Gen2, WiFi connected but never connects to cloud

I’ve got a brand new gen 2 Rachio, and I’m successful in getting it connected to my WiFi (2nd light goes solid), but not in getting it to connect to the cloud server (3rd light blinks and never goes solid).

I know it’s connected to the WiFi, because I can see its DHCP lease and I can ping it successfully.

I have no firewall blocking outbound connections, but the tech that I spoke with on the phone indicated that the cloud server actually connects to the Rachio. I find this difficult to believe, as that would require firewall ports open and forwarded, static DHCP leases, etc, all of which would be beyond many home users.

I noticed that the SSL certificate is incorrect for but that doesn’t necessarily prove anything. The device may simply ignore any SSL errors it encounters.

What else might I want to check?

@godefroi - I just happened to be outside where my Gen 2 is installed, which has been installed for a year, and it is doing the same thing and occasionally dropping back to the second light to retry there. Obviously, my internet is up as I’m submitting this reply. I’ll check in the morning and bounce things as appropriate, but it may be a cloud issue.

@franz - comments?

1 Like


Can you PM me your serial number?



@godefroi - From the device log my Gen 2 power cycled last night and was connected this morning. Did your device connect?

As of this morning, the device has not yet connected.

@godefroi - it looks like Rachio may have been pushing out a firmware update (getting ready for V3?), as I think there another post with a device that is not updating.

Did you private message (PM) your device serial number to @Franz?

What is your WiFi signal strength at your Rachio installation?

I might try to unplug the Rachio and let it power cycle as when my device power cycled it connected.

This is not the case.

We believe it is something in the network the controller is trying to connect to. Our internal team will be working on this. It could be due to a firewall or other custom network settings.


1 Like

@franz - thanks for clarifying as my machine was having issues at the same time, but is working now. With the power cycle my device documented I was assuming (we know the derivation of that) that there was a firmware push. That is also why I was asking for the notification of firmware update in the device log in the other post.

@DLane yeah, they have the serial number. It’s never successfully (that I can see) connected to the cloud, so I really doubt it could be attempting to flash a new firmware.

They’re hard at work on it, and the customer service is fantastic.


@godefroi - sound like you’re in good hands. I’ll leave it to @franz and crew.

Welcome to the community. Sorry the OOBE wasn’t flawless, but like you said:

Progress, maybe.

I went and purchased another WiFi extender (Linksys AC1200), with no improvement. I’ve now tried no extender, a Linksys extender, and a Buffalo device running DD-WRT in extender mode.

In desperation, I installed the app on a tablet and used my phone as a hotspot. In this configuration, the controller successfully connected to the cloud. This is good, I guess, as it proves that the hardware itself isn’t completely broken.

Once I did this, I did a WiFi reset and attempted to connect again using the Linksys extender, and it did not work.

I am beginning to agree with support that there is something about my pfSense firewall/router setup that the Rachio does not like. My current understanding is that the Rachio simply connects via MQTT (looks like HTTPS to the router) to and nothing else. Is this accurate? Is there something else that I can configure the firewall to do/pass/ignore/whatever?

And, I fixed it.

The problem wasn’t with my pfSense device, it was with the (possibly odd) DNS setup on my network here.

I run a Windows Domain here at home, and so I have the domain controller set as the primary DNS in the DHCP setup. For queries that cannot be satisfied by the domain controller, clients are redirected to the pfSense device, which has a caching DNS resolver configured. When I created a static DHCP mapping for the Rachio device and configured the DNS special just for it to ignore the domain controller and use the pfSense device as the DNS server, everything started working.

I have two theories on what’s going on. First possibility is that Samba (which I currently use as my domain controller) is misbehaving, and the Rachio is not being redirected to the pfSense device for its DNS queries. The second possibility is that the Rachio device is just plain incompatible with this sort of two-layer DNS setup, and it wouldn’t work even with a real Windows domain controller.

Either way, it’s working now. If Rachio would like to use my setup as a testbed for firmware improvements, I’m happy to cooperate to improve the product.


@godefroi - nicely done. I would think a quick Wireshark (or similar) session would figure out where the DNS was taking a left - if you’re that curious.

How interesting. Did our support team have you run through the RouteThis process? I would be curious to see the results from that…

@DLane - Probably. My pfSense firewall supposedly can capture packet traces, but I wasn’t seeing any activity at all. Now, I think, I probably know why; the Rachio was never querying the firewall’s DNS resolver, and was never making it far enough to actually make the https request. What was terribly confusing to me before is now perfectly clear:)

@mckynzee - They did. I’ll PM you my key.

1 Like

Great, thanks @godefroi!