Port Forwarding Broken on 5.4.0 / HIDDNS broken?

[Alex Balcanquall]

Ok, please bear with me, while i got my cameras working a couple of years ago but they sat on a bench (working day in and day out) and then as of about 9 months a go in a box.
I am now in the middle of commissioning the system for real.

Last time i had all this setup I was using HIDDNS to register the cameras and I thought I was using uPnP to open ports (but i am not sure) - i was alo testing blue iris. Ok so now my re-noob questions.

1) Anyone have any idea why when uPnP is enabled on 5.4.0 there are more than just 8000 opened? Is there a way to control that - also the UI refers only to HTTP, RTSP and Server Port it seems to open more than that if one enables it. Specfically:

IPC_RTSPTCP	Anywhere	TCP	8200	192.168.1.53	8200
IPC_HTTP	Anywhere	TCP	10001	192.168.1.53	80
IPC_Control	Anywhere	TCP	10003	192.168.1.53	8000
IPC_RTSP	Anywhere	TCP	10002	192.168.1.53	554

It is annyon the UI shows only 3 but 4 are opened. Plus doesn't include the HTTPS I would want to open... just looking for someone to confirm if this is normal and if there is way to be more granular.

2) I assume if i want more than one camera enabled then i need to map each 8000 internal port to a different external port. What i don't see when using HIDDNS is a way for that server to know (and as such IVMS seems to assume its 8000 and then connect all devices to that one 8000 port)

3) Can someone verify the uPnP settings in the UI when set to manual don't work? Everytime i set them manually and come back to the page they show as default and 'not valid' despite my gateway showing the ports were opened (a ubiquiti USG).

4) lastly when using uPnP nothing works, i cannot connect to the stream, if i turn off upnp and force a manual mapping then all is OK. I am trying to work out if this is an issue with my gateway or with IVMS..

(and yes i know all about upnp in general so please lets not turn this thread into a upnp pros/cons debate, thanks)

 

[nayr]

what pro's are there to upnp? and https dont matter because rtsp/554, the video stream is in plain text so one way or another your passwords wont be encrypted.

if you have a Ubiquiti USG why not setup the VPN Server it already has included, this link should help: https://help.ubnt.com/hc/en-us/articles/204953054-UniFi-USG-Remote-User-VPN-with-Local-Users

there is no granular way to control uPNP, if you enable it.. you have no control over what pokes holes through your firewall and why.. thats normal.

 

[Alex Balcanquall]

what pro's are there to upnp? and https dont matter because rtsp/554, the video stream is in plain text so one way or another your passwords wont be encrypted.

if you have a Ubiquiti USG why not setup the VPN Server it already has included, this link should help: https://help.ubnt.com/hc/en-us/articles/204953054-UniFi-USG-Remote-User-VPN-with-Local-Users

there is no granular way to control uPNP, if you enable it.. you have no control over what pokes holes through your firewall and why.. thats normal.

Thanks for the taking the thread exactly where I asked folks not to take it, as to upnp in general, I have a large number of devices that use it, for me the convenience is worth it, you may disagree and that's ok, but I don't care if you do and don't care to argue that point. A function on the hikvision is not functioning as expected, are you interested in helping me determine if it is broken?

Of course there is granular control over upnp *if* the hikvision supports that (my synology supports granularity just fine), but it appears that a) they only open a subset of ports the camera uses and b) that the UI only reflects some of what it is doing (shows less ports than it is actually opening), and c) it opens ports there is not much use for in most scenarios - esp as only 8000 needs to be open right for ivms, so I am not sure why you mention rtsp port as I don't see that as needed by ivms?

Seems a shoddy and incomplete implementation of a feature if I have read it right?