Only able to connect locally through PfSense firewall/router

H

humdumdumdumdum

n3wb
Oct 15, 2016
21
0
I'm having trouble with remote connecting through the Blue Iris app - I'm only able to connect locally on my LAN.

On my PfSense router, I have a NAT port forward from 64xxx to 81 on the LAN IP (both WAN and server have static IPs) and no ports are blocked as I'm on a business internet connection.

I set the protocol to TCP/UDP which I assume is correct and I have other ports (for other web servers) mapped to other LAN machines successfully.

Any ideas if I'm missing something? Does the BI server need to know what my external port is? The wizard doesn't let me set or test that, though canyouseeme.org does say that the service is available on that port, so I'm not sure what I'm missing...

Maybe I'm missing something on the app? Do I need two separate Servers set for WAN vs LAN connecting?
 
you need to type in your external ip and port number....you only need to forward a single port...try a higher port number like 8585.
 
fenderman said:
you need to type in your external ip and port number....you only need to forward a single port...try a higher port number like 8585.
Click to expand...


I'm putting in my external IP : Port, like 1.2.3.4:64589 (which is actually the port I'm using).

What protocol does it work on? Does the android app try the LAN info and then fail over to the WAN info?
 
Last edited:
Ok, nevermind - I had fat fingered the IP address... :) works now.

But to answer my own questions - protocol of TCP/UDP work, and it looks like the android app will indeed use LAN settings, and then fail over to WAN settings.
 
Last edited:
Since you are using PFsense as your firewall/router, I strongly urge you to look into using OpenVPN rather than an inbound NAT. It is built-in and will provide much more security than the BI app will. You are essentially entrusting the security of your whole network and any device attached to it to Blue Iris and how secure their code is. If you have the forethought to run PFsense, do yourself a favor and check it out. If you have any questions about how to do it, I can help point you in the right direction.
 
rotorwash said:
Since you are using PFsense as your firewall/router, I strongly urge you to look into using OpenVPN rather than an inbound NAT. It is built-in and will provide much more security than the BI app will. You are essentially entrusting the security of your whole network and any device attached to it to Blue Iris and how secure their code is. If you have the forethought to run PFsense, do yourself a favor and check it out. If you have any questions about how to do it, I can help point you in the right direction.
Click to expand...


That is a very asstute observation and I was thinking the exact same thing. I run a webserver behind the firewall which is on a separate VLAN, but yes, I'm not super comfortable with an open port for video. I'm clueless on VPN though. I didn't think that would be an option for the Blue Iris Android app... Is it?
 
humdumdumdumdum said:
That is a very asstute observation and I was thinking the exact same thing. I run a webserver behind the firewall which is on a separate VLAN, but yes, I'm not super comfortable with an open port for video. I'm clueless on VPN though. I didn't think that would be an option for the Blue Iris Android app... Is it?
Click to expand...
vpn works with every app, its not dependent on the app at all..read up on it, there is a thread by nayr that provides an overview.
 
Your android phone would run the openvpn app in addition to the BI app. You run the openvpn app, connect, then run the BI app. As far as the BI app is concerned, you are connected to the LAN. The VPN software on your phone tunnels the BI communication into your network through the firewall.
 
You must log in or register to reply here.
Top Bottom