flaviut]

Would this work without needing any additional reverse engineering?

Nope, but only because you can't use hidden SSIDs with the test mode I uncovered.

Having a hidden network also doesn't really help with security since you can use the test mode with a password-protected WiFi network. However, creating a segregated network for the Vue 2's test mode is a good idea, if only because the test mode does not support TLS MQTT & is vulnerable to man-in-the-middle attacks.

[Maelstrom96]

Also, if it's something that interests you, we're working on a ESPHome component that would allow you to flash the onboard chip for maximum flexibility/configurability. It's actually in a working state right now if you want to test that out.

[rchukka]

@flaviut That's unfortunate, I guess either way this device needs to be on isolated network to prevent work done so far getting nuked by "them".

@Maelstrom96 Does the component require soldering to flash? (I didn't see pictures of inside), I can try it assuming the process doesn't need any other equipment. (any link where I can read more about it?)

[flaviut]

The company behind this thing is unusually open to folks modifying it, there's a thread dedicated to reverse engineering it on the official forums, where I've posted links to this project. As far as I'm aware, those links are still there.

You don't need to solder to flash, but soldering does make it easier if you'll be flashing it a bunch of times, like while developing. As far as tools go, you need two things (no affiliation with any of the folks I'm linking to):

• UART/USB adapter like https://www.ebay.com/itm/313578857750
• male to female jumper wire like https://www.ebay.com/itm/234232880745

You might also need a 3.3V or 5V power supply, I think I was getting brownouts while programming mine. Perhaps something like https://www.ebay.com/itm/274903424910 (fully adjust the power BEFORE connecting it to the board), but there's a decent chance you can get away without one.

I forgot to take a picture of the PCB, but if someone else has one, please do upload it!

[krconv]

Here's the PCB; under those jumper cables is the debug header that we've been using for testing. As flaviut was saying, it would be possible to flash without any soldering; two things you might want to do before that is a) backup the old firmware and b) get the calibration data. When the ESPHome component is released, we'll probably write some documentation to make those steps more clear

[rchukka]

@krconv Is the white connector (beside the chip) wifi antenna that device came with? What's the bottom white plug, I assume you added it?

[flaviut]

@rchukka

The white cable with the gold connector is the WiFi antenna connector. It goes to the female SMA connector on the enclosure.

The 2x2 white connector at the bottom of the board is the voltage sensor/power supply connector. It pokes out the bottom of the enclosure. You connect it to the mains voltage when you plug it into your panel.

[Maelstrom96]

@krconv Is the white connector (beside the chip) wifi antenna that device came with? What's the bottom white plug, I assume you added it?

The connector just beside the ESP32 is indeed for the Wifi antenna, but it's just an extension cable to another connector that is attached to the plastic body of the Vue 2.

The bottom white plug is standard. It's for the line voltage harness, so the device can be powered and measure the voltage from your breaker panel. The only thing that is altered in this picture is the 2.54mm dupont header on top of the ESP32.