How to configure nat to access ip cam form wan
-
hi
i setup my nat following the tutorial, to be able to access my ip cam, but i didn't succeed my setup is as follows:
interface: wan
external address: any
protocol: tcp
external port range:
from: other 1400
to: other
nat ip: 192.163.1.1 (1st ip cam)
local port: other 1400my dhcp range is: 192.163.10 to 192.163.1.245
my gateway address is: 192.163.1.254so i tried accessing one the cam with the wan side of my server 87.230.x.x:1400 with no luck.
what did i do wrong
help is highly appreciated
-
if i put the xxx.xxx.210.14:850 (pf ip + the port configured to redirect to 192.163.1.50 (IP cam) on my web browser from wan, the page keeps trying and never connect
still no one can help me in this?
thanks in advance
-
Your IPcam is confirmed accessible from local LAN subnet on port 1400 with TCP traffic?
You have created a firewall rule to permit traffic along with your NAT rule? -
thanks for the reply
after trying many setups, my final configuration is as follows:
cam1 ip: 192.163.1.1 port 810
cam2 ip: 192.163.1.2 port 820
cam3 ip: 192.163.1.3: port 830
cam4 ip: 192.163.1.4: port 840
cam5 ip: 192.163.1.5: port 850my nat and firewall as follows:
-
You have an allow-all rule on top of all other rules on your WAN tab. Remove that urgently!
I could reach your pfSense on the given IP via http - switch that to HTTPs at least if not blocking it from the outside completely! -
thanks a lot for advice
yes you are right, i keep seeing peoples try access and guess my server password from all over the world, i am kind of new to firewall rule, i don't know how what to put to access my server remotely, i have 5 running server and need to monitor always, so if you kindly help me create the necessarily rule to access pf box, ill be grateful and then access my ip cams.
thanks again for trying to help
hadi57
-
You set your LAN to 192.163.x.y
unless you have this public IP range assigned to you by an ISP (which I somewhat doubt) you should change it to one of the designated private IP subnet ranges:
-
10.x.x.x
-
172.16.x.x bis 172.31.x.x
-
192.168.x.x
You most probably wanted to use 192.168.x.y
Using 192.168.1.0/24 as subnet and assigning 192.168.1.1 to a device cries for problems. That's the IP a lot of devices initially use for setup. Avoid it. -
-
ok ill change my ip's to 192.168.x.x, or 172.16.x.x even i dont have problem with 192.163.x.x becuase all my clients are accessing the internet with no problem, so you think because i am using 192.163.x.x instead of 192.168.x.x i am facing this problem?
-
May I suggest that you start reading about networking?
A possible start could be here:
http://en.wikipedia.org/wiki/IP_address
http://en.wikipedia.org/wiki/Subnetwork
http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
but it's not limited to that.And no, I didn't say your problems arise from false subnetting.
Wikipedia has an article about NAT (Network address translation) as well.
