Dahua - SmartPSS unable to connect

[NoMansLand]

Hi IPCamTalk,

Long time reader, first time poster.

I have just purchased & installed my first NVR (Long time DVR user... dont ask)

So after alot of research I've gone with a Dahua DHI-NVR5432-16P-4KS2E.

I am also running on my network:

- Ubiquiti Security Gateway
- 2x Wireless APs
- 24 Port Ubiquiti Switch
- 8 Port Ubiquiti 8 Port switch

I have all my devices seperated into seperate VLANs (Compatible with USG)

- LAN Network: 10.1.1.1/24
- Guest Network: 10.1.2.0/24 (VLAN 2)
- CCTV - 10.1.3.0/29 (VLAN 3)
- IoT Network: 10.1.4.0/24 (VLAN 4)

Network - Topology - Not zooming in as you'll never see the full list.



Under SmartPSS - I have port forwarding on LAN IN & LAN OUT



CCTV Network has :

CCTV Ports has:


Under SmartPSS - it see's the NVR under Auto Search


I can add the NVR to SmartPSS, then when I do it reports "Offline (Can not find network host)"


I cant ping the NVR - or connect to it but it is active and connected to the network.



The kicker is - on the CCTV WiFi network / VLAN - I can ping, and access it via SmartPSS. Prior to this - I havent made any major changes to my network. I have had two cameras - (Dahua DH-IPC-HDW2431EMP-AS-0280B-S2 & Dahua TIOC Advanced 2.0 DH-IPC-HDW3849HP-AS-PV0280B-S3) connected and I was able to connected under my current network configuration. They were accessible via 10.1.3.3 & 10.1.3.5.

I've already flushed my DNS, Cleared my routing table etc on my PC.

Anything I may have missed?

 

[Scruffers]

10.1.3.4 into a web browser, hunch

 

[NoMansLand]

10.1.3.4 into a web browser, hunch

Which Browser would you like?

Internet Explorer:



Chrome:



Firefox:



Edge:

 

[Scruffers]

Yes, tried a camera setup with a router running on 10.100.xxx.xxx and that was a no go. 192.168. style worked though. Set up password in browser and then edited password in smartpss device manager.

 

[Valiant]

Anything I may have missed?

I assume you're trying to use SmartPSS externally back into your NVR ?. The recommended way to connect remotely is to use a VPN. I'm not familiar with the Unify gear but I'm pretty sure it supports remote access VPN. To use Smart PSS, the NVR needs to be 'online' via the P2P function. Has your NVR got outbound internet connectivity ?, Is your DNS and gateway set up correctly ?. A /29 address space is very small. How may cameras do you have connected ?. Are you using the correct IP's for this small subnet ?. I would temporarily place a PC on VLAN3 and test you have internet access. You shouldn't have to open or fiddle with any ports or port forwarding. P2P takes care of that.

 

[NoMansLand]

I assume you're trying to use SmartPSS externally back into your NVR ?. The recommended way to connect remotely is to use a VPN. I'm not familiar with the Unify gear but I'm pretty sure it supports remote access VPN. To use Smart PSS, the NVR needs to be 'online' via the P2P function. Has your NVR got outbound internet connectivity ?, Is your DNS and gateway set up correctly ?. A /29 address space is very small. How may cameras do you have connected ?. Are you using the correct IP's for this small subnet ?. I would temporarily place a PC on VLAN3 and test you have internet access. You shouldn't have to open or fiddle with any ports or port forwarding. P2P takes care of that.

Hi Valiant,

There's 15 cameras + a Screen, all connected to the NVR - so I can actually slim it down to a /32 - I have enabled P2P and I can access it via the Serial number - my laptop on VLAN3 (CCTV WiFi) - can connect via the IP address.

So the NVR is on there by it's self. NVR has outbound internet, DNS across all systems work.

 

[Valiant]

Hi Valiant,

There's 15 cameras + a Screen, all connected to the NVR - so I can actually slim it down to a /32 - I have enabled P2P and I can access it via the Serial number - my laptop on VLAN3 (CCTV WiFi) - can connect via the IP address.

So the NVR is on there by it's self. NVR has outbound internet, DNS across all systems work.

So the NVR has 2 interfaces with the cameras on the 2nd NIC ?. These won't have internet access which is fine. Check the setup of the 2nd NIC because sometimes it may be setup up in fault tolerant mode rather than multi LAN. What IP range are the cameras using ?

 

[NoMansLand]

So the NVR has 2 interfaces with the cameras on the 2nd NIC ?. These won't have internet access which is fine. Check the setup of the 2nd NIC because sometimes it may be setup up in fault tolerant mode rather than multi LAN. What IP range are the cameras using ?

The NVR has a single NIC for the Ethernet (10.1.3.x) & then the Cameras are connected to 16x POE Ports on 10.1.1.x

 

[Valiant]

The NVR has a single NIC for the Ethernet (10.1.3.x) & then the Cameras are connected to 16x POE Ports on 10.1.1.x

Topology doesn't sound good to me, NVR and cameras should be in same subnet.

 

[bigredfish]

Turn off P2P. It’s not needed to connect SmartPSS to the nvr

 

[bigredfish]

Is the machine running SmartPSS on the 10.1.3.x network?

 

[NoMansLand]

Is the machine running SmartPSS on the 10.1.3.x network?

No - my Desktop is on 10.1.1.x & my NVR is on 10.1.3.x, how ever with P2P on I can talk to the NVR using it's serial number.

 

[bigredfish]

Not sure because I’ve never run 10.1.1.x on my home network , but the NVR uses that segment for its built in PoE switch for the cameras… conflict?

 

[NoMansLand]

Not sure because I’ve never run 10.1.1.x on my home network , but the NVR uses that segment for its built in PoE switch for the cameras… conflict?

No errors reported on my monitoring systems of any conflict. The NIC is set to 10.1.3.x on DHCP

 

[Jolino]

Why not use P2P?
Enable firewall in NVR and restrict to your MAC-address.

A great feature for me with P2P at least is that i always can reach the local login webpage no matter where im located.

To the topic: Are you connect at port 80 or do you enable SSL for https connection? I had problem with the self generated certificate when connecting from local network.

 

[NoMansLand]

Why not use P2P?
Enable firewall in NVR and restrict to your MAC-address.

A great feature for me with P2P at least is that i always can reach the local login webpage no matter where im located.

To the topic: Are you connect at port 80 or do you enable SSL for https connection? I had problem with the self generated certificate when connecting from local network.

Using P2P now and enabled firewall.

I've gotten to it and i'm using SSL/443 so all my urls are https://