Setting up a CCTV system on the network that can be accessed by a mobile app. Manufacturer states certain ports must be opened to allow the mobile app to speak with the local server on the NVR. Tried setting up a policy allowing this through those ports but the mobile app still won't connect and I spoke with TAC who said I probably have to have a static IP for the policies to stay up. He helped me set up a Virtual IP. This is for a home network and the ISP won't provide a static IP for a residential set up. Actually the ISP seems to stay static for a while so I wouldn't mind too much just changing it on the policies if the IP changes but I can't even get it to connect with the current one - that's probably a separate issue. Puzzling because I had almost an identical set up with my old system and it seemed to work fine with the mobile app speaking to the NVR. A Ring system with an alarm base station and wifi cams also seems to work fine with the mobile app receiving alerts and notifications as well as live streaming from the cameras when I am out of the local network and on cellular. CCTV support cannot provide guidance on my firewall - 60F.
Hi @JasonX ,
Can you please provide the configuration of VIP and ports that need to be open for Cameras through the mobile application?
Also, need to verify the NAT is enabled on the policy or not?
If Nat is disabled, please run the following command to verify whether the traffic is allowed or not
di de reset
di de flow filter addr x.x.x.x (x is the public IP of the test user or mobile user)
di de flow trace start 99999
di de en
Also, requires running packet capture on the server end.
Thank you.
Hi @JasonX ,
We need to clarify some information:
1) "the local server on the NVR"
What is the IP to access it? A public one or a private one?
2) Does that local server know how to reply to the user accessing it?
I mean, what is the default gateway on the local server? Does it point to FortiGate? Can we access the local server using a public IP?
3) We need the configuration of the virtual servers and/or the open ports you configured on your FortiGate.
Once you provide the above information, I can provide further steps for you.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.