I’m struggling for a few days to make a connection between:
rtsp camera — microtik hEX — wireguard tunnel — remote windows server
rtsp camera don’t have a gateway settings but stream works fine from internal network
I can ping microtik lan address from remote server, but can’t ping a camera (due to no gateway set)
NAT rules added: dstnat - tcp/udp - dst port 554 - action dst. nat - ip addess set
I don’t see any drop packets in microtik firewall rules when I’m trying to connect
I see connection attempts but something obviously goes wrong, any suggestions?
Sure it is. To substitute the address of the actual client by the own address of the Mikrotik in the corresponding subnet, just use a src-nat (or masquerade) rule. Assuming the address of the camera is c.c.c.c, it is connected to IP interface bridge and the own address of the Mikrotik in the subnet attached to that interface is m.m.m.m, put a rule chain=srcnat out-interface=bridge dst-address=c.c.c.c action=src-nat to-addresses=m.m.m.m into the /ip firewall nat table. The next attempt to connect to the camera from outside its own subnet will create a src-nated connection and succeed.
But nevertheless, how does the camera obtain its IP configuration? Does it get it via DHCP but ignores the default route configuration? Or maybe the netmask in the DHCP settings is incorrect so the camera tries to resolve the client’s IP address using ARP rather than using a gateway? Is there any other device than the camera in the same subnet?
