Network and subnet question

Will Stillwell

unread,

Nov 10, 2024, 12:28:46 AM11/10/24

to Camect User Forum

To date, all of my cameras and devices are on the same network. If I move my cameras to a different subnet, will the camect have issues communicating with the cameras ?

Say my main network is 192.168.1.0 Router is 192.168.1.1 which goes to the internet

If I move my cameras to the 192.168.5.0 network And the Camect stays on the 192.168.1.0 network what would I need to do to make sure the camect can still talk to the cameras? The majority of my cameras are Wyze cameras V2-V4 I have a couple of RTSP cameras.

If anyone has any experience with doing this on Ubiquiti equipment I would really appreciate some guidance on making this change and still have it work

I want to make it so that my IOT devices, I can reach them from the primary network, and they can reach the internet through the gateway, they can't talk to anything on my primary network directly.

Basically any device on the 192.168.1.0 network can talk directly to 192.168.5.0 network devices And the 192.168.5.0 can only talk to the internet, unless the connection is initiated by a device on 192.168.1.0 network.

I know Camect as it is now can't talk to any wyze devices outside the router even though some other 3rd party platforms can. I just want to make sure it isn't a problem on internal network regardless of subnet.

~Will

CamectChao

unread,

Nov 10, 2024, 1:17:08 AM11/10/24

to Camect User Forum, Will

It's fine for cameras added using RTSP URLs.

For wyze, it's probably fine as long as Wyze servers still think they are on the same network.

It won't work for auto discovered cameras. This is because they use MAC address to identify the cameras.

mitchell_b

unread,

Nov 10, 2024, 3:49:31 PM11/10/24

to Camect User Forum, CamectChao, Will

Hey Will,

I run a similar setup using a Unifi Dream Machine Pro and a managed (Cisco) switch. Instead of separating the cameras from Camect, run them on the same VLAN and create rules for the traffic you want.

- All cameras and the Camect are on VLAN30 (with default / desktop VLAN being 1).

- A group of ports on my Cisco core switch use VLAN30 as the primary VLAN and allow no other VLANs.

- Each camera is configured with a static IP address outside of the DHCP range for VLAN30. Camect grabs the first IP address lease in the DHCP range and I configure it to be a static DHCP lease in Unifi.

- In your Unifi Console, under Security, then Traffic and Firewall Rules, add rules appropriate to your desired traffic pattern:

- I have one rule blocking all internet access to VLAN30. This prevents the cameras from reaching the internet.

- The other rule allows internet access only to one device (the Camect hub). This allows web access.

- By default, Unifi allows access between all VLANs, so these rules are just blocking internet access. I can still access cameras on the primary VLAN without an issue. You can easily write additional rules to further restrict inter-VLAN access as desired.