Product Roadmap: What's Coming Next
How ColorX Technology Turn Night into Day
Reolink App v4.41 Released
@joseph_1979 Thanks Joseph. I suppose blocking access from a different subnet is a security feature, but it would be nice if I could configure this to my liking as an end user. In any case, I've read about the proposed solution in other discussions elsewhere as well, however, I'm not entirely sure how to accomplish this in OPNSense. I have tried using Outbound NAT rules but either I'm doing something wrong or this is not how I should do this. I suppose this is out of scope for this forum, but if you could point me in the right direction I'd appreciate it!
@crimp-on_62210811129 As per what Joseph posted above, the issue appears to be that Reolink cameras, by design, do not accept connections from devices in a different subnet. I would not want to create any rules that allow traffic from the IOT VLAN to the MAIN VLAN, as that would negate the benefit of segregating these devices by VLANs in the first place. I am able to connect to other non-Reolink devices I have in the IOT VLAN with just 1 firewall rule allowing traffic from MAIN to IOT.The TrackMix camera I have does have a web server indeed, but I also cannot connect to it across VLANs, pinging it seems is the only thing I can do.
In my home network, I have setup VLANs to segregate cameras from the main subnet (MAIN and CAM VLANs). My router runs OPNSense. I have successfully configured the two VLANS and created a firewall rule to allow access from MAIN to CAM. Both VLANs currently have internet access (temporarily, to make it easier to access the cams remotely. The plan is to disable internet access in the CAM VLAN soon.). So the issue is that, from a Windows PC on the MAIN subnet, I cannot connect to a camera on the CAM subnet via IP address using the Reolink client. I certainly am able to ping the camera's IP address, proving that the firewall rule does work, but it fails to connect via the Windows client. If I use the UID feature, I am able to connect, but this is not ideal since I mentioned I intend on disabling internet access in the CAM VLAN. So my question is: why is it that I am unable to connect to the Reolink cameras via IP address when they are in a different subnet, even though I have a firewall rule allowing access from MAIN to CAM and I can ping them from MAIN? Are there any further steps I need to follow in order to connect to them via IP address across VLANs? I have two Reolink Argus 3 Pro and one Reolink TrackMix Wifi cameras and the issue is present in all of them. They are all running the latest firmware.Any help is appreciated!PS: This is the OPNSense firewall rule allowing access from MAIN to the Reolink cams (reolink_cams is an alias:Rule:Action: Pa*sTCP/IP Version: IPv4Protocol: anySource: MAIN netDest/Invert: uncheckedDestination: reolink_camsDest Port: anyDescription: Allow access to Reolink camsAlias:Name: reolink_camsType: Host(s)Content: (the cameras IP addresses, which are static)Description: Reolink IP cams
Hi there! Join the Commnunity to get all the latest news, tips and more!