Dahua Camera DNS

You can block access to the WAN directly with the AC68. On the router's network map screen that comes up first by default, click on the circle-button looking thing above where it says clients with a number. That will display a list of connected clients in the column to the right. Click on the entry for the cam. On the screen that comes up there's a button to toggle access to the Internet on/off. As above, that will limit access to the cam directly from outside your net (at least without some more complicated changes to iptables directly). You also can point the gateway on the cam to itself so I doesn't know where to go to get out anywhere and that will avoid cluttering up your router logs with those entries. Again, that may affect some things depending on how you're set up.

Don't know how to thank you, Mike...but you've made my day! :)

I have the AX86U and since it's also an ASUS I just followed your instructions and...VOILA...the WAN door is shut! All four of my cams are now in the slammer. :clap:

Shall I block the NVR too?
 
Depends how you use it. If you're not accessing the NVR remotely, then you should be able to without any problems.

If you're accessing the NVR remotely via some direct connection to your network (port forward, your own VPN server inside your network) then it likely will block that.
 
  • Like
Reactions: Tic and bigredfish
@Tic Since you are using a Asus router you could install the lastest Merlin firmware ( if you not already did?). This has the extra option to run a local NTP server on your Asus router , so you can configure your own local NTP server in your NVR.
When enable the option "CAM Time Sync" in NVR , the time of all cams will be synchronised with your NVR.
In case you make use of DMSS, you can block all outgoing ports (Firewall - Network Services Filter in Asus router) , except for port 443 ( android) and/or 8888 (IOS) so you still can receive the notification messages. ( For this I assume you make use the VPN server option in the Asus router , so you connect securely via a open-vpn from your phone to your NVR.)
 
Last edited:
  • Like
Reactions: Tic and bigredfish
@Tic Since you are using a Asus router you could install the lastest Merlin firmware ( if you not already did?). This has the extra option to run a local NTP server on your Asus router , so you can configure your own local NTP server in your NVR.
When enable the option "CAM Time Sync" in NVR , the time of all cams will be synchronised with your NVR.
In case you make use of DMSS, you can block all outgoing ports (Firewall - Network Services Filter in Asus router) , except for port 443 ( android) and/or 8888 (IOS) so you still can receive the notification messages. ( For this I assume you make use the VPN server option in the Asus router , so you connect securely via a open-vpn from your phone to your NVR.)

Will give that a heavy thought. Have read about Merlin a few years back but was a little too iffy about doing the jump. I need time and mental strength to muster up the will to do it since this is a new thing for me.

Right now NVR's on time.windows.com and "CAM Time Sync" checked so I can't isolate it for the time being. Yes, I do remote access via OpenVPN from my phone. But your suggestion of having an internal NTP server is very tempting -- thank you for bringing that up. :thumb: