Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Connect my NVR device to noip endpoint
« previous
next »
Print
Pages: [
1
]
Author
Topic: Connect my NVR device to noip endpoint (Read 116 times)
dev4openid
Newbie
Posts: 17
Karma: 0
Connect my NVR device to noip endpoint
«
on:
September 20, 2024, 09:23:29 pm »
Hi all,
Warning! Non-expert here!
BTW I am using 24.7_1
I think I have configured the Noip end correctly. It reflects my WAN ISP DHCP address so I like to believe it is right.
Not sure how to test it?
Also, I am experimenting, so I am using a free account. If this works, I will get a paid for account.
The way I see it, is that the DNS endpoint provided by Noip could be accessed by http//:XXXX.ddns.net. I do not have a cert yet, so it would be HTTP:// [Note: I would be using a proper domain reg. and add to noip, as per the service provided]
To get to the device (NVR) I need to define the mapping from the the the firewall to the device - thus a connection is made between the device and the firewall, and then it should be automatic to connect to the endpoint.
The result being that I will be able to, via a browser, connect to the device and log in.
Assuming the device is on 192.168.40.1 (and OPNSense is 192.168.1.1) I am looking for advice as to where to provide the routing. I am going to assume a firewall rule?
In the LAN pool?
Bidirectional I figure, as the device needs to validate itself ti the DDNS and secondly, allow for when I attempt to connect via http//:XXXX.ddns.net
Any guidance appreciated.
I found
https://www.youtube.com/watch?v=i546YF91dHk
to be somewhat useful but incomplete for 24.7_1
I found this guide (
https://www.cctvcameraworld.com/port-forwarding-for-dvr-and-nvr/
) and have enabled ports 80, 554, 37777 and 37778 but it still does not come through.
I have asked NVR manufacturer support for port recommendations to confirm these.
«
Last Edit: September 20, 2024, 10:34:50 pm by dev4openid
»
Logged
dseven
Full Member
Posts: 113
Karma: 15
Re: Connect my NVR device to noip endpoint
«
Reply #1 on:
September 20, 2024, 10:44:11 pm »
There are a few different approaches here:
1) Use port-forwarding to expose your NVR to the internet - probably not recommended, since the NVR security may not be "internet grade"
2) Use a reverse-proxy, such as Caddy - provides somewhat better security, and authentication options
3) Setup a VPN server on OPNsense, probably WireGuard, which you can connect to with your own clients when away from home, and access anything on your LAN
Assuming NVR access is just for your own use, and you're not trying to make it available to the public, I'd lean towards option (3)
Logged
dev4openid
Newbie
Posts: 17
Karma: 0
Re: Connect my NVR device to noip endpoint
«
Reply #2 on:
September 20, 2024, 10:51:55 pm »
@dseven Thanks for the input.
Option 3 looks good. My only concern is that I am not sure that the clients that are to connect will support wireguard.
Do you have any experience in that regard?
Logged
dseven
Full Member
Posts: 113
Karma: 15
Re: Connect my NVR device to noip endpoint
«
Reply #3 on:
Today
at 10:20:57 am »
I only have experience with my Android phone as a client - it's been working very well for me. I believe all of the major platforms are supported ...
https://www.wireguard.com/install/
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Connect my NVR device to noip endpoint