Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1795 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

REDs, DDNS, and NVRs

Allan Miller

Wondering if anyone can help me out.

Trying to configure remote access to some NVRs at some branch locations connected via split tunnel to an XG135 at HQ. I have the NVR at HQ working fine using Sophos DDNS - easy enough - but can't figure out to configure/how to configure the REDs for their own DDNS (since they access the internet directly). I have no need nor desire to route the cam traffic through the XG but am willing to try it if I have to. Any info appreciated.

Pardon the crude PP drawing. The direct connects to the internet from REDs is supposed to represent the split tunnel - I'm sure you get it.





This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    If you want to access NVR, it can be achieved by the Standard Unified Tunnel.

    Can you please elaborate a little more about your scenario and requirement?

    What is the purpose of DDNS for RED device?


  • 0 in reply to Keyur

    I agree that a unified tunnel would allow remote NVR access but I am seeking an alternative method because I do not want to route public-bound traffic from the branches through the XG. I am hoping for a method that maintains the standard/split tunnel configuration.

    I don't have a specific need for DDNS for the REDs - I just can't figure out another way of meeting the customer's needs - remotely viewing the NVR cam streams without routing that traffic through the XG.

    In the current standard/split configuration, the NVR traffic would simply access the internet directly (as it's not local-sourced traffic when a remote camera app on an external network is attempting to stream from them). I'm trying to figure out how to configure the network so that that remote camera mobile app knows where to point (hence the idea of DDNS) to retrieve the stream. As it stands, I don't have a public IP address that points to the NVR traffic unless I point to the public IP address on the branch gateways.

    Each RED is currently getting a 192.169.0.x WAN uplink IP address from an ISP gateway's DHCP. I'm willing to set those gateways to DMZ mode but, at best, I'm just going to get ISP public IPs on the RED WAN uplinks which doesn't help if I don't have DDNS configured to point to that public IP.

    I may have muddied the waters with my DDNS request - I'm just looking for a configuration wherein a remote mobile camera app can access the NVRs at the remote branches without having to route the NVR traffic through the XG (unnecessarily taxing the HQ's internet connection and the XG's resources).

    Thanks.

  • +1 in reply to Allan Miller

    Hi  

    Thank you for providing details.

    I understand your concern that you want to decrease the load on HQ XG and wants to establish communication for CAM and NVRs.

    RED devices are  GUI less and only manged from XG firewall and purpose of RED device to extend the network and connectivity but still manage it from XG.

    Unfortunately, there is no provision of DDNS configuration for RED device. I will check an alternative for your provided network diagram and inform you if I have anything to share.

  • 0 in reply to Keyur

    The only solution would be to replace the REDs with small Desktop XGs. 

    Like Keyur wrote, REDs are only limited VPN boxes with zero touch. 

    XG can setup such things easily and you do not need any subscription to resolve this issue. 

    VPN is included in the base license, so basically buy the box (XG106?) and replace the reds. 

Reply
  • 0 in reply to Keyur

    The only solution would be to replace the REDs with small Desktop XGs. 

    Like Keyur wrote, REDs are only limited VPN boxes with zero touch. 

    XG can setup such things easily and you do not need any subscription to resolve this issue. 

    VPN is included in the base license, so basically buy the box (XG106?) and replace the reds. 

Children