How to access Dahua NVR using gDMSS over VPN

[tamamontu]

Hi All, I have recently installed a Dahua NVR with two IP cameras. I configured a OpenVPN server and a client on the phone. VPN Client connects with the server, but when i use gDMSS app on the phone it doesnt show anything. In the firewall on the router i have configured to block all the ports from the NVR going out from the router.

I am new to kind of setup. Is my setup correct? is it possible to use gDMSS app over VPN to check your camera feeds.

If I explicitly access NVR IP address from the phone after VPN connection i can log onto the NVR.

Thanks

 

[catcamstar]

Hi @tamamontu, in your first sentence you write: it does not work. In the last, it does work. To which address are you connecting in the first place? Not the NVR IP?

In any case: when running openVPN, you have to use the internal NVR IP address, as being on your local LAN/Wifi. It is normal that your WAN IP with (probably the worst idea ever if you had implemented it like this) port forwardings.

Good luck!
CC

 

[tamamontu]

Thanks Catcamstar, sorry for any confusion, let explain my setup bit more. In the router i have forwarded port for VPN server. Then set rules to drop traffic for all the port on NVR.s IP address as listed in the network settings on the NVR. I have configured a VPN server and can establish a connection from VPN client on my android phone. After establishing VPN connection if i try to use gDMSS app i dont any camera feed.

But if i try to access the NVR local IP address from the phone using a webbrowser after VPN connection is established I see the login page for the NVR. So definitely my VPN connection is fine. Hence trying to figure out how if my setup is correct or not and how to use the gDMSS app with VPN setup.


Today i was trying to see if it was my firewall rules in the router, as i have set to drop all the traffic on NVR's ports (Network setting ports). I tried to disable the rules one by one to see which rules might be the cause. Till i disabled the rule to drop 37778 port, then i can see camera feed on gDMSS app (After VPN conection estalished.).

Is this right, I mean firewall rule for the router it to block outgoing traffic.

 

[catcamstar]

Thanks Catcamstar, sorry for any confusion, let explain my setup bit more. In the router i have forwarded port for VPN server. Then set rules to drop traffic for all the port on NVR.s IP address as listed in the network settings on the NVR. I have configured a VPN server and can establish a connection from VPN client on my android phone. After establishing VPN connection if i try to use gDMSS app i dont any camera feed.

But if i try to access the NVR local IP address from the phone using a webbrowser after VPN connection is established I see the login page for the NVR. So definitely my VPN connection is fine. Hence trying to figure out how if my setup is correct or not and how to use the gDMSS app with VPN setup.


Today i was trying to see if it was my firewall rules in the router, as i have set to drop all the traffic on NVR's ports (Network setting ports). I tried to disable the rules one by one to see which rules might be the cause. Till i disabled the rule to drop 37778 port, then i can see camera feed on gDMSS app (After VPN conection estalished.).

Is this right, I mean firewall rule for the router it to block outgoing traffic.

Strange you bring up the 37778 port, as I remember 37777 is the "dahua" default port ;-) Thanks for the clarification in any case. What you indeed notice is that connecting through web browser (port 80) proofs the VPN connection is fine, and you'll need the "other" NVR port to be open to your NVR, which you found out yourself by allowing 37777(8). Good job!

In any case: block WAN access from the NVR, that's what is important.

Good luck!
CC

 

[tamamontu]

Hi Catmstar, It seems i was wrong with the setup, after opening port 37778, gDMSS app on the mobile can access camera feeds without VPN connection.

Is there a way to use gDMSS app with VPN.

 

[catcamstar]

Short answer: yes.

Long answer:
1) configure your VPN server to receive VPN connections from your ISP/WAN.
2) test this connection whilst being on 4G/wifi-from-the-neighbours
3) configure gDMSS with the IP/Domain from your NVR as being on your local network, eg 192.168.1.50
Done!

When you are away from home, simply connect the OpenVPN app, and launch gDMSS - it will remember the "last opened screen" and pooff, there are your live feeds!

Good luck!
CC
PS. disable these 37777/377778 port forwards as quickly as possible!

 

[tamamontu]

Thanks Catcamstar for sharing the info. My mistake was when i previously added nvr to the app i did based on serial number and not ipaddress.
I guess thats why it went through Dahua cloud and needed port to be opened.
Now i have reconfigured nvr based on ipaddress and disabled the port 37777 and 37778.

 

[catcamstar]

Good job!
CC

 

[aabs]

Thanks Catcamstar for sharing the info. My mistake was when i previously added nvr to the app i did based on serial number and not ipaddress.
I guess thats why it went through Dahua cloud and needed port to be opened.
Now i have reconfigured nvr based on ipaddress and disabled the port 37777 and 37778.

After having gDMSS app over OpenVPN working for years.
It has now suddenly stopped working and I cant figure out why ?
Like tamamontu I can access my NVR via web browser once my VPN is connected from a WAN locataion but strangly not via gDMSS.
Where did you disable the ports as I have all the following services swicted off on my NVR5216 and cannot see any options to switch ports off anywhere else.
PPOE = Off
DDNS = Off
UPnP = Off
SNMP = Off
multicast = Off
Alarm Center = Off
P2P = Off

 

[catcamstar]

Hi @aabs! "Suddenly" does not exist in IT

Couple of things to try:

• what happens if you connect to your local LAN (eg wifi) with your mobile, does gDMSS show the video feeds? --> if not: then something needs a "hit" on the NVR. Try to reboot it. Does it work? Good. Doesn't it work: hit factory reset and setup your Cam's again.
• if in #1 the feeds did work, you need to investigate the routing/firewalling of the VPN device: did it get a software update? That the webbrowser worked is a good sign, which means port 80 is forwarded to the VPN client. However, for gDMSS to work, you need these exotic 37777 and 445 for authentication to be accessible. Maybe you can turn on logging on your VPN device to see what's going on.

Hope this helps!
CC

 

[aabs]

Hi @aabs! "Suddenly" does not exist in IT

Couple of things to try:

• what happens if you connect to your local LAN (eg wifi) with your mobile, does gDMSS show the video feeds? --> if not: then something needs a "hit" on the NVR. Try to reboot it. Does it work? Good. Doesn't it work: hit factory reset and setup your Cam's again.
• if in #1 the feeds did work, you need to investigate the routing/firewalling of the VPN device: did it get a software update? That the webbrowser worked is a good sign, which means port 80 is forwarded to the VPN client. However, for gDMSS to work, you need these exotic 37777 and 445 for authentication to be accessible. Maybe you can turn on logging on your VPN device to see what's going on.

Hope this helps!
CC

Works on wifi on LAN
Occasionally works on Andriod on WAN
Never works on IOS on WAN
Tried a few different versions of the gDMSS app to rule out a possible bug in an update.
Looking increasing like a time out issue but I have a down of 150mbps & up of 30mbps

 

[catcamstar]

If you open the VPN on iOS, can you, with the browser on the iPhone, connect to the NVR or not? To verify if networking wise it's okay.