Hub Gateway ZigBee 3.0 eWeLink Tasmota Bridge mode Serial TCP to Zigbee2MQTT

 

Configuring the ZB-GW03-V1.4 ZigBee Gateway in Serial TCP Bridge mode for Zigbee2MQTT was not straightforward. After multiple attempts with different firmware versions and configurations, I even thought I had bricked the hub at some point. However, after extensive testing, I found that using the correct firmware from this GitHub repository and applying a few modifications, everything works perfectly.

This guide will walk you through the process of configuring Tasmota on the ZB-GW03 to enable Serial TCP bridging, allowing it to be used with Zigbee2MQTT.

The device can be purchased pre-flashed with Tasmota from Miravia.

---

Step 1: Configuring Tasmota for Serial TCP Bridge Mode

1.1 Set the Device Module

1. Navigate to the Tasmota Web Interface.
2. Go to Configuration > Configure Module.
3. Select ESP32-Devkit (1) and Save.
4. The device will reboot.

1.2 Apply Auto-Configuration for V1.2

1. Navigate to Configuration > Auto-configuration.
2. Select Eachen-ZB-GW03-V1.2 from the dropdown list.
3. Click Apply Configuration.
4. The device will reboot and apply the correct settings automatically.

1.3 Configure GPIO for TCP Communication (If Needed)

If auto-configuration is not applied or doesn't work correctly, manually configure the GPIOs:

1. Navigate again to Configuration > Configure Module.
2. Assign:
   • GPIO2 (TX) → TCP Tx
   • GPIO4 (RX) → TCP Rx
   • 
     
     
     
3. Click Save.

1.4 Enable TCP Server on Boot

1. Open the Tasmota Console and enter the following command:

   tcpstart 8888

2. To ensure the TCP server starts automatically on boot, enter the following command:

   
   backlog rule1 on system#boot do TCPStart 8888 endon ; rule1 1 ; TCPStart 8888
   

3. Verify logs to confirm that the TCP server is running:

   
   00:00:08.127 RUL: SYSTEM#BOOT performs 'TCPStart 8888'
   00:00:08.128 TCP: Starting TCP server on port 8888
   00:00:08.130 RSL: RESULT = {"TCPStart":"Done"}
   00:00:11.481 TCP: Got connection from 192.168.x.x
   

---

Step 2: Configure Zigbee2MQTT

1. Open Zigbee2MQTT Web Interface.
2. Navigate to Settings > Serial.
3. Configure the following parameters:
   • Port: tcp://192.168.x.x:8888
   • Adapter: ezsp
   • Baudrate: 115200
   • 
     
     

4. Click Submit and restart Zigbee2MQTT.

---

Step 3: Verify the Connection

1. Check the Tasmota logs for the following:

   TCP: Got connection from 192.168.x.x

Conclusion

After following this guide, your ZB-GW03 Gateway should be successfully configured in Serial TCP Bridge mode, allowing it to communicate with Zigbee2MQTT. This setup enables seamless Zigbee device management through MQTT.

For troubleshooting, always check the Tasmota logs and Zigbee2MQTT logs to identify any connectivity issues.

Enjoy your Zigbee Smart Home Automation!

Hackers No Longer Hack, They Log In: The Paradigm Shift in Cybersecurity and the Passwordless Future

Spanish Version

In the world of cybersecurity, there is a phrase that marks a turning point: "Hackers no longer hack, they log in." Although it might seem like an oversimplification, it perfectly describes how the threat landscape has evolved. Attackers no longer need to exploit systems with sophisticated attacks; now, they use legitimate credentials, fraudulently obtained, to gain access without raising suspicion. This presents a critical challenge: protecting digital identities and, more importantly, evolving towards a model that eliminates the use of passwords.

Identity: The New Security Perimeter
In an environment where data, applications, and users are distributed globally, identity has replaced the network perimeter as the first line of defense. The data is clear: IBM’s 2024 Cost of a Data Breach report reveals that 60% of cyberattacks target identities and accounts, with a troubling 71% increase in the use of compromised credentials compared to the previous year. Stolen or weak credentials are now the most commonly used attack vector, demanding a renewed focus on how we manage and protect identities.

ITDR: Detecting and Responding to Identity Threats
To address this challenge, Identity Threat Detection and Response (ITDR) technologies have become an essential tool. While traditional systems like SIEMs or User Behavior Analytics (UBA) focus on network events and anomalies, ITDR focuses on identity-specific risks, including:

• Compromised credentials and weak passwords.
• Lack of multi-factor authentication (MFA) or configurations that allow omissions.
• Password spraying attacks.
• Bypassing intermediaries like firewalls or Privileged Access Management (PAM) systems.
• Use of insecure authentication protocols like NTLM or unencrypted connections.

While ITDR is a significant step forward, it does not solve the underlying problem: passwords.

The Problem with Passwords
Passwords have been the primary method of authentication for decades, but they come with well-documented issues:

• Easily compromised: Weak passwords, password reuse, and mass breaches make them easy targets.
• User burden: Remembering multiple strong passwords is difficult and often leads to poor practices.
• High operational costs: IT departments spend significant resources resetting forgotten passwords or managing them.

Multi-factor authentication (MFA) has been a step forward in mitigating these issues by adding additional layers of security, such as codes sent via SMS, authentication apps, or biometric data. However, even MFA is not infallible: there are attacks that bypass these controls, such as social engineering to steal temporary codes or SIM swapping techniques.

Beyond MFA: The Passwordless Future
The next logical step in the evolution of identity security is to eliminate the use of passwords entirely through passwordless authentication technologies. This approach uses more secure and convenient methods, such as:

• Biometrics: Facial recognition, fingerprints, or retina scanning.
• Physical authenticators: Devices like FIDO2-based security keys, which allow fast and secure authentications.
• Digital certificates: Linked to trusted devices that verify identity without the need for passwords.
• Tokenization: The use of unique tokens for each session, removing the need for static passwords.

Benefits of the Passwordless Model
Adopting a passwordless approach not only enhances security but also improves user experience and reduces operational costs. Key benefits include:

• Resistance to common attacks: Without passwords to steal, techniques like phishing, password spraying, or credential stuffing become obsolete.
• Better user experience: Employees and customers don’t need to remember complex passwords, which reduces frustration and boosts productivity.
• Cost reduction: Fewer password reset requests and less money spent on technical support.

Implementation and Challenges
While the passwordless model offers numerous advantages, its adoption is not without challenges. Organizations must:

• Update their identity infrastructure to support methods like FIDO2 and biometric authenticators.
• Educate users on new systems and the importance of adopting secure practices.
• Ensure interoperability between applications, legacy systems, and modern authentication technologies.

Despite these challenges, the path to a passwordless future is inevitable. Organizations that begin planning for this transition will be better positioned to protect against identity threats dominating the current landscape.

Final Reflection
In a world where attackers no longer "hack," but simply "log in," protecting digital identities is more crucial than ever. Technologies like ITDR are essential to detecting and responding to current threats, but the real change will come when we leave passwords behind and adopt smarter, more secure, and more convenient authentication methods.