Protected VLAN and alerts

R

river5

n3wb
Sep 12, 2018
2
0
United States
I have a dahua nvr and starlight cameras. I have isolated the nvr and cameras inside a VLAN and blocked outgoing traffic with firewalls.

I have allowed access into the VLAN from a desktop on my main network.

Everything works great but I’m not able to receive any alerts or notifications due to the firewall rules.

Is there any safe way to be able to receive monitoring alerts in this network scenario? Wondering what other people are doing.

I am using UniFi switches and a peplink router, by the way.
 
river5 said:
I have a dahua nvr and starlight cameras. I have isolated the nvr and cameras inside a VLAN and blocked outgoing traffic with firewalls.

I have allowed access into the VLAN from a desktop on my main network.

Everything works great but I’m not able to receive any alerts or notifications due to the firewall rules.

Is there any safe way to be able to receive monitoring alerts in this network scenario? Wondering what other people are doing.

I am using UniFi switches and a peplink router, by the way.
Click to expand...

I'm also ubiquity material, and have a similar setup with vlans. If you want "push notifications" to work (eg iDMSS), you only need to open OUTBOUND port 2195 TCP.

Hope this helps!
CC
 
river5 said:
oh ok, that's simple. i'll test that out.

do you restrict it by ip address for safety?
Click to expand...

I don't do that, because I see alternating IP addresses (I guess some kind of load balancing). But you can probably "record" for a few days, and then whitelist those, but you know Murphy: once you nééd that particular push message, you won't get it :p iDMSS/gDMSS is known to be a tricky application anyhow.

Good luck!
CC
 
So do you setup a VPN server on your router to access your cameras from your mobile phone on the go?
 
civic17 said:
So do you setup a VPN server on your router to access your cameras from your mobile phone on the go?
Click to expand...

If your router supports it, that's the "easiest" way (eg on Asus with Rmerlin firmware, no issues and really straightforward). And this will suit 90% of the users here. But you can deploy Open VPN server almost everywhere (on a raspberry pi, (linux)pc, laptop, .. ). As long as you can connect from the WAN to the OpenVPN port on the server, you're fine. But if you deploy outside your router, you might have to configure (additional) routing rules which is not that straightforwarded anymore.

Hope this helps!
CC
 
You must log in or register to reply here.
Top Bottom