Ring video doorbell behind PFsense firewall?
-
My ring doorbell works fairly well with PFsense. The problem seems to be associated with the windows client which is slowly being updated. Be sure to assign a static IP address, exclude from squid, and possibly a custom NAT depending on your config. The doorbell needs unrestricted access out.
-
I have a Ring doorbell too, made sure that it gets an assigned address and it's working perfectly.
The only issue I have is that on one of my two Android phones, the alert takes about 5 minutes to come through. My wife has two iPhones and they work perfectly well, it's just the one Android device that is delayed. Must have some strange routing via Mars or something.
-
Is the Android slow on wifi and 3/4g? Please test individually by disabling the other and report back.
-
I have two Android phones, only one of them is slow.
Actually, someone just rang the bell, so this time the delay between the two phones was about 2 seconds, but it has been up to five minutes.
I'll check it out later on wifi and 3/4G and see which one has the issue.
-
I also recently installed a Ring doorbell. On my home wifi, same network as Ring, it works great. I did not do anything extra with pfSense. It is setup on a multi-WAN setup with 3 AT&T hotspots to an SG-2440 with latest pfSense to a Netgear X4 wifi router.
On cell service it works great.
At my parents home, it sometimes works great and other times not. The setup there is a Comcast cable connection to a APU2D4 with latest pfSense to a Netgear WNDR4500 wifi router.
To clarify, I am now talking about going through my parents network to the Ring system to my home network.
If I start with a fresh reset of pfSense the app will load instantly and everything works great - alerts and live video. Over time, sometimes a day or two, something happens where I try to load the app and it will take probably 30 seconds before it loads. Once loaded it works well enough, though a little slower I think. And alerts are slow. But if I reset the pfSense router it will work fast again like it should. I have not adjusted anything on this pfSense box either.That is my experience and so far I have not been able to find the problem. Actually I can't even tell what's different. I tried resetting states and made no difference. But resetting the whole box will correct it.
-
Reset which router?
-
Reset which router?
I have only ever needed to reset the pfSense router at my parents house. That is the only place it sometimes doesn't work. Works great from my house (same network as ring) and great from cell data.
-
Not running anything like squid there? It should just be an outbound connection to ring I figure.
-
Not running anything like squid there? It should just be an outbound connection to ring I figure.
Nothing else, just the basics. I think about the most I have configured is using Google DNS for clients. Actually using it for IPv4 and IPv6. But otherwise pfSense is pretty much how it installed. No changes to firewall or anything else that I recall. Which is why it's strange that it works great most of the time, but will occasionally seem to get hung up and require a reboot to get the app back up to speed.
-
Yeah. there is nothing that rebooting the firewall would clear there.
It could be something with IPv6. If a device thinks it has IPv6 it will generally try to use that first. If it is broken it will fall back to IPv4 if available. That is a common cause of things that "take 30 seconds to load."
That is where I could concentrate at first.
It also sounds like you might be double-NAT there. Should work but might also be a place to look.
-
Oh good idea, I hadn't really thought about IPv6. I don't have it on my home network and everything works even with my unavoidable multi-NAT setup. My parents have Comcast (no double-NAT, modem in bridge mode and Netgear as AP) and it has IPv6. I didn't really think I had to do anything since pfSense just worked so all I did was add Google DNS. Maybe I'll play with it more. I don't really know much about it but sounds like it's time to learn.
Thanks for your help!
-
This post is deleted! -
FYI, I was able to get this to work by disabling my DNS Resolver and enabling the DNS Forwarder service instead. I didn't need to add any additional Firewall rules or NAT/PAT rules since all of the connections are initiated outbound.
I don't have a good idea what about the DNS Resolver the Ring was incompatible with, but wanted to put this out there so if others want, they can track down the cause.