IPC-HDW5442TM-AS huge internet traffic

user8963 said:
So you are using a monitoring company which is using dahua p2p?

I think we should stop here :blankstare:
Click to expand...

Right, but it's difficult to provide IP connection with 4G CG-NAT'ed connections, or pay a huge amount to have a public IP or try some solution like VPN ( running customer side as VPN client and not server due to CG-NAT). Unfortunalty for monitoring stations you have to simplify everything as they deal with thousands of customers, and can't have a different solution for each customer. Personally I work with VPN ( L2TP/WireGuard), open ports but filtered by my public IP or SSH tunneling everywhere I need remote access.

Kindest regards
 
pietervos said:
Right, but it's difficult to provide IP connection with 4G CG-NAT'ed connections, or pay a huge amount to have a public IP or try some solution like VPN ( running customer side as VPN client and not server due to CG-NAT). Unfortunalty for monitoring stations you have to simplify everything as they deal with thousands of customers, and can't have a different solution for each customer. Personally I work with VPN ( L2TP/WireGuard), open ports but filtered by my public IP or SSH tunneling everywhere I need remote access.

Kindest regards
Click to expand...

i love people who are selling security services and force their customers into security issues which are dangerous for their whole network and their privacy.

So if you are SELLING something maybe you should LEARN. There are free solutions like tailscale or zerotier for CGNAT connections. Also there are companies like airvpn who provide partnerships and allow port forwarding. Also PAID companies for monitoring mostly use their own vpn service because that is part of their PAID service.

ZeroTier - RouterOS - MikroTik Documentation

help.mikrotik.com help.mikrotik.com

But it is always the same. Call a handyman and you get crappy service and also their crappy monitoring partnership which is using dahua p2p cloud LOL. Just send everything through china alibaba cloud. Free and easy.. just let china watch you and learn. Who cares :banghead: I hope you told your customers what you did.
 
Last edited:
  • Like
Reactions: sebastiantombs
user8963 said:
i love people who are selling security services and force their customers into security issues which are dangerous for their whole network and their privacy.
...
Click to expand...

Hi user8963

I completly agree with your opinion, and I share the same facts. Most of the customers I setup ( i work more in telecom than cctv market) have firewall, setup vpn, avoid p2p etc, but sometimes you have to make an exception as this case, a new building site with a 4G router: NVR and 4 camaras and nothing more, and the only option that works between monitoring company and customer is P2P. We are already looking that they implement a ZeroTier for this kind of customers with the monitoring company.

I have setup ZeroTier / WireGuard and other actual systems with many customers and I recomend this, as also disabling P2P wherever it's possible. As a recomendation, what I do also at many sites is setup a mikroitk and build a separe network for cctv/security and setup the mikrotik to access only the IP from the router and disable access to any other network equipment.


Yesterday I keept looking at the issue of the huge trafic, and I discovered that having SmartPSS open, without viewig anything, one of the sites started to generate +15mb/s trafic to my public IP, so i guess there is some bug that causes this high trafic without opening any camera. I close smartpss and trafic stops inmediatly. This happens only at another side with a NVR4216-I. I checked at two more sites with other series (XVR. NVR52xx ) and the are no issues.

Kindest regards
 
  • Wow
Reactions: sebastiantombs
telessdwrksn said:
I can block internet trafic from the camera on the router side but how I will be able to connect to it using SmartPss in this case?
Click to expand...

Well the case is that the traffic gets due some bug with autorized clients. If you block it you won't connect to view the cameras. The best solution, as commented by other users, is to work with VPN and connect directly to the IP.
 
You must log in or register to reply here.
Top Bottom