Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fully isolated LAN only communication, without Mi Home #1049

Open
pcmester opened this issue May 18, 2021 · 12 comments
Open

Fully isolated LAN only communication, without Mi Home #1049

pcmester opened this issue May 18, 2021 · 12 comments

Comments

@pcmester
Copy link

Is your feature request related to a problem? Please describe.
Starting from 2019, Xiaomi devices started to reset the token after connecting to the WiFi network. Before that, I could have connected without Mi Home, just using miiocli from the node package, miio. Some says, that if the network is VLAN isolated, the problem isn't present, but it is. My network is in a VLAN, isolated from WAN, communicates only to and from LAN.

Describe the solution you'd like
I would like to look for a solution that makes it possible not to use Mi Home, and have the devices fully isolated from the WAN network

@gorbypark
Copy link

gorbypark commented Jun 7, 2021

I have an Xiaomi air purifier and vacuum (vacuum doesn't work with Home Assistant but it stays connected to the AP and the token doesn't change) that is in a house that has no internet connection but has a WiFi network for Home Assistant and a few other devices. I was able to trick the air purifier/vacuum into connecting to the WiFi network with no internet connection by turning off the router, naming my phone's internet sharing (tethering) name and password the same as the router, connecting the air purifier/vacuum to my phone using the Mi Home app, and then when everything is setup, turn off the phone tethering and turn on the router. The air purifier and vacuum seems to have connected to the original AP with no internet connection, and I can use the various methods to get the tokens from Xiaomi's servers. It's been a week and the air purifier is still working with Home Assistant, so I think the token only changes when you actually force reset the WiFi connection to something new...

Unfortunately it requires a connection to get setup, but seems to work without one after that initial setup.

@anonymous-one
Copy link

anonymous-one commented Jun 10, 2021

I can confirm this method works fine with both the xiaomi air purifiers as well as my 1C vacuum.

Initial setup on xiaomi's cloud, pull the token, once everything is working locally, isolate it from WAN access. I have had my air purifiers running like this for a couple of years now no problem. The 1C vacuum I have just bought but so far 1 week no problem.

I have a xiaomi humidifer that does not like this. After some time, it will stop responding to locally issued commands (via miiocli) unless it has WAN access.

EDIT : Most probably know this, but I'll restate... if it all possible isolate all your iot devices from accessing the WAN unless you need 'their' cloud for something... When at all possible I even go as far as blocking dns access so the device is completly in the dark as far as WAN connectivity is concerned.

I have an Xiaomi air purifier and vacuum (vacuum doesn't work with Home Assistant but it stays connected to the AP and the token doesn't change) that is in a house that has no internet connection but has a WiFi network for Home Assistant and a few other devices. I was able to trick the air purifier/vacuum into connecting to the WiFi network with no internet connection by turning off the router, naming my phone's internet sharing (tethering) name and password the same as the router, connecting the air purifier/vacuum to my phone using the Mi Home app, and then when everything is setup, turn off the phone tethering and turn on the router. The air purifier and vacuum seems to have connected to the original AP with no internet connection, and I can use the various methods to get the tokens from Xiaomi's servers. It's been a week and the air purifier is still working with Home Assistant, so I think the token only changes when you actually force reset the WiFi connection to something new...

Unfortunately it requires a connection to get setup, but seems to work without one after that initial setup.

@valpackett
Copy link
Contributor

valpackett commented Aug 31, 2021

Related: #334qmi.powerstrip.v1 not updating status (metrics) when the cloud is not responding (but control always works fine).

I made https://codeberg.org/valpackett/micloudfaker to replace the cloud (turns out the power strip only needs the "cloud" to respond to pings, all other messages can be ignored by the cloud). I wonder if this might be enough for your humidifier as well.

@szymucha94
Copy link

szymucha94 commented Nov 20, 2022

Related: #334qmi.powerstrip.v1 not updating status (metrics) when the cloud is not responding (but control always works fine).

I made https://github.com/unrelentingtech/micloudfaker to replace the cloud (turns out the power strip only needs the "cloud" to respond to pings, all other messages can be ignored by the cloud). I wonder if this might be enough for your humidifier as well.

Sorry for digging up long dead topic, but just in case someone reads this in the future :) This doesn't work for any modern (2020+) xiaomi device. Oldest ones I can note are air purifier 3h and air humidifier 2. Anything that connects to the cloud via https has to perform ssl handshake to bother about (encrypted!) heartbeats. No handshake - wifi reconnects every 15 minutes. Sending tcp/udp rejects, dropping traffic, even redirecting https traffic to netcat listening on 443 just to allow device to get response to tcp syn doesn't change this behavior. Unless someone can develop basic dummy server that supports ssl and uses mijia cloud's private key I don't think there is anything that we can do.
Thankfully wifi reconnects are pretty quick and it's easy to just resend command after reconnect in HA.

@Silicon51
Copy link

@szymucha94 thanks for that comment! I have this issue without any traffic restriction on my router (yet), and it really reconnects in few seconds. I just wonder why this happened to me when I still have connection to Xiaomi server. Do you have any idea?
BTW how did you figure it out?

@szymucha94
Copy link

szymucha94 commented Oct 18, 2023

@Silicon51 dump the traffic between xiaomi device and AP with tcpdump (on router's 2.4GHz wlan interface) and check it in wireshark. For me it's easy because my router (ap) has openwrt, so it's just a matter of installing tcpdump with opkg and downloading the dump file with ssh.
What access point do you have?

@tonyich
Copy link

tonyich commented Dec 15, 2023

Hello. I have purifier Pro, and AP with OpenWRT.
When I reset-to-default the device and connect to xiaomi's WiFi I can get token (from here):

OpenWrt:~$echo -ne '\x21\x31\x00\x20\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff' |nc -u 192.168.13.1 54321 > ./asnwer
OpenWrt:~$hexdump -s 16 -e '"token: " 16/1 "%02x" "\n"' ./asnwer
token: c6...mysecrettoken...f2b

And then connect it to my WiFi (via python):

OpenWrt:/$ python3
>>> import miio
>>> puri=miio.device.Device('192.168.13.1','c6...mysecrettoken...f2b')
>>> puri.configure_wifi('SSID','password')
'ok'
>>> exit()

It join my net, I can ping it, but in tcpdump I don't see nothing like as new token.
Because nothing not changed except ip, i think that token depends from ip.
Any thoughts on how to get a new token after connecting to the new network?

UPD: Some additional info.
After connect to lan:

$ miiocli discover
INFO:miio.miioprotocol:Sending discovery to <broadcast> with timeout of 5s..
INFO:miio.miioprotocol:Discovery done
INFO:miio.discovery:Discovering devices with mDNS for 5 seconds...
INFO:miio.discovery:Found a supported 'AirPurifier' at 192.168.1.206 - token: 00000000000000000000000000000000

Captured packets from device to Destination: ot.io.mi.com (20.47.118.125) contains
2131 0020 ffffffff ffffffff 000076150000000012a09ed298d701209ca31200
2131 0020 ffffffff ffffffff 0000767e0000000012a09ed298d7012094b91200
2131 0020 ffffffff ffffffff 0000767e0000000012a09ed298d7012094b91200

@mguentner
Copy link

@tonyich You might be able to liberate your device: https://github.com/dhewg/esphome-miot
The 4 Pro is currently not supported but shouldn't be too hard if it is the same platform as the 4 and 4 Lite.

@sjkjs
Copy link

sjkjs commented Mar 6, 2024

@tonyich You might be able to liberate your device: https://github.com/dhewg/esphome-miot The 4 Pro is currently not supported but shouldn't be too hard if it is the same platform as the 4 and 4 Lite.

Thanks for posting this. I never would have found it otherwise. It doesn't seem to show up in search results even when specifically searching for it.

I can confirm that it works on a 4 Lite, and not only fixes the requirement to have internet access, but it also fixes the bug in the Xiaomi firmware that prevents the device from responding to hosts in a different subnet.

@rytilahti
Copy link
Owner

That project looks interesting! Feel free to create a PR to add it to the "other related projects" section of the README file, maybe that will help make it more discoverable.

@helgek
Copy link

helgek commented Apr 5, 2024

@rytilahti I submitted a change proposal

@rytilahti
Copy link
Owner

@helgek sorry, I couldn't find your proposal, would you mind linking it here?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests