Accessing camera that is behind Pfsense firewall and DSL Router
I am new at using PFsense.
I am trying to access a security camera from the internet but I am having problems. Unfortunately, the camera is behind a pfsense firewall and DSL router. I will attach a picture.
I have done a lot of searching, and some suggestions were to put the DSL router in the DMZ zone. If this is correct, what are the procedures to make this happen? Would I put 192.168.1.100 into the DMZ?
If not, how would I port forward to access the camera?
If you need more information, please let me know.
Thanks and blessings, Steve
![Access camera.jpg](/public/imported_attachments/1/Access camera.jpg)
![Access camera.jpg_thumb](/public/imported_attachments/1/Access camera.jpg_thumb)
you can either bridge your internet connection from dsl-box(meaning that public ip is coming all the way to pfsense) or do double port forward
Double port forward isn't preferred solution but can be done, if your dls-box supports portforward.
Thanks. Yes, I tried the double port forward but it did not seem to work. I like the idea of bridging the DSL connection. Sorry about my lack of expertise, but how would I go about bridging the DSL connection? Would I just need to change the DSL connection ip address that is presently 192.168.1.100 to the an address like 192.168.2.100, and the actually DSL router to 192.168.2.99?
Thanks again, Steve
It depends your dsl box, i can't tell you what to do. Because i don't know your box
The ADSL box is a ZTE831. It really does not give any options to bridge a connection that I can see. It seems very basic. The only thing that it does give is the option to "Configure the second IP Address and Subnet Mask for LAN interface".
Would I be able to bridge the connection by configuring a second IP Address to integrate into the Pfsense IP configuration?
I appreciate your time to help. Blessings, Steve
I'm sorry, i'm not familiar with your box. I highly doubt that second ip does any good.
What if you change your dsl box that it's portforwarding everything by default to pfsense ip. And in pfsense you portforward what ever you need.
Something what you can try also is that is your ISP blocking server ports from your connection. So do a portforward rule that you connect like 32000 port and it's turned to your camera listen port like 80
you.rpu.bli.cip:32000 -> 192.168.1.100:80
hackin8 last edited by
ZTE (http://wwwen.zte.com.cn/en/) no longer make or support that model - but a quick search on the web shows it to be capable of bridging. There are apparently two different versions of this box - but both default to bridging.
I would suggest you research this and try to set it up as a bridged connection - this is really the best first step to resolving your problems. I don't have any experience with that box - but there seem to be several sites that give details on how to set it up in bridged mode.
craigduff last edited by
I certainly agree with the bridging of the connection, 100% recommended. But you can do as you said put it into a DMZ. So on the DSL router you would put the NATed ip of the PFSense WAN address into the DMZ zone of the DSL router. Then all traffic will go to that IP. Then open up the ports of Pfsense.. That should work, but its not great!
Thank you so much for all your recommendations. I will give them a try. Presently, I just discovered that when connected directly to the ADSL router, and I open a port to simply look at the router, or telnet into it from a remote location, it will not give me access. I can access it from an internal address, but not external. I have tried to remote desktop a computer by opening port 3389 and it is not working.
Not sure if the provider gave me a bad router, or if they are prohibiting people from opening ports. Frustrating!!!!
I will keep plugging away and I am very open to any suggestions. Thanks everyone! God bless.
I was able to get it to work. I purchased another DSL router (D-link). I did not set it up it using bridge, however, I am using the double port forwarding. It is working well and I really appreciate everyone's input and help. Thanks and blessings, Steve