Forum

<p>Hi Leslie,<br data-start=”82″ data-end=”85″ />I’m trying to integrate the MyHome Server F461 with a custom OWN-protocol driver for ELAN/NICE. This same driver works correctly with the F454, F455 and F459, but with the F461 the integration fails at the authentication stage. I cannot find any documentation explaining changes to the OWN protocol on this new server, and the MyHome_Suite configuration offers no options to manage external clients, credentials or access parameters. It seems the F461 is rejecting the initial session request, but there is no reference describing the expected authentication or handshake flow.<br data-start=”662″ data-end=”665″ data-is-only-node=”” />Could you clarify whether the F461 uses a revised or restricted OWN implementation, and whether there is any documentation or guidance for authenticating third-party systems with this device?<br data-start=”856″ data-end=”859″ />Thanks,<br data-start=”866″ data-end=”869″ />Rafael</p>

Hi Rafael,

As far as I know, authentication should work in the same way. I opened an internal ticket to ask the question to the teams. I warn you once I know more

Have a good day,

Leslie – Community Manager

<p>Hi Leslie,</p><p>Thank you again for the support.</p><p> </p><p>Just to be fully clear about the issue: on the F454, F455 and F459, the OWN settings are available in the web interface. For example, on the F459 there is a dedicated Own/Range IP page where I can set the OPEN password, enable/disable HMAC authentication, and define the IP ranges allowed to connect without authentication. This control is essential for third-party systems like ELAN/NICE to complete the OWN handshake.</p><p> </p><p>On the F461, however, this entire configuration section no longer exists—neither in the web interface nor in MyHome_Suite. Because of that, the F461 accepts the TCP connection but never responds to the standard OWN authentication sequence, suggesting that something in the access-control or handshake mechanism has changed.</p><p> </p><p>Any information the internal team can provide about how OWN authentication is supposed to be handled on the F461 would be extremely helpful.</p><p> </p><p>Thanks,</p><p>Rafael</p>

Hi Rafael,

Here is the answer I got from the support :

MyHome Server F461 uses HMAC authentication, so you can’t use the OWN implementation used for F454, F459, …

On https://developer.legrand.com/local-interoperability/ you can find all documentations about OWN protocol

Below direct link to document about HMAC authentication used for F461 https://static.developer.legrand.com/files/2019/12/Hmac.pdf

Regarding your last answer, I don’t know if the response is helpful as I imagine you already know this document. If no, I can re-open the ticket by adding more details

Have a good day,

Leslie – Community Manager

<p data-start=”109″ data-end=”147″>Hi Leslie,<br data-start=”119″ data-end=”122″ />Thank you for the update.</p><p data-start=”149″ data-end=”680″>I actually did not know about the HMAC implementation before your message, so the information was useful. However, what still makes no sense is that the F461 provides no interface at all—neither in the web UI nor in MyHome_Suite—to configure any parameter related to OWN access, such as the OPEN/HMAC key, allowed clients, or even basic settings like assigning a fixed IP to the gateway. On the F454, F455 and F459 these options are clearly available and allow external systems like ELAN/NICE to authenticate without issue.</p><p data-start=”682″ data-end=”1039″>As far as I understand, the OWN protocol itself remains the same, and the only difference should be the authentication layer. But without any way to configure or retrieve the HMAC key or any access settings, the F461 accepts the TCP connection and then simply refuses to complete the handshake, because we have no way of knowing what the server expects.</p><p data-start=”1041″ data-end=”1275″>If possible, could you please re-open the ticket and ask the internal team whether:<br data-start=”1124″ data-end=”1127″ />– the F461 uses a fixed internal HMAC key, or<br data-start=”1172″ data-end=”1175″ />– there is any hidden/undocumented method to configure these parameters for third-party integration?</p><p data-start=”1277″ data-end=”1324″>This is essential to make the integration work.</p><p> </p><p data-start=”1326″ data-end=”1365″ data-is-last-node=”” data-is-only-node=””>Thanks again for your support,<br data-start=”1356″ data-end=”1359″ />Rafael</p>

Hi Rafael,

Ticket created, I warn you once I have an answer 🙂

Have a good day,

Leslie – Community Manager

Hi again,

The answer was fast :

The only two parameters that you need are :

• F461 IP Address
• F461 Open Password

Both parameters can be changed using H+P app. No other parameters are needed

All the documents to implement integration with F461 are available on

https://developer.legrand.com/local-interoperability/

You can use the following minimal python script to understand how to send OWN light command ON to F461

Script assumes that :

• F461 IP: 192.168.1.50
• OWN/HMAC password: 12345 (Open Password)
• Light address 11.

************************************************************************

import asyncio

from pyown.client import Client

from pyown.items.lighting import Light # WHO = 1 lighting

F461_HOST = “192.168.1.50”  # change to your F461 IP

F461_PORT = 20000      # or 20005, depending on your config

F461_PASSWORD = “12345”   # your OWN/HMAC password

LIGHT_WHERE = “11”     # WHERE address on SCS bus

async def main():

  # Create a command-session client

  client = Client(

    host=F461_HOST,

    port=F461_PORT,

    password=F461_PASSWORD,

  )

  # Open TCP connection and perform OWN auth/handshake

  await client.start()

  # Create a Light item bound to WHERE 11

  light = Light(client=client, where=LIGHT_WHERE)

  # Send OWN command to turn the light ON

  await light.on()

  # Optionally, you could also turn it off later:

  # await light.off()

  # Close the connection

  await client.close()

if __name__ == “__main__”:

  asyncio.run(main())

****************************************

What this script does internally:

• Opens a TCP connection to the F461.
• Runs the OpenWebNet authentication (OPEN or HMAC, handled for you by pyown). jotonedev.github.io+1
• Sends an OWN frame equivalent to *1*1*11## (WHO=1 lighting, WHAT=1 ON, WHERE=11).

I hope it will help you !

Have a good day,

Leslie – Community Manager

<p data-start=”152″ data-end=”232″>Hi Leslie,<br data-start=”162″ data-end=”165″ />Thank you for the quick follow-up and for the detailed explanation.</p><p data-start=”234″ data-end=”658″>Now that I understand that only two parameters are required on the F461 — the device IP and the Open Password configured through the H+P app — everything is much clearer. I initially expected the same configuration interfaces found in the F454/F455/F459 (Own/Range IP, HMAC toggle, IP whitelist, etc.), but knowing that the F461 handles all of that internally and only exposes the password simplifies the logic considerably.</p><p data-start=”660″ data-end=”1102″>The Python example is extremely helpful. I will work on this integration next week, and with these details I can finally move forward — without this information it would have been impossible to proceed. I will replicate the same HMAC authentication flow inside my ELAN/NICE driver and align the handshake with the method used by pyown. If the Open Password and the derived HMAC match the expected sequence, everything should work as intended.</p><p data-start=”1104″ data-end=”1250″>If anything unexpected happens during implementation (especially regarding the HMAC challenge/response or session negotiation), I’ll let you know.</p><p> </p><p data-start=”1252″ data-end=”1331″ data-is-last-node=”” data-is-only-node=””>Thank you again for your support — this was exactly the missing piece.<br data-start=”1322″ data-end=”1325″ />Rafael</p>

<p data-start=”252″ data-end=”469″>Hi Leslie,<br data-start=”262″ data-end=”265″ />Thank you again for all your help so far. Before I proceed with the implementation, I would like to clarify two additional points regarding the F461, because they will directly impact my integration work.</p><p data-start=”471″ data-end=”931″>After the initial activation of the F461 using the H+ app (including the password setup and firmware update), I would like to confirm whether the device can then be fully configured through MyHome Suite as usual. In other words, once the H+ onboarding is completed, does the F461 accept and operate with the standard MyHome Suite configuration in the same way as previous servers, or does the H+ app impose any limitations or overwrite part of the programming?</p><p data-start=”933″ data-end=”1411″>I also wanted to ask about the practical advantages of the F461 compared to the F459 when the goal is third-party integration. From what I understand, the F461 adds HMAC authentication and a modern architecture, but the F459 remains more flexible in terms of configuration interfaces. Since I am working specifically with ELAN/NICE drivers, it would be very helpful to know in which scenarios the F461 is technically preferable to the F459 for integration-focused installations.</p><p data-start=”1413″ data-end=”1768″>Finally, I have a question regarding HVAC management. For systems using devices such as CoolMaster and the BTicino IR interface 3456 (IRSPLIT), is the F461 fully compatible for handling these functions, or is the F459 still required as the recommended gateway for this type of installation? This clarification is important for planning future deployments.</p><p> </p><p data-start=”1770″ data-end=”1834″>Thank you once again for your availability and support.<br data-start=”1825″ data-end=”1828″ />Rafael</p>

Hi Rafael,

Here is the answer from the support :

1 – After the initial activation of the F461 using the H+ app (including the password setup and firmware update), I would like to confirm whether the device can then be fully configured through MyHome Suite as usual. In other words, once the H+ onboarding is completed, does the F461 accept and operate with the standard MyHome Suite configuration in the same way as previous servers, or does the H+ app impose any limitations or overwrite part of the programming?

I confirm that is possible to use MyHome Suite software as in F459. Configuration done with H + app is more simply to create and update, in addition it is possibile to create scenarios in order to execute automatic operations. With F461 and H + app is possible to configure integration with RGB lights as Philips HUE, DMX, Lifx and Music player as Sonos.

2 – I also wanted to ask about the practical advantages of the F461 compared to the F459 when the goal is third-party integration. From what I understand, the F461 adds HMAC authentication and a modern architecture, but the F459 remains more flexible in terms of configuration interfaces. Since I am working specifically with ELAN/NICE drivers, it would be very helpful to know in which scenarios the F461 is technically preferable to the F459 for integration-focused installations.

As I say F461 is better for an easier configuration and for advanced scenarios management.

If you need only a gateway for OWN protocol, F461 is newest, safer and smaller than F459. 

3 – Finally, I have a question regarding HVAC management. For systems using devices such as CoolMaster and the BTicino IR interface 3456 (IRSPLIT), is the F461 fully compatible for handling these functions, or is the F459 still required as the recommended gateway for this type of installation? This clarification is important for planning future deployments.

F461 doesn’t manage HVAC, so in order to use this protocol you need to use F459 with the correct driver.

So F461 is an OWN gateway and in combination with H + app can be used for plant configuration and scenarios management but isn’t possibile to add functionality for HVAC, BACNET, and so on.

F459 is driver manager with OWN gateway functionality.

Have a good day,

Leslie – Community Manager