Skip to main content

OKM Networking Requirements for InVue Access / LIVE Access

Justin Gregory

Core Connectivity

  • The OKM must be connected via a hardwired Ethernet RJ45 cable. Wi‑Fi is not supported.

  • OKM requires Internet access over HTTPS on TCP port 443. Ensure outbound connections are allowed.

  • All traffic is secured with TLS 1.2 or higher.

IP Addressing and DNS

  • Provide DHCP on the OKM VLAN/subnet to assign IP address, subnet mask, default gateway, and DNS servers.

  • Static IP addressing is supported but recommended only when required; document assigned IP, mask, gateway, and DNS.

  • DNS resolution must be available for the OKM to reach InVue service endpoints.

Firewall and Proxy Rules

  • URLs to Whitelist

    • api.invue.com — ongoing OKM communications

    • invue-am.com — initial connection, resets, and updates

    • portal.invue.com — administrative web portal access (for browser clients)

    • invue.com, support.invue.com, connect.invue.com — product, support, and ordering (for browser clients)

  • If egress filtering is by IP, prefer hostname allowlists to accommodate CDN or IP changes. If IPs must be used, monitor for updates.

  • If an explicit proxy is required for outbound Internet access, allow CONNECT to the hostnames above on port 443 and exclude SSL inspection when possible.

Network Placement

  • The OKM may reside on any subnet with unrestricted outbound Internet access; it does not need access to internal corporate resources.

  • Latent or metered networks can affect performance; ensure stable connectivity with typical broadband characteristics (e.g., < 150 ms latency to Internet, minimal packet loss).

Access Controls

  • If MAC address filtering is enabled, add the OKM’s MAC address (printed on the device chassis) to the allowed list.

  • Update allowlists if the OKM hardware is replaced, as the MAC will change.

  • Enable DHCP with option 6 (DNS) pointing to resolvers that can reach public DNS.

  • Permit outbound TCP 443 to the listed hostnames; no inbound rules are required.

  • Disable captive portals on the OKM network or pre-authorize the device MAC.

Validation Checklist

Verify physical Ethernet link (link LED on switch and OKM).

Confirm DHCP lease provides IP, gateway, and DNS to the OKM.

Test DNS resolution for api.invue.com and invue-am.com.

Ensure outbound HTTPS (TCP 443) to required hostnames succeeds.

Add OKM MAC to any network access control lists.

Exempt traffic from SSL inspection if issues arise during updates.

Troubleshooting Tips

  • No connectivity after install: check switch port enabled, VLAN assignment, and that no captive portal is intercepting traffic.

  • Intermittent updates or pairing failures: verify outbound HTTPS is not rate limited or inspected; confirm DNS latency and packet loss are within normal ranges.

  • Hostname resolution errors: ensure DNS servers provided by DHCP can resolve public domains and are not blocked by local policies.

Related articles

Comments

0 comments

Please sign in to leave a comment.