Push Notifications only include image when connected to WAN not when on LAN (Wifi)

bean1981

n3wb
Joined
Feb 12, 2017
Messages
7
Reaction score
1
I'm loving the push notifications that include the image. It is so useful in IOS to be able to long press it and see whether it is something important or a false alarm. This all works great when I'm out an about...
However, when I am home on my local wifi, the push notifications work but do not include the image! I was hoping one of the gurus on here could help figure out why this would occur. When the notification goes off in the middle of the night I would much rather be able to just look at the notification to see whether it is really a drunk college student/burglar or just an errant dog.
I have looked all over the forum and Google and can't seem to see any reference to this occurrence.... Any help would be much appreciated.
I assume it must have something to do with Apple's push service but just can't quite wrap my head around how it works to troubleshoot any more.
I have tried disabling windows firewall and nothing changed.

Core i7 7700, Windows 10 Pro, current version of blue iris (Version 4.6.9.4) ===> Edge Router

Thanks again for any help or ideas provided.
Jerrod
 

Vettester

Getting comfortable
Joined
Feb 5, 2017
Messages
740
Reaction score
693
I'm not sure what the issue is, but I can confirm that push notifications images are included when I'm on my local WiFi.
 

bean1981

n3wb
Joined
Feb 12, 2017
Messages
7
Reaction score
1
Thank you for the input. I'm glad to know it should work... and at the same worried about the sleep i'm gonna lose figuring this out. LOL
 
Joined
Jan 9, 2018
Messages
2
Reaction score
0
Bean1981, were you able to discover the reason for this? I have just recently enabled push notification and I am experiencing the exact same issue. Notifications come in with a photo on wan but not on my home WiFi. iOS as well.

-Alex
 

bean1981

n3wb
Joined
Feb 12, 2017
Messages
7
Reaction score
1
Hey Alex,
Sorry I wish I had good news.. but I have more or less given up troubleshooting... I've gotten nowhere and tried many different ideas. I'm figuring that the image goes out to Apple's push servers but since the phone has a local IP address it doesn't look to the external server to get the image... but since others have said it does work for them I could be totally wrong.. If I figure anything out I will be sure to post it here as I hope you will as well. Good Luck!
Jerrod
 
Joined
Jan 9, 2018
Messages
2
Reaction score
0
Jerrod,

Appreciate the update, too bad. I had just assumed it was part of the normal operation of the push mechanism. If I find anything out I will also update here.

-Alex
 

J.O.

n3wb
Joined
Apr 21, 2018
Messages
3
Reaction score
4
I have the same issue now. I used to have images with push notifications on my LAN and outside my network so I know I had things configured correctly.

Now I do not get the images on my LAN anymore. The only thing new is that I changed my router to pfSense and thought it was a port issue so I allowed
  • TCP port 5223 to communicate with APNs.
  • TCP port 2195 to send notifications to APNs.
  • TCP port 2196 for the APNs feedback service.
  • TCP port 443 is required during device activation, and afterwards for fallback (on Wi-Fi only) if devices can't reach APNs on port 5223.
But this did not solve my problem. I have sort of given up too but am posting this to see if anyone has other suggestions or ideas.

Thanks,

J
 

bean1981

n3wb
Joined
Feb 12, 2017
Messages
7
Reaction score
1
I feel like it has to be just one simple fix, but cannot figure it out! When I was visiting family recently I tried an almost identical setup to mine except for a basic TP-Link router in place of the ubiquiti gear I use.. and it worked perfectly at their house. It leads me to believe it may be more of a router setting than blue iris...but I'll be darned if I can get anywhere. I'm considering the nuclear troubleshooting option of just purchasing a cheap router and hooking only the BI system and WI-Fi up to see if it works... but then I still won't know how to fix it.. lol Of all this first world problems this is the tops, but I sure wish someone could figure it out!
 

mmmooo

n3wb
Joined
Apr 22, 2018
Messages
2
Reaction score
6
For anyone that still has issues with this, the bottom line is that when push images show up, they do so w/ the external ip for the url to the image. For those on pfsense, you need to turn on nat reflection mode (system->advanced->firewall+nat), set to 'pure nat'. Can't tell you how to fix it on other routing/firewall devices, but basically your goal is to have blue iris accessible inside via the external ip/port. If it is, the image notifications should work. If not, you need to fix your nat to do so.
 

J.O.

n3wb
Joined
Apr 21, 2018
Messages
3
Reaction score
4
Mmmooo,

I can confirm that this did indeed fix the problem. Thanks. In pfSense 2.4.3-RELEASE I also had to check the boxes:


Enable NAT Reflection for 1:1 NAT
Automatic creation of additional NAT redirect rules from within the internal networks.Note: Reflection on 1:1 mappings is only for the inbound component of the 1:1 mappings. This functions the same as the pure NAT mode for port forwards. For more details, refer to the pure NAT mode description above. Individual rules may be configured to override this system setting on a per-rule basis.

And

Enable automatic outbound NAT for Reflection
Automatic create outbound NAT rules that direct traffic back out to the same subnet it originated from.Required for full functionality of the pure NAT mode of NAT Reflection for port forwards or NAT Reflection for 1:1 NAT. Note: This only works for assigned interfaces. Other interfaces require manually creating the outbound NAT rules that direct the reply packets back through the router.

(I checked both after reading about this. I am not sure if both actually need to be checked but since its working, I'm leaving it alone.)

Thanks again for your help!

J
 

mmmooo

n3wb
Joined
Apr 22, 2018
Messages
2
Reaction score
6
Ah yes sorry, you probably need only the 2nd one (outbound nat reflection). that needs to be enabled as well.

Now if I could only get the mobile app to work with chromecast again...it was really so much easier w/o the whole ssl requirement.
 

J.O.

n3wb
Joined
Apr 21, 2018
Messages
3
Reaction score
4
mmmooo: Thanks for that clarification.

Yeah, I gave up on the chromecast too. Hope that gets worked out but my wife is sure happy the pics are back in the notifications so I'm good for a bit!

Bean1981, It appears for ubiquity edge this is called "hairpin NAT"
 

bean1981

n3wb
Joined
Feb 12, 2017
Messages
7
Reaction score
1
Wow Everyone Thank You.... I had it soooo close this whole time.... I had the single port on the edge router that my blue iris/cameras are on selected as the "LAN interface" under port forwarding... I just thought about it after reading MMMooo's synopsis that my wifi APs use two of the other POE ports on the ubiquiti edge router.... so I changed "LAN INTERFACE" from Eth3 to switch0, thus enabling the hairpin NAT on all three ports on the edge router instead of just the one....and voilla' now both my AP's and Switch are all together and we got us some pictures on LAN and WAN.
So to sum it up.. be sure to enable hairpin Nat and make sure that all of the network devices you wish to receive the push images are connected to the LAN interface the hairpin NAT references.
I appreciate all the help from everyone and I hope this can save somebody else a headache down the road. :)
Jerrod
 
Top