Wifi smart plug not reachable over internet


Just bought wifi smart plug and set it up. The smart plug is controllable only when the android device running the controller application is at the same subnet as the smart plug.

I ran some tcpdump and did see some broadcast traffic from the smart plug broadcasting its local private ipv4 address in plaintext. When I did tcpdump over the wan internet I also see connection in this direction:

ec2-52-39-117-132.us-west-2.compute.amazonaws.com.1883 > ESP_XXXXXX.lan.21826

However, if I switch to a wifi (with internet access) at a different subnet, I am still able to see the energy monitoring update and status (on/off) of the smart plug but isn't able to control it.

This thing is definitely running on ESP8266 and likely some firmware based on openwrt. Has anyone had experience with these devices and what is the general requirement?

Before the purchase I expected that the smart plug would simply hold an open connection to some cloud service provider and allow traffic in. If anyone got a working smartplug setup it would be great if you could run tcpdump on it and see what it takes for successful communication from internet.


...is not OpenWrt.

That said, an esp8266 cannot run OpenWrt at all, it doesn't run any kind of linux to begin with, the poor thing runs at 80 MHz and only has 96 KB of RAM combined. Talk to Espressif or your android vendor for support about your issues.

If on an ESP8266 it's likely running FreeRTOS or esp-open-rtos. That connection is likely using MQTT over TLS, or perhaps unencrypted MQTT. If unencrypted, I'd return it immediately. Same for the Android app.

Typically devices like that set up an AP that the phone app logs into, then once configured with "your" wireless, drop the AP and switch to client.

Typically NO configuration of your AP is required.

BTW, a TP-Link HS110 runs ancient Linux, and not on an ESP8266. Also, getting an ESP8266 to run MQTT over TLS is nontrivial.

Ah. I see - I just did a quick search and found some variants of early wifi smart plug actually running openwrt which can be ssh into. In the process I saw esp8266 being referenced and a openwrt page for it and mixed it up.

Only the within subnet broadcast traffic announcing deviceid / local private ipv4 address is not encrypted. The other traffic are encrypted - is this still an issue?

Do you know in general if these smart plug work by holding a open connection to a server elsewhere?

edit: from the main router I do see this entry in the conntrack table where is the smartplug ip.

ipv4     2 tcp      6 238 ESTABLISHED src= dst= sport=21826 dport=1883 src= dst=X sport=1883 dport=21826 [ASSURED] mark=0 use=2

I will probably try to put it in the main subnet where the gateway router is in ( and see if that works...I use a static route to and

I would search on your specific model on the general Internet. Likely the information is out there. This is unlikely an OpenWRT question. Try home automation forums and sites.

I solved the issue just by using a different but compatible app and re-registering the plug!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.