In desperate need of this or ill have to say bye bye to my Job please help
-
Good day im new to this and im in desperate need of some help i recently set up this firewall and i very much like it but their is one thing i cant seem to figure out i can get to access my security cameras from out side of the network port forwarding is set up and i still cant see it
-
Do you also have the required firewall rule on WAN to allow those connections?
-
I seem to recall RTSP was also requiring UDP, you might want to change the protocol to TCP/UDP for starters.
Secondly, as KOM mentions, check your WAN rules.
There is also a hitcounter by default on the rules which you can use to view traffic/states, and you can enable logging on each rule so you can verify if, who, and what is hitting those rules. -
So did you go over the troubleshooting doc?
https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
Do these webcams even have a gateway, some of your cheaper camera's don't even have a gateway set so you can not talk to them from a different network, ie internet, etc. So your not going directly to the camera but some NVR or something?
What is the make and model of these camera's or NVR your trying to hit? So we can look up what ports you actually need, and your actually trying from outside pfsense right your not trying to nat reflection in??
-
Do not expose a DVR directly to the Internet under any circumstances, unless you like being hacked.
https://isc.sans.edu/forums/diary/The+Short+Life+of+a+Vulnerable+DVR+Connected+to+the+Internet/21543/
Use a VPN. Not port forwards.
-
Perhaps he really wants his cameras to be part of an IoT botnet…
-
thanks for all the replies but KOM all i really need is to be able to view cameras out side of my local network and youstated if my firewall have the correct rules to allow this my question to you is what rules are you speaking about please shed some more light on that
-
and please note as well that my boss wants to be able to connect through his phone using the mobile app
thanks for your help in advance
my Job depends on this
-
So details of your camera's and or nvr your trying to connect to would be helpful - so we can just lookup the details that your not giving.
Security issues aside.. You do understand your boss could vpn in on his phone, then launch the camera app.. Takes all of 2 seconds to do that. I do it all the time when I want to stream something off my plex server.
Port forwards are click click your done - if not working then read the troubleshooting doc to find out what your issue is.
If after you have gone through the guide and validated all your rules are correct and your seeing traffic on your want but pfsense is just not sending it out the lan.. Then lets take a look see.
There are only a couple of things that it can be. Your forward is wrong, wrong IP wrong port wrong interface. Traffic never gets to pfsense to forward. Thing you forward too is not even listening on port your sending to, or has a firewall, or isn't using pfsense as its gateway to be able to send traffic back.
Info in the troubleshooting doc will help you find where your problem is.
-
thanks guys i set up vpn its better all is well you guys saved my Job im in yout debt
