DVR work from outside, doesn't from inside.
-
Hi people, I'am testing pfsense. I do a fresh installation on a Core2Duo whit 2Gb ram, 160Gb HD.
Dinamic IP –---------------> pfsense -> LAN and DVR
(camera.dyndns.org)Well, All work great at first.
I add de NAT rule and the dvr work from ouside but it doesn't from Inside.
If I configure the android software and change de DynDns name to the internal dvr IP it's work fine to.I read this
https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense
https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks
https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting
(I have 2 DVR, DNS split is not posible).But It doesn't work.
It's some extrange the problem, I think tha I have similar problem of this guy.https://forum.pfsense.org/index.php?topic=126930.0
ThankYou!!
-
So just setup a host override for your camera.dyndns.org to point to your internal IP..
That anyone opens this up to the public internet is just beyond crazy to me.. If you want to view your camers/dvr whatever while you away you should vpn in.. Guess you don't read the news about how there was like 200k+ IP camera's that can be easy hacked.. And like thousands of models open to it, etc..
Opening up any sort of anything to the public internet is not really a good idea.. And then to do that to some iot sort of device with like zero security is just asking to join a botnet..
-
Yep, For now I don't care if someone see the cameras. I only want that they work :(
Good news!! After a cup of hours the DVR stop working, I have to reboot the PFsense to keep saw the cameras :(Note: I like to know how can I do a more security DVR-Internet system by a VPN and Android.
It has to be a easy and transparent way, because My 3 boss are old people, the don't want to do anythink.
Just click and seeThank for help
-
"For now I don't care if someone see the cameras."
Its not that they can see the video.. Its that they can take control of the device and use it to access the rest of your network and or have the device attack other devices..
Its something you really should be concerned with.. if your users can click an icon on their phones - they can be setup to vpn into your network and be secure.
https://threatpost.com/hundreds-of-thousands-of-vulnerable-ip-cameras-easy-target-for-botnet-researcher-says/124192/
https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html#backdoor-account"It affects 1250+ camera models."