NVR with Camera POE Switch Routing
-
Hello,
I am dealing with a situation that I am not sure how to address from a pfSense standpoint. My weatherstation provides for ftp uploads to show images from my security camera (s) outside my home. They connect to an NVR and the cameras are assigned a dhcp private address in 192.168.2.0 /24. My pfSense primary LAN is 192.168.92.0 /24 and the NVR is a host on a vlan called CAMS at 192.168.93.0 /24. Its private address is 192.168.93.190. I segregated the cameras as they are chinese made hikvision and I did not want them to have any laise faire public access. I connect to them only using OpenVPN.
The one camera I would like to have upload images to ftp2.ambientweather.com sits behind the NVR subnet at 192.168.2.4. I am not clear how the NVR routes traffic and it may just serve as a proxy between LAN and VLAN "CAMS"
If a camera is allowed to get out to the wan, provided it has the appropriate outbound rules, I see a problem with packets making it back from LAN to VLAN and into the NVR subnet, to the camera. I setup the ftp authentication in the camera, but the test fails. I am also seeing connections to a time server fail.
Do I need to setup a static route using the NVR private host ip as a gateway, to account for return tcp traffic? I was hoping someone may have some experience with an NVR and the subnet.
Thank you.