Menu
What's new

NAT settings interface - UPnP on Hikvision camera - change ports

L

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
It seems to be a fact that enable UPnP should be avoid: https://ipvm.com/reports/hik-upnp and I must follow that advice.

and here is the config page for camera: https://www.manualslib.com/manual/1234066/Hikvision-Ivms-4200.html?page=60#manual

Should I change these ports (80, 554, 8000) in the camera: a) both extern and intern, b) only extern and keep intern as it is and what is preferred?

In in port forward in the router I can change the extern port and keep the intern port to make it more difficult for unwanted visits. Must the intern port in router match the extern port in camera?

Ps. I am working on a vpn solution in the future, but need port forward now.
 
alastairstevenson

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,957
Reaction score
6,809
Location
Scotland
You will not get any responses to these questions, as IPCT members know that they would be helping you to put your LAN and the data and devices on it at a serious risk of being compromised if port forwarding was used to allow the whole internet to access the cameras.
 
L

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
OK, I can understand, but do you really mean that Hikvisions solutions is so bad that their cameras should be banned?
 
alastairstevenson

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,957
Reaction score
6,809
Location
Scotland
llarsx said:
do you really mean that Hikvisions solutions is so bad that their cameras should be banned
Click to expand...
That's not what I suggested.
I simply said that enabling port forwarding created a risk of the LAN being compromised.
The same comment would apply to any other device that has not been designed to be hardened suitably for exposing to the internet.
 
L

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
Sorry, it was to bombastic, but I am getting tired with the Hikvision standard configurations and their manuals which prefer port forward and don't give any warning about port forward and don't suggest alternativ solutions.
 
alastairstevenson

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,957
Reaction score
6,809
Location
Scotland
Hikvision are not always right.
Hikvision have been roundly and publicly criticised for their encouragement of port-forwarding as a remote access method.
The knowledgable community here strongly supports a VPN solution and has lots of helpful advice on implementation.
For example : VPN Primer for Noobs
 
You must log in or register to reply here.
Top