Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
New to OpnSense. Having some Issues.
« previous
next »
Print
Pages: [
1
]
Author
Topic: New to OpnSense. Having some Issues. (Read 1724 times)
dan1021
Newbie
Posts: 4
Karma: 0
New to OpnSense. Having some Issues.
«
on:
January 01, 2022, 08:56:28 pm »
I setup Opnsense today. I am running it on a protecli vault 4 port.
I have 3 networks.
LAN 192.168.1.0/24
VLAN IOT 192.168.4.0/24
VLAN IPCameras 192.168.2.0/24
I am running Blue Iris on LAN. My phone is also connected on LAN. Everything matches on the Unifi side for networks and VLANS. For some reason I am unable to access from my phone UI3 at 192.168.1.246:81
I have no LAN rules set other than the autogenerated rules which means it should be accessible but it is not.
I also have 9 cameras some wifi some ethernet. I have one that is connected over ethernet to a switch that has 2 others connected however this one has the stream dropping for a second or 2 sometimes 5. I have never had an issue with this camera before leading me to believe its a firewall issue. The others have no issues. I have the firewall rule that only port 554 (RTSP) and 80 (ONVIF) can come out of the IPCameras VLAN. I know the camera is not actually dropping offline as I tested it by being in the web UI and if it dropped offline the webui would be inaccessible. I can also see from the logs it is not restarting. My guess is there is something with the firewall filtering gunking up the stream. I read that someone disabled interface scrubbing and it fixed it for them. Under detailed settings I disabled that for IPCameras and it didn't help.
The error in the screenshot suggests it is a port issue as the username and password is correct or else it would not allow the stream in the first place. When I watch the logs live I see nothing out of the ordinary. It is allowing traffic between blue iris and the camera and blocks outgoing wan traffic.
https://imgur.com/a/7yxYhT5
It turns out there is a rule that I can not find anywhere on LAN blocking the traffic between the 2. 192.168.1.24 and 192.168.1.246 for some reason it is being blocked. Similarly the traffic between home assistant and blue iris stopped as well even though it was working an hour ago. Turns out it might have been the RFC1918 rule I saw I should use on youtube. The weirdest thing is that I am not supposed to be able to access blue iris ui3 from IOT and I am able to however on LAN it is blocked I tried to open the source port and destination port in the second screenshot and it the ports kept switching. I tried to just enable on LAN the blue iris server as a source with a destination of any and it still says its being blocked by a default deny rule.
https://imgur.com/a/tz3rFmH
«
Last Edit: January 03, 2022, 11:47:36 am by dan1021
»
Logged
dan1021
Newbie
Posts: 4
Karma: 0
Re: New to OpnSense. Having some Issues.
«
Reply #1 on:
January 02, 2022, 06:03:41 pm »
I figured out the issues with the camera and I had my rules were messed up for IOT -> LAN traffic.
I am certain this issue is caused by something that is truly "default" that I can't find as I tried clicking on the rule Id link and it only works for rules I created meaning it doesn't take me to whichever rule is being invoked. It's bizzare that I was able to access the blue iris server from the IOT Vlan before I fixed the rule but yet on Lan it gets blocked. Obviously all subnet traffic should be allowed by default but that's not what's happening on Lan. I tried creating a rule on lan specifically for the server as a source and it didn't work. I tried creating a floating rule as that's the only area where there's a description of "default deny" and it didn't work there either.
Logged
dan1021
Newbie
Posts: 4
Karma: 0
Re: New to OpnSense. Having some Issues.
«
Reply #2 on:
January 03, 2022, 11:49:12 am »
The issue was the subnet mask on my blue iris server was set incorrectly by me to 255.255.255.255 interestingly when I was using unifi it never blocked it. The subnet should have been 255.255.255.0. It's working now.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
New to OpnSense. Having some Issues.