New here and looking for an help. We have an NVR inside an local network and Microtik router on WAN. I have been trying to watch live view and playback video from PC client and mobile app from Internet. I've configured NAT and were able to log in using mobile app and PC client.
The problem is I can't watch any live feed or playback.
Tried 2 different NATs. disabled unnecessary NATs for now.
From what I saw, main 2 port that needed to watch live feed is 443 and 9100.
NVR is Dahua's DHI-DSS7016DR-S2.
I've hidden public IP for security concern.
Also I can watch and control NVR from the local network without any problem, so there is no need for additional configuration in NVR.
So I must be doing something wrong with the Mikrotik.
Code: Select all
/ip firewall nat
add action=accept chain=srcnat dst-address-list=loc src-address-list=loc
add action=dst-nat chain=dstnat dst-address=[Public IP] dst-port=15455 \
in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 to-ports=443
add action=dst-nat chain=dstnat dst-address=[Public IP] dst-port=9100 \
in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 to-ports=9100
add action=dst-nat chain=dstnat dst-address=[Public IP] dst-port=8080 \
in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 to-ports=80
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=ether1 src-address=\
192.168.0.30
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9090 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9090
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9320-9322 in-interface=ether1 protocol=tcp to-addresses=\
192.168.0.30 to-ports=9320-9322
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9010 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9010
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9200 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9200
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9600 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9600
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=8081-8082 in-interface=ether1 protocol=tcp to-addresses=\
192.168.0.30 to-ports=8081-8082
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=61616 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=61616
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=20000-30000 in-interface=ether1 protocol=tcp to-addresses=\
192.168.0.30 to-ports=20000-30000
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9000 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9000
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=5080 in-interface=ether1 protocol=udp to-addresses=192.168.0.30 \
to-ports=5080
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=554 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=554
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=40000-49999 protocol=tcp to-addresses=192.168.0.30 to-ports=\
40000-49999
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=1883 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=1883
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=12366 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=12366
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=6379 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=6379
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9400 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9400
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9550 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9550
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=5060 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=5060
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=5672 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=5672
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=61613 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=61613
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=8161 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=8161
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=8080 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=8080
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9500 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30 \
to-ports=9500
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=9900-9901 in-interface=ether1 protocol=tcp to-addresses=\
192.168.0.30 to-ports=9900-9901
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=36962 in-interface=ether1 protocol=tcp to-addresses=192.168.0.30
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
dst-port=61001-65000 in-interface=ether1 protocol=tcp to-addresses=\
192.168.0.30 to-ports=61001-65000
add action=dst-nat chain=dstnat disabled=yes dst-address=[Public IP] \
to-addresses=192.168.0.30
add action=src-nat chain=srcnat disabled=yes src-address=192.168.0.30 \
to-addresses=[Public IP]