Network Firewall Rules for Dahua Remote Access

davidbann

davidbann

n3wb
Nov 8, 2025
2
0
South Africa
Hi all,

I am busy securing my camera network. I have put my NVR, cameras, VTO and VTH on their own VLAN without internet access.

I have managed to get them all working on the local network, but now I want to get the DMSS app to work remotely so that I can view the cameras remotely, and so that the VTO can ring my mobile when someone's at the gate.

Please let me know what firewall rules I need to create to allow this.

The only thing I have done is create a rule to allow outbound NTP (UDP port 123).

Here are some outgoing connections being blocked - I'm not sure if I should just open each of these ports, or if I need to be more careful which I open?
Destination
www.easy4ipcloud.com UDP 8800
devaccess.easy4ipcloud.com TCP 443, 8683, 9898, 10000, 10080, 28080, 33702, 48800
47.254.176.103 TCP 15301
148.153.240.150 UDP 8800
47.253.194.71 TCP 443
47.253.198.49 TCP 12337

Thanks
David
 
Ok I've been monitoring the logs and there are so many ports that are being blocked, and of course when I try to access from outside the network, then it blocks my mobile as well. What is the best approach to this? I'm running a Unifi setup. I could use WiFiman to create a VPN connection from my mobile to the UCG-Ultra so that I can view video feed, if that is the better approach. Just adds an extra step when I want to view the feed... But either way I need to be able to get calls from the gate station when someone rings the intercom, even if I am not on the VPN.
 
Try just allowing easy4ipcloud.com and push.messagepush.org

May also need to allow the discovery server, mine uses 165.154.178.105

I’m not a network guy but that’s what I see in my firewall logs
 
  • Like
Reactions: looney2ns
davidbann said:
Hi all,

I am busy securing my camera network. I have put my NVR, cameras, VTO and VTH on their own VLAN without internet access.

I have managed to get them all working on the local network, but now I want to get the DMSS app to work remotely so that I can view the cameras remotely, and so that the VTO can ring my mobile when someone's at the gate.

Please let me know what firewall rules I need to create to allow this.

The only thing I have done is create a rule to allow outbound NTP (UDP port 123).

Here are some outgoing connections being blocked - I'm not sure if I should just open each of these ports, or if I need to be more careful which I open?
Destination
www.easy4ipcloud.com UDP 8800
devaccess.easy4ipcloud.com TCP 443, 8683, 9898, 10000, 10080, 28080, 33702, 48800
47.254.176.103 TCP 15301
148.153.240.150 UDP 8800
47.253.194.71 TCP 443
47.253.198.49 TCP 12337

Thanks
David circular hat hang tags
Click to expand...
When setting up network firewall rules for Dahua remote access, it’s essential to configure permissions that allow secure communication between the Dahua device and external clients.
 
You must log in or register to reply here.
Top Bottom