Main home network: 10.10.1.0/24Camera network: 10.10.2.0/24Camect (static): 10.10.2.1
Cameras (static): 10.10.2.(10,11,12, ...)
No restricted access between Main home & Camera subnets yet.
I'm still poking around and learning, but I did set up the telegram stuff in I have to say it's pretty damn slick! That's working perfectly and I'm getting all my notifications and short videos sent there it's pretty awesome. So far so good and I'm loving it!! I had been looking for something like this for quite a while so this is really awesome and it was perfect timing.
My farthest camera ~300ft wooded connects via:
4 port internet router with WiFi
-LAN-
8 port unmanaged Poe switch
-LAN-
4 port WiFi AP
-WiFi bridge to shed-
1 port WiFi extender
-LAN-
4 port WiFi AP
-LAN-
4 port unmanaged switch
Ubiquiti EdgeRouter managed router
Local subnet: 10.0.1.0/24
Home PC on 10.0.1.174
VidLan subnet: 10.0.3.0/24
Camect on 10.0.3.2 (static lease)Amcrest camera on 10.0.3.99 (static lease)
Test PC on 10.0.3.100
I can ping the Amcrest camera by IP.
I can ping the EdgeRouter by IP.
I can browse the Amcrest camera UI via HTTP.
I can view the Amcrest camera via RTSP & VLC by IP.
Amcrest's ConfigTool finds the cameras (even through I changed to all non-standard port numbers).
Camect
Pings to the Camect IP time out.
Browsing https://10.0.3.2:443 spins and times out.
Browsing https://home.camect.com/ works with all cameras but "relaying".
I can ping the Amcrest camera by IP.
I can ping the EdgeRouter by IP.
I can browse the Amcrest camera via RTSP & VLC by IP.
I can ping Camect by IP.
I can use Camect at https://10.0.3.2:443I can use Camect at https://10.0.3.2:443/debug/profBrowsing https://home.camect.com/ works with all cameras without "relaying".
If so and Camect appears to be in promiscuous mode, it may be seeing all broadcast traffic (arp) on both subnets right?
If this were me, I would switch to class C 192.168.x.x/24 networks. Or you could widen you mask if you really need all the IP space and go with a video lan of 11.x.x.x/8
EdgeRouter 6P v1.10.10
eth0, eth1 with /24, eth2 with /24.
no rules
eth0/in and eth0/local
Allow established/related, drop the rest.
Each single subnet is listed for its interface (eth0, eth1, eth2), listed as "connected"
When the Home PC 1 is on the 10.0.1.0/24 subnet, it can't ping 10.0.3.2 (Camect)When the Home PC 1 is on the 10.0.3.0/24 subnet, it can't ping 10.0.1.101 (Home PC 2)
When the Home PC 1 is on the 10.0.1.0/24 subnet, I can still ping 10.0.3.100 (Camera1)
rule 91 {
action accept
state {
new enable
}
}
> fo...@camect.com <mailto:fo...@camect.com>.
> fo...@camect.com <mailto:fo...@camect.com>.
I bought a 16 port PoE+ switch, made it its own subnet, and put Camect and all cameras on it.I plugged the switch into my main home network (routes without restrictions for the moment).That should keep all the camera traffic on that one gigabit switch, while keeping it all accessible from main home network (when requested).This allows me to restrict traffic from the Camera subnet to my main home network (I just like the separation).Here's what I did so far: My Story and SetupExample:Main home network: 10.10.1.0/24Camera network: 10.10.2.0/24Camect (static): 10.10.2.1Cameras (static): 10.10.2.(10,11,12, ...)No restricted access between Main home & Camera subnets yet.Result:Everything is working great, except....Using the normal home.camect.com always has the cloud icon, meaning that all video is "relaying" across the internet to display on my screen.I was going to get around to asking about why that is. Most of the time my phone would need to relay anyway, but relaying makes the video speed/smoothness hard to control.As Arup points out, if I just had the switch as an extension to my Main home network, I'd just have one network and there shouldn't be any issues at all.