Can't access Blue Iris from local network

Discussion in 'Networking' started by pburgh, Aug 10, 2019.

Share This Page

  1. pburgh

    pburgh Young grasshopper

    Joined:
    Aug 1, 2016
    Messages:
    64
    Likes Received:
    2
    EDIT: This sums it up pretty nicely --> Cannot access LAN with WAN address from within my LAN

    Thanks for the feedback, everyone.

    Original Post:

    I'm pulling my hair out over this one...

    I've got a Windows 10 (build 1903) machine running the latest Blue Iris (v5.x) sitting behind a Wave 2 router provided by Spectrum. From the local LAN/WLAN, I can access the BI system via iOS app and browser, but I cannot access it using the WAN IP:8080. When I'm off-site, I can successfully access the system through the iOS app and browser using the WAN IP:8080. This tells me the port forward for 8080 is working, right? Note: I was not able to test from LTE while on-site because the cell reception was not sufficient.

    Why would attempts to access the remote address from the local network result in the connection being refused? I feel like I've encountered this before but my old brain can't remember what the fix is/was.

    Note: I have the same issue connecting to RDP while on the local WLAN/LAN using the remote address.

    Thanks!
     
    Last edited: Aug 10, 2019
  2. IAmATeaf

    IAmATeaf Getting comfortable

    Joined:
    Jan 13, 2019
    Messages:
    662
    Likes Received:
    315
    Location:
    United Kingdom
    To access the BI server locally you would use the local IP address and not the WAN IP.

    I for example use UI3 or RDP onto the BI box using the local LAN IP address but when away from home use a dns address that resolves to my WAN address.
     
  3. pburgh

    pburgh Young grasshopper

    Joined:
    Aug 1, 2016
    Messages:
    64
    Likes Received:
    2
    I understand that. I prefer to configure the iOS app to only use the WAN address.

    I still should be able to hit the remote address from the local network. I can do it all my other networks (including the one I'm on right now).
     
  4. IAmATeaf

    IAmATeaf Getting comfortable

    Joined:
    Jan 13, 2019
    Messages:
    662
    Likes Received:
    315
    Location:
    United Kingdom
    No idea to be honest, trying to access a local device by first going outside via the device that has the WAN address allocated on a home network just makes no sense. Plus the IOS app automatically switches between the LAN and WAN addresses without user intervention once setup.
     
  5. pburgh

    pburgh Young grasshopper

    Joined:
    Aug 1, 2016
    Messages:
    64
    Likes Received:
    2
    Agreed that it is ideal to access local resources using local addresses... the overall connectivity issue is bugging me though. :)

    FWIW - An example of why I might only use the WAN address in Blue Iris: If the client is on the local network via WiFi, but the signal is so poor that the BlueIris app works better over LTE.
     
  6. mikeynags

    mikeynags Pulling my weight

    Joined:
    Mar 14, 2017
    Messages:
    182
    Likes Received:
    112
    Location:
    CT - the tax you to death state
    I use the iOS app on my iPhone and I configure both the LAN IP and the WAN address. When I am on my local LAN, it connects fine. When coming in over the Internet, it still works fine. I don't have to change anything, weaks spots on my wifi network (like on the other end of my property) auto-switch over to LTE and it works fine.

    What you want to do is probably not doable with the router you have. What you need to have is a router/firewall that supports U-turn network address translation (NAT) which would allow you to only specify the WAN address and use that alone. I actually do have that configured on my Palo Alto firewall but I am assuming you don't want to spend that much money for a firewall. There may be other firewall or router alternatives out there that you can research that support u-turn NAT that would get you what you want.
     
    fenderman likes this.
  7. pburgh

    pburgh Young grasshopper

    Joined:
    Aug 1, 2016
    Messages:
    64
    Likes Received:
    2
    Ok, thank you for the input.

    I'm on my home network right now (not the system in my first post). I'm using an R7000 running Adv Tomato with no special configuration other than port forwarding. I am able to hit my WAN IP and get my BlueIris UI3 login screen. Is that not the same type of situation you're describing at "u-turn"?
     
  8. IAmATeaf

    IAmATeaf Getting comfortable

    Joined:
    Jan 13, 2019
    Messages:
    662
    Likes Received:
    315
    Location:
    United Kingdom
    Just let the app handle this. For me it does this seamlessly. So for example I can be at home and use the app, if I then go out with the app still running it switches without doing anything.
     
    mikeynags likes this.
  9. mikeynags

    mikeynags Pulling my weight

    Joined:
    Mar 14, 2017
    Messages:
    182
    Likes Received:
    112
    Location:
    CT - the tax you to death state
    If you are on the LAN and can hit UI3 using the WAN IP and port, it does sound like it is supporting the U-turn somehow. I'm not too familiar with the inner workings of Tomato moreso than Palo Alto.
     
  10. mikeynags

    mikeynags Pulling my weight

    Joined:
    Mar 14, 2017
    Messages:
    182
    Likes Received:
    112
    Location:
    CT - the tax you to death state
    I agree - it's built in to the app to just work this way and it does so very well in my opinion.