Correct way to add ZWave devices?

Hi. Hass noob here, not ZWave noob…

Just set up Hass a couple days ago, have a Aeon Labs Z-Stick V5. Yesterday had an intermatic light switch, a lamp module, and a Schlage lock all paired. all good.

Woke up this morning and noticed the intermatic was showing incorrect status (showing on, but was off) and zwave status: dead.

Read someone restarted Hass and it fixed, so I tried that, but when Hass restarted, all z-wave devices except the controller are showing dead.

When I added each device, I removed the Z-Stick from the rasppi and took it to each zwave device to perform the add. Is this ok? Or should I be using the add from Hass, or from OZWCP, or does it matter? Does it make any difference for the secure device (schalage lock)?

BTW, I do have a network key set in my options.xml, there are a number of options.xml files, but I am seeing the msg: " Info, Setting Up Provided Network Key for Secure Communications" in the OZW log, so I presume that is ok?

Any other pointers greatly appreciated.


The way I’ve always added mine (which, admittedly is a bit of a pain) is:

  1. shut down HA
  2. remove Z-stick and bring it to the switch (or switches - I’ve done several at a time)
  3. put the stick in pair/include mode (tap the big action button and see the blue flash)
  4. turn on/off the switch and watch for the fast-blink of the blue LED on the stick
  5. tap action button to take stick out of include mode
  6. open OpenZwave Control Panel
  7. Name devices in OZWCP
  8. hit “close” button in OZWCP and drop back to shell on my Pi
  9. I manually copy my zwcfg_xxx.xml file to my homeassistant folder. I think most HA installs symlink this. I think I broke that and I’m not Linuxy enough to switch back. For me, this command is:
    cp /srv/hass/src/open-zwave-control-panel/zwcfg_0xc28fd2ed.xml /home/hass/.homeassistant/zwcfg_0xc28fd2ed.xml1
  10. open HA and confirm that everything’s behaving. At this point, I’ll usually also go over to the states dev tool tab to see the generated entity_id’s for my devices to add them to groups/automations/etc.

I like pairing with the Z stick removed from the Pi since you get that immediate flash to let you know that something happened.

Hmmm I think I must have missed something with regard to the zwcfg…xml file.

I have 2 in my .homeassistant dir, one dated april 23 (prob an obsolete one) and one dated this morning.

There is also one in the /srv/homeassistant/src/open-zwave-control-panel dir, dated yesterday evening…

Nothing is sym linked.

I’m thinking I may have to copy the one from yesterday evening date over?

Is there some documentation on the correct handling of this file? I haven’t come across any…

Thanks for your input.

That file is created by OpenZwave control panel and for the most part is a representation of data that’s in the stick. The naming stuff is metadata that lives only in the xml. I don’t think you see this covered in HA stuff b/c it’s not a requirement that you use OZWCP to manage your zwave network.

Some installs of HA will copy over the XML on reboot, I believe.

If you want to perform a secure inclusion of a node using OZW, the Z-Stick has to be connected to the USB port. This is because the security key is added and handled within OZW, not within the Z-Stick. The button on the Z-Stick is great for quick exclusions, but only performs regular, non-encrypted inclusions.

If your device supports the S0 Security CC, make performing inclusions over USB a habit.

There are two ways of performing proper inclusions.

  1. Call the zwave/add_node_secure service straight from the Developer Tools.
  2. Shut down HASS and fire up OZWCP in accordance with the steps provided by ih8gates.

Personally I started off using OZWCP, but realized it was unnecessary since everything can be performed though HASS. Calling the service zwave/set_config_parameter works very well. You can refer to the documentation for service descriptions. An example on changing a parameter is displayed here.


2 questions for you.
On topic: What’s the best way to see that your “add node” worked when you add it through the HA zwave service?

Slightly off-topic: I’ve never un-commented the zwave key in my options.xml. I’m considering adding my zwave deadbolt to HA. Can a zwave network handle secure and non-secure devices, or am I going to need to exclude and re-include everything as secure

(I’m aware that non-secure devices won’t route the secure traffic via the network)

My usual routine when adding Z-Wave devices through the HASS interface is:

  1. Kepp track of (or verify) the most recent node ID that was added. I make small notes of the node ID and personal device identifier in my Z-Wave device configuration file to make life easier.
  2. Add the node.
  3. Go to Developer Tools -> States.
  4. CTRL+F and search for the assumed new node ID, eg “node_id: 40”. Verify it’s listed.
  5. If you’re not using a default view (‘default_view: yes’ in configuration.yaml) the new device(s) is visible in the frontend.

Sometimes the procedure requires a HASS restart if the new node and slave devices are there, but are listed as “unknown”.

I try to build and expand my Z-Wave network using a selected set of devices. I use a lot of Qubino devices, Aeotec Multisensor 6 and Fibaro wall plugs. This allows for copying the configuration entry for a previously added node, then paste and change the node ID to match the new device.

Some devices such as the most recent Z-Wave Plus product range from Aeotec signals inclusion and successful inclusion though its LED. Z-Wave Plus devices from Fibaro are capable of range tests after inclusion, with a green LED signal if it’s able to communicate directly with the controller (which it should be directly after inclusion if performed close to the controller).

You only need to exclude the Z-Wave deadbolt from HASS and reinclude it, after setting the network key. Just make sure you actually set a new key before performing a secure inclusion. The defauly key will not work.

OpenZWave will handle non-secure and secure devices mixed just fine. There’s no point in performing a secure inclusion with a device that doesn’t support the specified CC.

Out of curiosity, do you have any information that verifies the inability of non-secure devices to route secure traffic? I’ve never had an opportunity to perform any tests myself, but I was under the impression that a non-secure node would be able to route the signal, but only the recipient node would be able to decrypt it.

1 Like

I think I’m wrong about this. I think Schlage locks require something called “zensor net beam”, but I think all modern devices can beam.

Beaming is supported by modern products on the market according to the certification statements I’ve been reading over at Z-Wave Alliance, so you seem to be correct. I will perform some tests anyway when I find the time.

Unfortunately I’m not familiar with the Schlage deadbolt locks since they’re not sold on the European market, so I have no further input on that matter. I hope you find the inclusion method helpful.

I cannot repay you enough for this comment. A sad story of ZWave and Secure Inclusion - openHAB Stories - openHAB Community

The documentation was updated long after this thread started, but the correct way is in the documentation.