Discover the magic of the internet at Imgur, a community powered entertainment destination. Lift your spirits with funny jokes, trending memes, entertaining gifs, inspiring stories, viral videos, and so much more from users like sh779dk24q9.
I’m pretty sure at least two of the routers are as well, maybe all of them.
I want to block the cameras from being accessed from the internet or accessing the internet. I want them to communicate with trusted (for configuration) and the NVR. And then I want the NVR to be able to access the internet
I would create another VLAN just for cameras with appropriate firewall rules. Allow Trusted into this “no-internet” VLAN but nothing to the internet. One way would be to figure out which ports the cameras use so you can add a firewall rule to allow communication to the NVR’s IP. Another way would be to set the NVR on a static IP in the IOT and allow all traffic to it from this camera VLAN, (this is probably the easiest but not the most secure).
As a side note, I try to set as many things that I can on a static IP, it enables the use of firewall rules, also helps with normal monitoring.
As another side note - The Unifi APs support up to 4 VLANs (1 per SSID) - they also support the use of a SSID with multiple passwords which will allow connection to a VLAN depending on which password is used. It’s a new feature and I haven’t used it, so idk how well it works or other issues.
I’m pretty sure at least two of the routers are as well, maybe all of them.
I want to block the cameras from being accessed from the internet or accessing the internet. I want them to communicate with trusted (for configuration) and the NVR. And then I want the NVR to be able to access the internet
I would create another VLAN just for cameras with appropriate firewall rules. Allow Trusted into this “no-internet” VLAN but nothing to the internet. One way would be to figure out which ports the cameras use so you can add a firewall rule to allow communication to the NVR’s IP. Another way would be to set the NVR on a static IP in the IOT and allow all traffic to it from this camera VLAN, (this is probably the easiest but not the most secure).
As a side note, I try to set as many things that I can on a static IP, it enables the use of firewall rules, also helps with normal monitoring.
As another side note - The Unifi APs support up to 4 VLANs (1 per SSID) - they also support the use of a SSID with multiple passwords which will allow connection to a VLAN depending on which password is used. It’s a new feature and I haven’t used it, so idk how well it works or other issues.