Push messages from Doorbell/camera not working. Possible NAT problem
-
@yvesict tell you right now your first 2 rules there are wrong order.
Rules are evaluated top down, first rule to trigger wins.. So trying to use pfsense for dns - your first rule there blocks that, your 2nd rule that says hey you can access 53 on vlan net?? never evaluated.
You mean address there most likely. Pfsense has zero to do with devices talking to each other on the same network.. So allowing vlan30 net to talk to vlan30 net would never come into play..
-
@johnpoz you are absolutely right. My mistake. But when i put the allow everything rule first and disable the rest for testing purposes, then this should work or not?
-
Yep, this :
allows everything from your network to go to everywhere.
You could duplicate this pass rule, put it on top, and add as a Source "192.168.1.30".
Like this :
I have no device on LAN 192.168.1.30, so the rule counters will stay at 0/0 as this first rule never matches any traffic.
Then, if 192.168.1.30 (the doorbell) is sending something to somewhere, the counters, these :
will get incremented.
-
@gertjan Not completely sure what i can learn from this? Isn't the fact that i put my doorbell IP there and counters get incremented, because it is sending ARP requests and so on? The fact that it can't get outside local network doesn't seem to change.
-
@yvesict said in Push messages from Doorbell/camera not working. Possible NAT problem:
ARP requests and so on?
Arp would not trigger the firewall rule.
-
@johnpoz But when i package capture everything on VLAN30 i don't see any new info.
-
@yvesict said in Push messages from Doorbell/camera not working. Possible NAT problem:
VLAN30 i don't see any new info.
Well then pfsense isn't seeing anything on vlan 30.. So again, traffic between devices on the same vlan have nothing to do with pfsense. Only traffic sent to pfsense to get off the network would pfsense do anything with. Be it allows it or blocks it.
Yes arp would be seen by pfsense since it is a broadcast, but it wouldn't trigger a rule because its not actually sent to pfsense, and its not trying to have pfsense send it anywhere.
-
@yvesict said in Push messages from Doorbell/camera not working. Possible NAT problem:
on VLAN30
Remember : While testing, your Phone must be on "VLAN30" also.
-
@gertjan even with phone on VLAN 30, no push messages...
-
I propose a last resort test :
Double check that your daily config backup of pfSense is ok.Now, as usuall : reset pfSense to default.
Accept de fault settings, never aver add a setting, like a DNS server (not needed) - just a WAn and a (one) VAN - stay away from VLANs. Nothing fancy - just the "out of the box" settings.
One exception : you are allowed to change the GUI password.Now, phone an the LAN. The 192.168.1.1/24 LAN
Doorbell on the 192.1681.1/24 LAN.
Nothing else has to been do on pfSense - as per Doorbell Quick instructions guide.Btw : Now you have created a pfSense like as any other router/firewall you got from your ISP ... it is and behaves as all the other firewalls on planet earth.
Right now, you could inter change your ISP router with pfSense, and have a working LAN network.
If a device doesn't work right now out of the box, you know it is the device.
Can't make it work => don't waste your time - waste-bin it.Btw : setting pfSense to default isn't fool proof.
Just count those who set up their LAN like this :
and then complain "the DHCP server doesn't work"...... (no pool available).
Or they assign a gateway to the LAN settings ..... (same image).. -
Since your devices are isolated for security reasons, it could be blocking the communication needed for those alerts. You might need to tweak your firewall settings or NAT rules. If the issue persists, it could be worth exploring how systems like Vivint security system handle network segmentation while still delivering reliable push notifications.
