What's new

How to create white list?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

lenovomen

Occasional Visitor
I have two cameras. How do I set up a white list, only communicate with certain Ip addresses and ports? Is there a way to set it up in a graphical interface?
 
I assume you're referring to *public* IPs on the internet.

There's always the Network Services Filter.
 
I assume you're referring to *public* IPs on the internet.

There's always the Network Services Filter.
This feature is not good for me because it only disables it on the local network. I need a solution that limits the total internet access to the device.
 
This feature is not good for me because it only disables it on the local network. I need a solution that limits the total internet access to the device.
That's what Network Services Filter achieves. It blocks outgoing communication from a LAN device to the internet, and the router's firewall blocks all unsolicited incoming communication.
 
Last edited:
That's what Network Services Filter achieves. It blocks outgoing communication from a LAN device to the internet, and the router's firewall blocks all unsolicited incoming communication.
I think it's not good for me. When I'm on the local network the camera doesn't work because I've disabled the internet - that's ok. But when I'm connected to mobile internet it works, so it's not good because it doesn't disable it.
 
I think it's not good for me. When I'm on the local network the camera doesn't work because I've disabled the internet - that's ok. But when I'm connected to mobile internet it works, so it's not good because it doesn't disable it.
What do you mean by "the camera doesn't work"? What exactly doesn't work?

Post a screenshot of your Network Services Filter page.
 
What do you mean by "the camera doesn't work"? What exactly doesn't work?

Post a screenshot of your Network Services Filter page.
I tell you what I want to do. The firmware versions of my cameras are probably infected, hacked and communicating with servers that they shouldn't. I want to be able to communicate only with servers with Ip addresses that I have allowed. How do I configure the router?
 
How do I configure the router?
You use the Network Services Filter. Show us a screenshot of that page that you say doesn't work.

Also post a screenshot of your System Log - Port Forwarding page.

Again, what do you mean by "But when I'm connected to mobile internet it works". What works? How are you testing this? Are you using some sort of app? Are you connecting directly to the cameras from the internet? Or are you going to a portal on the camera manufacturer's website?
 
Last edited:
You use the Network Services Filter. Show us a screenshot of that page that you say doesn't work.

Also post a screenshot of your System Log - Port Forwarding page.

Again, what do you mean by "But when I'm connected to mobile internet it works". What works? How are you testing this? Are you using some sort of app? Are you connecting directly to the cameras from the internet? Or are you going to a portal on the camera manufacturer's website?
1. I turned on the firewall white list
2. For the source IP address, I entered the IP address of the camera and the port and server it is connected to - I got this information from the history table in the adaptive QoS menu.

Then:

4. Connected my phone to the router wifi and opened the vanswiev camera app
5. The camera did not load because the filter was working, I was very happy!
6. After I turned off the wifi and turned on the mobile internet the camera worked, so it got internet, even though I only allowed one Ip address
 
4. Connected my phone to the router wifi and opened the vanswiev camera app
5. The camera did not load because the filter was working, I was very happy!
6. After I turned off the wifi and turned on the mobile internet the camera worked, so it got internet, even though I only allowed one Ip address

This doesn't make sense.

If the camera is allowed to connect to its server, then presumably this is the means it provides for access back into the network from which the connection was established. It's probably configuring a "tunnel", much like a VPN or SSH, to permit NAT traversal. At that point, I would have every expectation that the phone would have access to the camera(s), whether it's connected over your own wifi or cellular. In either case, the phone simply accesses the service/cloud provider to gain inbound access to the cameras (or else the cameras stream their content to the server).

The situation would be different if you denied ALL access to public IPs to the cameras. I wouldn't expect access to the cameras at that point over cellular. Wifi access *might* be possible if the cameras supported local access and NOT just cloud access.

So I just don't understand why you think access to the cameras would be denied if you permit access to their server. That's the whole point of them contacting the server! So access can be made available via the cloud.
 
This doesn't make sense.

If the camera is allowed to connect to its server, then presumably this is the means it provides for access back into the network from which the connection was established. It's probably configuring a "tunnel", much like a VPN or SSH, to permit NAT traversal. At that point, I would have every expectation that the phone would have access to the camera(s), whether it's connected over your own wifi or cellular. In either case, the phone simply accesses the service/cloud provider to gain inbound access to the cameras (or else the cameras stream their content to the server).

The situation would be different if you denied ALL access to public IPs to the cameras. I wouldn't expect access to the cameras at that point over cellular. Wifi access *might* be possible if the cameras supported local access and NOT just cloud access.

So I just don't understand why you think access to the cameras would be denied if you permit access to their server. That's the whole point of them contacting the server! So access can be made available via the cloud.
I don't really understand. Let's make it so you describe what I'm doing. Please help me. How do I set the camera Ip address to 192.168.101.168 so that it can only communicate with the server I have authorized? I want to disable all foreign connections.
 
By "how do I set the camera IP address to 192.168.101.168", I assume you have NOT reserved that IP address. That appears to be the IP network associated w/ Guest #1 on 2.4GHz (192.168.101.x). Normally you create a DHCP reservation using LAN->DHCP Server and binding the client's MAC address to the IP of your choice. But that only works when using the default IP network (e.g., 192.168.1.x or 192.168.50.x), which only works w/ Guest #2 or Guest #3. Guest #1 is special, and unqiuely configured for the benefit of AiMesh w/ 192.168.101.x (2.4GHz) or 192.168.102.x (5GHz). For this and other reasons, it's recommended you avoid Guest #1if at all possible.

By "it can only communicate with the server I have authorized" and "disable all foreign connections", I assume you mean all *remote* public IPs available over the WAN except the one remote public IP (i.e., server) you wish to designate as OK. Use the Network Services Filter for those purposes as described previously.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top