Rachio 2 WIFI Issues with Mesh TP-Link APs


I tried to contact Rachio tech support, but it seems takes forever to reply. Really disappointed at the snail speed response from Rachio.

I got a Rachio 2 recently, however, it just won’t connect to my WIFI. It was stuck at the flashing 3rd light. Cannot connect to Rachio servers.

I am using TP-Link Access Points EAP225. When I was reading the forum, I think it is same as this one:

Not sure if anyone has similar issues with mesh network?

My RouteThis code is EZZXH3A5

Thanks so much!

Looks like there is a firewall and OpenWRT. I would start with the firewall.

And maybe try updating OpenWRT to the latest firmware?

Just curious why you are running that?


so I just need to open 53 for my Rachio?
OpenWRT is on the latest firmware.

I am running my all in one home server, thus esxi with OpenWrt, NAS, Windows, etc…

I have similar home setup, virtual everything, three EAP225 APs, etc. difference is that I’m using pfsence and network access is hardwired to my APs (instead of any sort of mesh). Just to be clear, there is roaming at my home, but traffic goes to the switch via a wired cable, rather then WiFi relay.

Are you using omada controller with your APs?

yep, I am using omada controller with my APs. one AP is hard wired to my NIC, the other one is on mesh(downstream to the main AP).

so after I opened the port 53 directly for Rachio 2, I was able to get it working.

@franz Do I have to keep this port always open? or I can close the port now?

Having a port open, is not the same as forwarding the port. Port 53 (DNS) should not be blocked or forwarded. Which setting within OpenWrt have you used?

This problem has arisen numerous times, and it seems to me it’s caused by bad behavior on both sides.

On the customer side, what possible benefit do you see by blocking a request to e.g. Google DNS? If the request is legitimate, that causes a device or app to fail for no good reason. If malicious, the malware can accomplish the lookup with DoH, which is not possible for a home or small business system to block.

On the Rachio side, the firmware should use the DNS server(s) supplied via DHCP, in addition to its hard coded servers. If a query fails for any reason (no response, refused, non-existent domain, etc.), the next server in sequence should be tried. The overall request should not fail unless each server has been tried at least twice.

1 Like