Dahua Remote Access

mosesman831

mosesman831

n3wb
Dec 15, 2022
28
4
United Kingdom
I have just installed a new OPNsense firewall at home and I have put the nvr and all the cameras behind a VLAN that blocks all access to the outside world. I would like to access the NVR on the DMSS app without manually going to tailscale or wireguard and enabling the VPN. Are there any other methods that can achieve this except port forwarding?
I was using P2P before which was so simple and fast.
 
mosesman831 said:
I have just installed a new OPNsense firewall at home and I have put the nvr and all the cameras behind a VLAN that blocks all access to the outside world. I would like to access the NVR on the DMSS app without manually going to tailscale or wireguard and enabling the VPN. Are there any other methods that can achieve this except port forwarding?
I was using P2P before which was so simple and fast.
Click to expand...

If you're blocking All access to the Interwebs, VPN is your only choice.

If its a PoE NVR, a VLAN is a waste and unnecessary as the PoE switch in the NVR acts like a VLAN. Then you could use P2P

You could try P2P the way you have it (use the NVR serial number in Manual Add mode on DMSS) , I don't know if it will poke a hole or not?
 
I have seen posts here before that mentions vulnerabilities of P2P, and port forwarding is too dangerous, and vpn is too annoying to start every time…

I have a POR nvr but I use a POE switch as I can access the cameras directly.
 
mosesman831 said:
I need notifications, it wouldn’t work then right?
Click to expand...

As mentioned WireGuard works well. I use it sometimes to login to a camera behind the NVR Poe switch.

Nothing wrong with current Dahua P2P. Just as secure. Video does not stream over a 3rd party server. It’s your phone directly connected to your NVR.

Remotely with vpn enabled notifications would work same as at home.
 
  • Like
Reactions: flynreelow
bigredfish said:
As mentioned WireGuard works well. I use it sometimes to login to a camera behind the NVR Poe switch.

Nothing wrong with current Dahua P2P. Just as secure. Video does not stream over a 3rd party server. It’s your phone directly connected to your NVR.

Remotely with vpn enabled notifications would work same as at home.
Click to expand...
i thought Dahua P2P was always frowned upon and unsafe?

has something changed?
 
flynreelow said:
i thought Dahua P2P was always frowned upon and unsafe?

has something changed?
Click to expand...
I think so, for 2 things. One that Dahua has trended to be more security consious, and the other is the realization that P2P in itself isn't inherently insecure, but instead dependent on the implementation.
 
  • Like
Reactions: flynreelow and bigredfish
flynreelow said:
i thought Dahua P2P was always frowned upon and unsafe?

has something changed?
Click to expand...

They had a security issue with their discovery/P2P servers as well as how SmartPSS sent unsecure data back and forth to them.

That was resolved in Aug '24 by AWS demanding they use AWS infrastructure and killing off SmartPSS

I watch it pretty darn close via a firewall and the only data that leaves is to ping the AWS P2P server to find out where the remote access device is.
pretty much exactly how Wireguard/Tailscale works
 
Last edited:
  • Like
Reactions: quiet.tea and flynreelow
bigredfish said:
They had a security issue with their discovery/P2P servers as well as how SmartPSS sent unsecure data back and forth to them.

That was resolved in Aug '24 by AWS demanding they use AMS infrastructure and killing off SmartPSS

I watch it pretty darn close via a firewall and the only data that leaves is to ping the AWS P2P server to find out where the remote access device is.
pretty much exactly how Wireguard/Tailscale works
Click to expand...


this is great to hear.

appreciate it.
 
You must log in or register to reply here.
Top Bottom