Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote IP camera access dies after upgrade to 2.3.2

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    8 Posts 5 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O Offline
      OldOneEye
      last edited by

      I have version 2.2.4 installed protecting my home network it has the Snort package. I use a IP Video camera recording system that connects/records IP cameras, two of them are watching the doors at my house (local IPs) and two of them are watching the doors at my parents house (remote IP over internet, using two different ports)  they are accessed via IP port xxxx to the remote IP address of my parents house.

      When I upgrade to 2.3.2 the remote camera stop showing up in my system.

      I am lucky that I run my pfSense in VmWare and created a snap shot before the upgrade. that I have reverted back to 2.2.4.

      Any Ideas as to what is being filtered and what setting to try

      1 Reply Last reply Reply Quote 0
      • jahonixJ Offline
        jahonix
        last edited by

        Nope.

        With the infos provided no help is possible. And my crystal ball is broken, sorry.
        We don't even know how you access the remote cameras (IPSec, OpenVPN, …), if you can watch them from a browser locally or remote, nothing.

        Your infos are similar to:
        My car is broken and I need your help to fix it!
        I drive to work every morning and back home in the evenings. It's parked in a garage.
        After refueling yesterday it doesn't work anymore.
        Any ideas what's wrong with it?

        1 Reply Last reply Reply Quote 0
        • M Offline
          muswellhillbilly
          last edited by

          If you know the port number your remote cameras are listening on, why don't you consult your firewall logs and filter them using that port number? You can then verify if the firewall is actually blocking the port or whether there is something else wrong.

          How are you performing this upgrade? Are you removing packages and then doing an in-place upgrade, or are you taking a backup of your config, installing a fresh version and then restoring your backup to your system?

          1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM
            last edited by

            Any Ideas as to what is being filtered and what setting to try

            No idea without more information, as others have already said.  Provide details of your NATs, port forwards, firewall rules on LAN and how you used to access the thingy and what happens now when you access the thingy, complete with any error messages.

            1 Reply Last reply Reply Quote 0
            • GertjanG Offline
              Gertjan
              last edited by

              I had some spare time yesterday, so I decide to repair my crystal ball.
              Your question was just great to test it afterwards.

              This is what I saw :
              The issue is what your cameras is "seeing".
              Snort is a "packet inspection system" and the new version that came with 2.3.2 doesn't like what your camera 'sees'. Snort kicks in and filters it out.
              So : tell snort that your camera is trusted.

              Can you confirm that my crystal ball is repaired ?

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • O Offline
                OldOneEye
                last edited by

                There is no VPN. There is no NAT setup. it like accessing a web stream. there is no error it just stops reading the ip cams after the update.
                I can use VNC to view the live stream of the cameras. I did not have to do anything to pfsense to get it working.

                The software I use is "sighthound video" it records the "stream" coming from the ip cam at the other house.

                I am a noob. so I don't know how to "look at firewall logs and filter them using that port number"

                How do I tell snort my camera is trusted?

                I will uninstall Snort tomorrow and try an upgrade. Via the in place web interface. I think I will also try a "fresh install" with my backed up settings file resorted if the prior does not work.

                1 Reply Last reply Reply Quote 0
                • M Offline
                  muswellhillbilly
                  last edited by

                  Something tells me you need to do a bit of reading before you go any further. Noob or not, you should familiarise yourself with the system you're using before going live with it. https://doc.pfsense.org/index.php/Firewall_Logs

                  1 Reply Last reply Reply Quote 0
                  • O Offline
                    OldOneEye
                    last edited by

                    @Gertjan:

                    I had some spare time yesterday, so I decide to repair my crystal ball.
                    Your question was just great to test it afterwards.

                    This is what I saw :
                    The issue is what your cameras is "seeing".
                    Snort is a "packet inspection system" and the new version that came with 2.3.2 doesn't like what your camera 'sees'. Snort kicks in and filters it out.
                    So : tell snort that your camera is trusted.

                    Can you confirm that my crystal ball is repaired ?

                    Thanks for fixing and dusting off your crystal ball.
                    Yes it seems to be related to SNORT, if its uninstalled prior to upgrade the remote camera continues to stream to my local recorder.

                    I did add a alias of the remote internet IP number and then I added it to snorts "pass list" prior to removal.

                    I did a little "light" reading (too alleviate my noobness) on how to filter logs.  ::) but my "remote" ip never shows up in logs.

                    I reinstalled SNORT and my setting reappeared and my cameras are working still, post upgrade/package reinstall . puzzling.

                    Another way I think of this is, that I am doing a download of a file from a internet server at 2.5mbps all day long to a local computer.

                    If things change I will update. But look like its working.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.