DMSS & Push Notifications
- Thread starter NoTea
- Start date
bigredfish
Known around here
I know if I turn off P2P on my NVR I lose push notifications.
H. Swanson
Getting the hang of it
I just took the plunge and enabled P2P for seamless notifications. I have VLANs set up so that the NVR can only reach out to the Internet and can't access my trusted network. I have a crazy complex NVR password in my password manager, so brute force would never happen. I figure this is a risk I've mitigated to an acceptable level for the functionality I want.
I'm not going to have VPN enabled on my phone 24/7 just so I can get notifications.
I'm not going to have VPN enabled on my phone 24/7 just so I can get notifications.
bigredfish
Known around here
I dont use it long term. I've toyed with it over the past 3-5 months just to learn it, but I'll be leaving it enabled when we take a short trip soon
Nice new avatar. Wish it weren't so but unfortunately we are, and have been for a time, living in a banana republic....
bigredfish
Known around here
When on, my firewall appliance shows the NVR contacting easy4ipcloud.com once until I trip an IVS rule. Then it sends a request to 165.154.178.105 for each tripped rule and one initial ping to push.messagepush.org
I watch it when enabled, it if were to start sending other traffic I would shut it down.
I receive all push notifications from DMSS with my old NVR (5232-16P-4KS2E) added via IP, P2P is turned off. If I want to view the notification, such as see the snapshot or video clip I have to open my VPN first.
With my new NVR (NVR32CH-8XI) P2P has to be enabled to get IVS and ANPR notifications, only regular motion and SMD notifications work with P2P disabled.
I’m becoming quite annoyed by the fact I have to run P2P enabled to get IVS notifications since the NVR is constantly trying to get out and my router is blocking random ports every few seconds. P2P shows as offline since everything but port 8888 is blocked. Port 53 has to be unblocked initially on restart but with P2P enabled it’s a steady stream of DNS requests so it’s blocked too for now.
Long story short, from my experience anyways, notifications work without being logged in to the VPN so long as port 53 and 8888 outgoing are unblocked by your firewall. Not forwarded, unblocked, don’t port forward anything except the port needed to allow your VPN of choice to work.
With my new NVR (NVR32CH-8XI) P2P has to be enabled to get IVS and ANPR notifications, only regular motion and SMD notifications work with P2P disabled.
I’m becoming quite annoyed by the fact I have to run P2P enabled to get IVS notifications since the NVR is constantly trying to get out and my router is blocking random ports every few seconds. P2P shows as offline since everything but port 8888 is blocked. Port 53 has to be unblocked initially on restart but with P2P enabled it’s a steady stream of DNS requests so it’s blocked too for now.
Long story short, from my experience anyways, notifications work without being logged in to the VPN so long as port 53 and 8888 outgoing are unblocked by your firewall. Not forwarded, unblocked, don’t port forward anything except the port needed to allow your VPN of choice to work.
Last edited:
bigredfish
Known around here
Interesting. I only have an "Old" NVR (5216-16P-4KS2E) And when remote (not connected to local wifi which is the whole point), I do not get push notifications without P2P being enabled on the NVR. Enable P2P on the NVR and boom they work fine.
When P2P is not enabled, and I'm on wifi local (99% of the time) I also dont get notifications. (EDIT: I do get alerts on the phone, I dont get "dings" and messages with video/pic in the app. Obviously with OpenVPN enabled I get same.
I do watch the firewall, and like I said while enabled I'm seeing outbound requests to a certain IP (on any random port it decides to use) and their cloud server. No port forwarding of any kind on the router.
When P2P is not enabled, and I'm on wifi local (99% of the time) I also dont get notifications. (EDIT: I do get alerts on the phone, I dont get "dings" and messages with video/pic in the app. Obviously with OpenVPN enabled I get same.
I do watch the firewall, and like I said while enabled I'm seeing outbound requests to a certain IP (on any random port it decides to use) and their cloud server. No port forwarding of any kind on the router.
Last edited:
H. Swanson
Getting the hang of it
I figure it’s more secure to use P2P vs opening ports to the Internet.
bigredfish
Known around here
Absolutely
Is port 8888 blocked by your firewall?
If P2P is working you have to have ports unblocked by your firewall
Again I'm not talking about port forwarding, the only port I ever forward is the single port required for my VPN to work.
Number 5 blocks ALL outgoing traffic from my NVRs and cameras. 1 allows the NVRs to connect to a time server, 2 DNS (only needed on NVR restart), 3 email outgoing (gave up since it was not reliable), 4 is the port necessary for notifications.
H. Swanson
Getting the hang of it
True but isn't it more like UPnP where they're only opened as needed when initiated from the inside? Open ports (i.e., port forwarding) were what I referring to as a less secure configuration since ANY one from the Internet could see it open, unless you whitelisted the source IPs from the outside and denied everything else.
bigredfish
Known around here
I’ve been testing back and forth all morning. I may still be missing something but I get NO push alerts via local wifi (or remote via vpn) without P2P enabled
Looking at all netflows in and out of the NVR on my firewall, it’s not even attempting any outbound connections without P2P enabled
This is with two profiles in DMSS for the NVR. One added via IP and the other via SN.
Mebbe you have to add it via the QR code?
Looking at all netflows in and out of the NVR on my firewall, it’s not even attempting any outbound connections without P2P enabled
This is with two profiles in DMSS for the NVR. One added via IP and the other via SN.
Mebbe you have to add it via the QR code?
All ports but 53,123, and 8888 outgoing blocked. NVR8CH is a Lorex with Dahua firmware, P2P disabled. NVR608 is the new one, P2P has to be enabled for IVS.
P2P enabled on 608
P2P disabled on 608
P2P enabled on 608
P2P disabled on 608
bigredfish
Known around here
Yeah so we see the same thing on mine and your new one. P2P has to be enabled for IVS push alerts. (I dont use MD/SMD for alerts but I understand it will work without P2P)
On the older one, I wonder how that works? Is it added to DMSS via IP or QR code?
I've verified those ports are not blocked, again the NVR according to the firewall isnt even showing an attempt without P2P enabled
On the older one, I wonder how that works? Is it added to DMSS via IP or QR code?
I've verified those ports are not blocked, again the NVR according to the firewall isnt even showing an attempt without P2P enabled
They’re both added to DMSS via IP.
Lorex (basically a 5208-8P-4KS2 now)
V4.002.1CKA000.0.R, Build Date: 12-05-2023
Lorex (basically a 5208-8P-4KS2 now)
V4.002.1CKA000.0.R, Build Date: 12-05-2023
bigredfish
Known around here
weird thx
That’s the only camera I use SMD on. It’s zoomed in on my back parking area, if anybody is back there I a SMD notification, if somebody goes through the gate I get an IVS notification. Used to use the IVS as an email notification too but they’re so unreliable lately I just turned them off (email not IVS, it’s basically guaranteed to trip if you open the gate)
bigredfish
Known around here
Yeah my email alerts are wicked fast and reliable (private mail server) so I've always depended on them