Lumi Network Whitelisting
Sometimes internal network security and firewalls block access to the Lumi platform.
This includes VPNs connecting to secured networks.
We recommend participants to turn off their VPNs to access the Lumi platform.
If your internal firewalls block the Lumi platform, please follow these instructions:
For the Lumi platform to be operational on your network, please whitelist the following domains:*.lumiagm.com and *.lumireactor.com
Here is a list of the ports in-use: 80 (HTTP) and 443 (HTTPS) for dashboard and all clients (80 is only used to perform a HTTP 301 redirect to the HTTPS port). Lumi never transmits data over unencrypted channels. All data to/from our systems is encrypted in-transit.
Lumi AGM is also not compatible with Internet Explorer.
Firefox, Chrome, Safari and Edge are supported.
Lumi AGM make use of persistent TCP connections to enable the server to push state changes directly to the client (polls, messaging etc). In the case of the dashboard and the HTML web apps, this is done through a WebSocket connection on port 443 (HTTPS). The persistent connection is a requirement for all clients; there is no “fall back” to a non-persistent connection mechanism. Therefore, customers’ networks must allow for these sorts of connections otherwise operation will fail. Proxy servers or firewalls that disallow connections of this type should be configured to allow them for Lumi AGM.
Why can't Lumi give us a list or block of IP addresses for us to whitelist?
Unfortunately, whitelisting by IP address(es) is not possible because our servers make use of redundant load balancers whose IP addresses are subject to change without notice. Because of this, they must be referred to by their DNS names. Much of the content that is delivered to our clients comes from our AWS CloudFront CDN. This content must be referred to by DNS name because the content is stored on many edge node servers and two clients will access this content from completely different IPs depending on their physical geography.