Another Push Notifications GIF Diagnostic

auzzzie

n3wb
Joined
Oct 16, 2020
Messages
18
Reaction score
4
Location
Canada
Does anyone actually have WAN/Off LAN GIF push notifications working on IOS? I'm about 95% convinced it's a code thing at this point after spending 10+ hours diagnosing.

On WiFi findings.
  1. Mobile app LAN set to HTTP blue iris IP or local FQDN, GIF push notifications work and fast
  2. Mobile app LAN set to HTTPS NGINX, which proxies traffic to Blue Iris. GIF push notifications work and fast
On 5G

  1. Mobile app WAN set to HTTP using public IP/FQDN of firewall, 1:1 NAT through firewall direct to Blue Iris. Push notifications work but are slow, no GIF
  2. Mobile app WAN set to HTTP to WAN IP assigned directly to Blue Iris, bypassing Firewall (for testing). Push notifications work but are slow, no GIF
  3. Mobile app WAN set to HTTPS to NGINX which proxies traffic to Blue Iris. Push notifications work but are slow, no GIF
  4. Cloud Zero Zero Trust/Access. Basically, a VPN I can ping the Blue Iris server by private IP. Using private IP in the App WAN. Push notifications work but are slow, no GIF
  5. Tailscale. Another VPN like solution. Again I can reach the Blue Iris server from mobile device with app connected via private IP. Push notifications work but are slow, no GIF

I ran a packet capture on my BlueIris box when my mobile device was on WiFi (working GIF notifications) and I saw the following. Basically what I'd expect, my cell phone doing a GET request against the Blue Iris server to load the notification image.
22-11-22_669.png

Doing the same packet capture with my phone on 5G and triggering an alert, I see nothing like the above.

Like I said, I've convinced it just doesn't work and is a code thing but I'd love to get others input. I would really like the 10 sec GIFs, What really baffles me is how they still don't work with the VPN like solutions, that is essentially on-LAN as far as traffic flow is concerned.
 

auzzzie

n3wb
Joined
Oct 16, 2020
Messages
18
Reaction score
4
Location
Canada
OK I've finally got this working as I see a lot of people post about it, I wanted to post an update.

  1. Push notifications off WiFi will not retrieve GIF/Alert images unless you are using SSL. This can be confirmed in the debug logs, you'll see it failing due to a lack of secure connection.
  2. If you're using a reverse proxy for SSL and not STUNNEL, you might assume as I did not to enable the SSL option on the BI web server tab. That would be wrong. Here are my working settings on the BI side.
    1. 29-11-22_688.png
  3. Internally/on WiFi, as you cannot change the local LAN address and we're not using STUNNEL, make sure HTTPS LAN also is unchecked or you'll have working push images on WAN now but not LAN.
  4. In the BI Mobile App I have no LAN address, just for the WAN.
  5. Externally, nvr.domain.com resolves to my Firewall with 1:1 NAT to NGINX server.
  6. Internally, nvr.domain.com resolves to my NGINX server.
This setup is working perfectly for me for alert images both on wifi and externally. Hope it helps someone else.
 
Top