Help

You need an SDA connector to use Secure Device Access. You can purchase the SMART CONNECT KNX Remote Access SDA connector from specialist electrical trade stores.

The Gira S1 and the Gira DCS-IP gateway are also supported.

The SDA connector manufacturer charges for the Secure Device Access. The licence for using Secure Device Access is normally included in the price for the SDA connector.

No KNX is required for Secure Device Access.

However, the combination between SMART CONNECT KNX Remote Access and the SDA client supports the KNX protocols particularly well. Some advanced features of SMART CONNECT KNX Remote Access require KNX. However, it will obviously also work without a KNX installation.

No, Secure Device Access makes remote access secure and easy. You simply connect the SDA connector to your Internet router and to the power supply. You can then access your devices from the outside via securedeviceaccess.net using the registration ID printed on it.

No, there is no need to register on our portal server. You can use your SDA connector via Quick Connect without registration using the affixed printed registration ID.

However, we recommend registration on our portal server immediately since it provides additional security and other advantages and functions.

Once you have linked your SDA connector to a portal account, no-one can access your devices with just the registration ID. However, you can still enable your device for other users and control who may have each particular right.

Yes, because this is the only way to gain remote access which is virtually always functional and does not require complicated configuration.

We take data protection seriously and server operation incurs costs. We would therefore rather not need to operate a server. But a Secure Device Access would not exist without a central server.

The server only saves the data which are absolutely essential for providing the service. Besides the data you specified during login and the data visible in the user interface, these include information on the volume and the point in time when the data volume was transferred.

The server does not save any user data.

We operate our server in Germany and comply with the stringent German and European data protection regulations.

HTTP access works well with most devices.

It is important that the device’s web server can be addressed using unencrypted HTTP and no other communication channels (via Java, JavaScript or browser plug-ins) can be used to bypass HTTP.

In our experience, there may be limitations to function in rare instances. It is often the case that not all video encodings are supported for web cams, for example. There are also devices that work better or worse depending on the browser used. In such cases, it is worthwhile trying out a different browser.

Quick Connect provides you with access to your SDA connector by simply entering the registration ID without needing to log into a portal.

Quick Connect is activated initially in a brand-new SDA connector. Quick Connect is automatically disabled after it is (optionally) linked to a portal account. Only registered portal users can access it after linking but only if you have explicitly allowed them to. Obviously, you can enable access via Quick Connect again at any time.

No, half of the registration ID is random. Third parties can neither guess them nor find them out through trial and error within a reasonable time period of time. You would be able to guess the six winning lottery numbers correctly 70,000 times before you would guess a registration ID.

However, the registration ID can, of course, be copied or photographed. But this is no longer a problem after the SDA connector has been linked to a portal.

You can only import a firmware version that is newer than the current version on the device. Previous versions cannot be imported.

There are two ways to update:

Import firmware automatically online
  1. Open the device website.
  2. Select “System” in the menu bar and then “Firmware update”. The system determines which firmware version is currently installed. If a new firmware version is available for the device it will be indicated to you.
  3. Click on the “Perform update” button.
Import firmware offline
  1. Download the current firmware version from www.ise.de.
  2. Open the device website.
  3. Select “System” in the menu bar and then “Firmware update”.
  4. Select the “Choose File” button.
  5. Select the desired firmware file in Explorer and confirm your selection by pressing the “Open” button.
  6. Click on the “Perform update” button.

Create own network (recommended)

This access type creates its own network between the client and the SMART CONNECT KNX Remote Access and provides additional security. The data volume is less than with the client’s direct participation in the network of the SMART CONNECT KNX Remote Access.

Direct participation in the network of the SMART CONNECT KNX Remote Access

The client will receive its own IP address in the network of the SMART CONNECT KNX Remote Access. The required data volume is higher than when using a private network between the client and the SMART CONNECT KNX Remote Access.

This setting is required for certain application purposes that do not allow any connections using “Create own network” – e.g. if you want to manage your Sonos system using the Sonos Windows app.

Important instructions:
  • The automatic IP address assignment must be activated via DHCP in the network of the SMART CONNECT KNX Remote Access.
  • An OpenVPN profile with this setting cannot be used with the OpenVPN Connect app for Windows, Android and iOS.

If yes, not only do you access the content in your target network, but you also send all other data such as web page views via the target network. The greater data volume can slow the VPN connection down. This setting is usually required in segmented networks.

If no, then only data exchange with the target network takes place via the VPN connection. Internet traffic passes directly through the router or the mobile network as usual.

You need an OpenVPN client to be able to access your home network via VPN. You use the VPN configuration file to establish the connection between this OpenVPN client and the SMART CONNECT KNX Remote Access.

Download the OpenVPN software here and install it on your PC.

If you intend to use VPN with your smartphone or tablet. install the OpenVPN Connect app for Android or iOS on your mobile device. However, the app only supports the recommended “Create own network” access type.

Once you have installed the OpenVPN client, upload the VPN configuration file there.

  1. Go to “Application accesses”.
  2. Click on “New application access”.
  3. Enter any name which makes it easier to assign and click on “Apply”.
  4. Click on the link symbol under “Activation code”.
  5. Enter the activation code shown in the remote access configuration in your app.

  1. Go to “Links”.
  2. You have the option to search for devices in the network or add a link.
  3. Give the link a name to add a link.
  4. Enter the device URL or IP address at which the device on the remote network can be reached.
  5. Click on “Apply”.
  6. Click on the required device in the link list.

  1. Go to “Redirects”.
  2. Click on “Add redirect”.
  3. Select which SDA notifications should be redirected. You can select them by priority and/or category. The entries correspond to the fields in the ETS and they need to be written in the same ways as in these fields.
  4. Select the redirect medium and then click on “Apply”.

  1. Link IFTTT with the SDA portal (see How do I link IFTTT with the SDA portal?).
  2. Create a redirect and select IFTTT as the forwarding media.
  3. Create an applet in IFTTT (see How do I create an applet on the IFTTT portal?).

Note that no responsibility is taken for the instructions on configuration within IFTTT. IFTTT is not an ise Individuelle Software und Elektronik GmbH product. We do not guarantee the topicality or accuracy of documentation for third-party products.

  1. Log into IFTTT and click on “Explore” in the menu.
  2. Enter “Webhooks” in the search bar and select the "Webhooks" tile.
  3. Click on the “Connect” button and then on “Settings”.
  4. You have now created the IFTTT API key. Copy the last part of the URL (everything after “use/”).
  5. Log into the SDA portal.
  6. Click on “Profile” in the menu bar.
  7. Add the copied IFTTT API key into the “API key” field in the “External services for notifications” section.
  8. Click on “Apply”.

Note that no responsibility is taken for the instructions on configuration within IFTTT. IFTTT is not an ise Individuelle Software und Elektronik GmbH product. We do not guarantee the topicality or accuracy of documentation for third-party products.

  1. Log into the IFTTT portal.
  2. Click on “Explore” in the menu.
  3. Select “Applets” under “Create” in the menu.
  4. Click on “Add” next to “If This".
  5. Search for the “Webhooks” service and select it.
  6. Select the “Receive a web request” trigger.
  7. Enter sda_notification into the “Event name” field.
  8. Click on “Add” next to “Then That”.
  9. Select any service as an action.

The owner can remove all rights from all other users, including other administrators, at any time, but no-one can refuse access to the owner.

The owner is the person who is legally responsible for the use of remote access. This is usually the electrical installer or system integrator during the construction stage.

Ownership is transferred to the installation owner by ownership transfer.

  1. If you are the current owner, click on the “Ownership transfer” button under the gear icon next to your user name in “User management”.
  2. Enter the new owner's e-mail address and possibly a description and click on “Apply”. Important: The new owner must be a registered user on the SDA portal!
  3. You and the new owner will receive an email with a confirmation link.
  4. When you and the new owner have both accepted, you will both receive a corresponding e-mail and ownership is transferred.
  5. If one of the requests to accept is not confirmed, ownership is not transferred.

You must have administrator rights to do so, i.e. registered in the role of owner or administrator in “Portal user”. Move the cursor over the gear icon behind the user in question and click on “Rights Configuration”.

A user's role refers to the configuration options on the SDA portal only. Access rights to the network are controlled by the access groups.

It is possible to use access groups to grant access to the KNX installation or the remote network temporarily or permanently, depending on the group.

KNX group objects can be used to activate or deactivate access options for the “Residents” and “Installers” groups separately from one another at any time.

The SMART CONNECT KNX Remote Access communicates with the SDA portal via a HTTPS connection only. All data are exchanged via this connection in both directions, meaning that no additional configuration is required for the firewall.

If you wish to limit network access to specific domains and ports, we recommend configuring exceptions. The domains and IP addressed listed in the following table may change during certain maintenance work on the portal! You will be informed about any such work by e-mail.

Domain IP Address Port Required for
securedeviceaccess.net 182.201.147.52 TCP 443 all functions
api.securedeviceaccess.net 182.201.147.52 TCP 443 all functions
hub.securedeviceaccess.net 45.12.49.122 TCP 443 all functions
hub1.securedeviceaccess.net 45.12.49.122 TCP 443 all functions
hub2.securedeviceaccess.net 185.102.94.177 TCP 443 all functions
vpnproxy.securedeviceaccess.net 185.201.147.69 TCP 80 VPN functionality
httpaccess.net 185.201.147.67 TCP 443 link functionality on the portal
ise.de 217.6.20.164 TCP 80 firmware update via the device website
0.europe.pool.ntp.org (standard NTP server) or other configured server
from ise KNX Remote Access 5.0: pool.ntp.org (standard NTP server)
UDP 123 NTP time synchronization with activated time server function
deviceservices.securedeviceaccess.net 83.169.16.174 TCP 443 Gira DCS-IP gateway