Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Headaches with Ring video doorbell and pfSense

    General pfSense Questions
    4
    5
    940
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Strahan
      last edited by

      Hello. A few months ago I bought a Ring video doorbell. The way you set these up is you answer some questions about the setup, tell it yes the light is spinning, it then connects your phone to the Ring's wifi, then you choose the SSID to connect the Ring to in your home, then it connects and you're good.

      My experience though is after the choose SSID step, it sits there for a long time then bounces back to the screen where it wants to connect the phone to the Ring wifi. I was on with their support for hours trying to get it working. What ultimately worked for me was my sister turned her phone's mobile hotspot on, I joined the Ring to that then went into device health, change wifi network and chose my internal and it worked. The Ring was up and fully functional on my internal wifi.

      Fast forward to two days ago and I buy a second for the back door. Same exact problem, but this time I don't have a sister handy to make a hotspot for me. I felt like an idiot because the guy was trying to blame my network and I pushed back, pointing out my Ring upstairs works as does the plethora of other devices on wifi. However it ultimately came down to pfSense after all.

      This is my setup: internet connection via Comcast comes into a Cisco cable modem. All functionality as far as wifi/dhcp/etc is disabled on it, it just bridges from Comcast to a Netgate SG-3100 pfSense appliance WAN port. Its LAN port goes to a Netgear GS324TP managed switch (which I just bought and have not as yet configured anything, so essentially a "dumb" switch). A line from that runs across the house to a Netgear Orbi wifi, set in access point mode with all frills disabled. The Ring attempts to connect to that.

      What I did to troubleshoot was run another line from the cable modem to a spare Netgear WNR2000 access point. Factory reset it, logged in and configured one of my Comcast static IPs on it. Tested from my laptop to ensure it was properly working, then tried to join the Ring to that. Worked perfectly. Figured OK, maybe it's the GS324TP so I ran the cable line to the GS and ran a line from the GS to the WNR's WAN port. Laptop still able to surf the net, so I tried Ring again. Worked perfectly. So then I removed the cable modem's special line and changed the WNR to use DHCP. It got an address from my LAN DHCP as though it was just another PC, thus using pfSense for gateway. Laptop still able to surf, but now the Ring won't connect. Same exact behavior, so it's not the Orbi either. Gotta be pfSense at this point.

      Just to be sure, I added all the crazy amount of ports they recommend (though I imagine they are talking outbound not inbound but did it anyway just to be sure. Set them for TCP/UDP any/any, totally throwing the legs open heh. Figured it was just for testing for a few mins, what the hey. Alas, still doesn't work.

      Does anyone have any clue what may be the issue? I saw several Ring threads, but most of them are about problems with actual functionality, not problems just joining the !@##$%^ thing to your account.

      Thanks!

      KOMK 1 Reply Last reply Reply Quote 0
      • KOMK
        KOM @Strahan
        last edited by

        @strahan Are you running any packages such as pfBlocker? To diagnose connectivity issues, check the firewall log to see if it's blocking anything from the Ring. Lastly you can do a packet capture on the Ring's IP address and see what's going on. If you aren't handy with Wireshark then we can help you read the caps. I'm wondering if the Ring behaves like a game console on the network and static ports are needed. pfSense uses dynamic ports by default and this causes NAT issues with PS and Xbox. I could be totally off here but I'm not sure what else if you aren't blocking any of its cloud servers via pfBlocker and you don't have a locked-down LAN.

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Things that pfSense does differently to generic SOHO devices:

          UPnP is disabled by default.

          pfSense randomises the source port used by NAT'd connections leaving the WAN.

          I would really hope your door bell is not opening a bunch of inbound ports. But IoT so.....
          And any half decent cloud service would have no problem with random source ports.

          But those are the first things I would check.

          Steve

          S 1 Reply Last reply Reply Quote 0
          • S
            Strahan @stephenw10
            last edited by

            No, not running any special packages aside from what's "out of the box". Thanks for the tips guys, I'll give that a shot!

            1 Reply Last reply Reply Quote 0
            • B
              bartkowski
              last edited by bartkowski

              I previously setup 3 ring devices with pfSense without any issues. Now, I have two behind it since I moved. You need to rule out that a firewall rule on PF isn't blocking it. I never setup any special ports for Ring devices, but I'm also not restricting outbound traffic - are you?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.