Results 1 to 5 of 5
  1. #1
    Untanglit
    Join Date
    Mar 2018
    Posts
    17

    Default How can I block everything on a cheap IP camera except access to my NAS?

    I have a cheap IP camera from Amazon that I want to setup to monitor one area of my house. I do not trust these cameras, especially since there are over 70,000 models out there, including mine, with severe security vulnerabilities.

    I don't want to setup a vLAN for 1 camera, so how can I restrict this camera in Untangle to only allow it to communicate with My NAS where my NVR is setup? I do not want this camera to be able to access the internet. And if possible I'd like to block anything that isn't specifically required to function by my NVR.

  2. #2
    Master Untangler
    Join Date
    Jul 2010
    Location
    Nanaimo B.C
    Posts
    787

    Default

    Quote Originally Posted by relink View Post
    I have a cheap IP camera from Amazon that I want to setup to monitor one area of my house. I do not trust these cameras, especially since there are over 70,000 models out there, including mine, with severe security vulnerabilities.

    I don't want to setup a vLAN for 1 camera, so how can I restrict this camera in Untangle to only allow it to communicate with My NAS where my NVR is setup? I do not want this camera to be able to access the internet. And if possible I'd like to block anything that isn't specifically required to function by my NVR.
    Does your firewall have multiple ports ?
    Whats wrong with a single vlan ? its a 20 second thing to setup
    Started Youtube Channel, Have a question about Untangle Ask me : jason @ jasonslab.ca
    https://www.youtube.com/c/jasonslabvideos << Please like and subscribe, helps me out !!

  3. #3
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,687

    Default

    Simplest way. Set the DHCP as static in Config -> Network -> DHCP Server -> Current DHCP Leases.

    Then block the IP by creating a Filter rule in Config -> Network -> Filter Rules.
    dashpuppy likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  4. #4
    Untanglit
    Join Date
    Mar 2018
    Posts
    17

    Default

    So I setup a DHCP reservation, then created 2 Filter rules;

    1st Rule If MAC is "Camera_MAC_Address" & destination interface is Any WAN then BLOCK.

    2nd Rule is If MAC is "Camera_MAC_Address" & Destination port Is NOT "RTSP port" & Destination IP Is NOT "NAS IP" then BLOCK.

  5. #5
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,687

    Default

    Use IP instead of MAC address in the filter rule. DHCP reservation is handling the MAC to IP mapping.
    dashpuppy likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2