Amcrest NVR P2P is blocked
-
New to pFsense and still learning.
I use Amcrest's P2P to remote view my cameras on my iPhone. This worked great on my Cisco RV320 but does not work on my pfsense setup. I didn't need port forwards or special firewall rules on the Cisco nor did I use upnp. P2P just worked.
Not sure where P2P is getting blocked with pfsense. I don't completely understand how P2P works so I don't know what needs to be setup in pfsense.Thoughts?
Thanks
-
@Ristin did you reset it up after you changed to pfsense.. Its quite possible your IP is different than when you used your other router.
https://support.amcrest.com/hc/en-us/articles/360022156372-How-To-Verify-P2P-Status
-
I've gone through the setup on the NVR, P2P is enabled and shows online. My iphone can connect to the NVR via P2P when I'm on my local LAN, but can't connect when off the local LAN.
My ISP is Starlink and uses DHCP for WAN access. -
@Ristin said in Amcrest NVR P2P is blocked:
My ISP is Starlink and uses DHCP for WAN access.
It also uses cgnat.. Your saying when you used the rv320 on your starlink connection it worked?
-
@johnpoz
Good morning,
I reconnected the Cisco RV 320 this morning to verify that P2P was working via Starlink and it does. My iPhone will connect to the NVR via P2P while disconnected from my local network. I have the Cisco and pFsense routers configured the same so swapping between the two is a simple network cable swap.
I am running Tailscale on the pFsense router so if I enable Tailscale on my iphone then I am able to connect to the NVR remotely. That works ok for me but is confusing for my wife & daughter. I was hoping to get P2P working with the pFsense router and not need Tailscale on their phones.
I tried disabling Tailscale on the router to see if that was the issue, however P2P still didn't work.
I'm very new to pFsense so I assume this issue is operator error and I'm just not configured correctly. -
@Ristin said in Amcrest NVR P2P is blocked:
operator error and I'm just not configured correctly.
There would be nothing to configure from what I can tell with that p2p sort of setup.. I will see if can find more info.. But if the NVR creates the connection to some outside service, and uses that to tunnel in there is nothing to do on pfsense..
I would make sure you show the status is working on the NVR for p2p while on pfsense.. Then on your phone app while not on any local network or tailscale connection forget the old connection and create a new connection. From my understanding you put in the SN of your NVR or camera and the password.
-
One possible issue (but really kind of unlikely in my view) is the source port randomization pfSense performs automatically on most outbound traffic (but not all). See the docs here: https://docs.netgate.com/pfsense/en/latest/nat/outbound.html#static-port.
Sometimes this setting is a stumbling block for VoIP stuff. Might also be one for your NVR setup.
-
@johnpoz
Tried your suggestions, didn't work but now it gets weird. I finally got around to installing an Amcrest AD410 doorbell cam I purchased several months ago. The AD410 uses a different Amcrest app called Amcrest Smarthome.
Once I had the Ad410 configured, I was able to find it with my NVR, add it and view with Amcrest View Pro (only locally still) however the doorbell features only work with the Amcrest smart home app. After completing the install and testing the doorbell feature I realized the doorbell feature would be mostly useless if I don't have remote access availability. The Smarthome app also uses P2P. Took my phone off my local LAN and surprise, I can view and access the doorbell cam remotely.
So for fun I deleted the Amcrest Pro app and reinstalled, then tried to setup P2P again. No luck, still no remote access. -
@Ristin so you were accessing this doorbell cam via the NVR p2p connection or to the specific doorbell cam IP and its p2p setup?
-
specific doorbell cam IP and its p2p setup
-
did you ever get this figured out? i’m running into the exact same problem. they ran fine for years but all of a sudden pfsense is blocking the incoming connections for P2P.
-
Arostad,
I have not figured this out. What I have learned is, the Amcrest Smart home and the Amcrest AD410 door bell cam can create a P2P connection that I can access remotely. Unfortunately, Amcrest Smart Home app does not support my Amcrest NVR or other Amcrest security cameras.Neither Amcrest View Pro or Amcrest View Pro 2 can create a P2P connection that allows remote access via pFsense. However both apps can create a P2P connection that allows remote access with my Cisco RV320 router.
Recently my mom bought a couple $19 cameras pan & tilt cameras that screw into a light bulb socket. These cheap cameras don't have a brand name printed on them nor did they come with a setup guide or even the name of the app to use. Through trial & error I found the iOs app Yi IOT could access and setup these cheap cameras. P2P works remotely on these cheap cameras with pFsense.
-
@Ristin said in Amcrest NVR P2P is blocked:
Recently my mom bought a couple $19 cameras pan & tilt cameras that screw into a light bulb socket.
Really - do they also function as your porch light? Those might be interesting - do you have a link?
-
@johnpoz
Sorry, no link. There's no brand name or model number on the box or camera. I assume my mom found them on Amazon.
The camera has 4 small LED's for white light but they are not not very bright.
The cameras didn't come with any install guides or user information so I have no idea if they are outdoor rated. -
@Ristin I had forgotten all about this thread.. But whats funny is just setup my NVR from Lorex I just got delivered this afternoon.. And as they should work, zero anything to do on pfsense.. Because its done via a P2P connection. That the NVR creates outbound.
I got the camera's working but have not yet mounted them outside.. I know the p2p is working because I can turn off wifi on my phone and view the cameras
Here are the connections I see outbound from the NVR, which is on 192.168.7.100
Do you see attempts at states that are not being made? It shows it online or not? Are you blocking outbound connections for anything - be it dns filtering, or pfblocker for geoip or anything.
Out of the box pfsense does no blocking at all outbound, the default rules are any any, etc..
I just connected with my phone, just on cell.. Camera is just inside the av cab currently - so not much to see
But you can see this caused a lot more connections - and you can see 2 that moved some data..
-
@johnpoz
I was browsing around pFsense looking for the menu item that would show me the above information. I didn't find it but I decided to try remote accessing my cameras, knowing I would be disappointed. Instead of disappointment, I was shocked to see P2P remote access working! I didn't make any changes to pFsense but P2P is working now. Woo hoo. -
@Ristin the states are under diagnostic menu.
Glad to hear its working, there is nothing really do to for such connections to work.