now when i run the knock from the Android app i can unlock the port,
but i see this error message in the log file,(stanza #1) Error creating fko context: Args contain invalid data: FKO_ERROR_INVALID_DATA_HMAC_COMPAREFAIL
Do you now have two stanzas in access.conf? I.e. one with base64 keys and the other without?
That HMAC error would mean that the port should not be opened unless you are gaining access via a second stanza