I suggest you turn on "log" mode on the firewall walls, then start examine the routers system logs to see which rules are being triggered and from where to where. Without any evidence, all you can do is guess.
Sorry, sometimes in networking there's nothing for it but to slog through and do some meticulous forensic analysis. This is one of the many ways network managers earn there money. data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
Personally, I'd start with the inbound rules as your outbound ones are effectively doing nothing (the default rule is allowing everything out, so it's not worth starting there.)
I've been doing a bit more digging on this.
Turned off ALL firewall exceptions and i could still access my NAS.
I have now discovered that uPnP is enabled on the router and the NAS has communicated via this which ports it requires. Turning off uPnP stops access.
So, having enabled uPnP again, I added the NAS back in and added the HikVision to the router via uPnP.
Whilst the router recognises it in the uPnP list exactly like the NAS, the ports are still not opening.
Any further thoughts from anyone?
Can you post screenshots of each of the settings tabs for the HikVision.
Attached Network Settings from the HikVision NVR.
TIA.
Obvious one but easy to miss -
on your router it is defined as port 443 but on the HiKVision it is 444.
Agreed. However, it’s now using uPnP rather than the firewalls posted above, so this shouldn’t be making any difference at all.
uPnP is only a protocol for setting up port forwarding without involving the user. It is not intelligent enough to take changes into consideration. On your HiKVision box you have redefined HTTPS from the default 443 to 444. If you look at the screenshots you supplied of the HiKVision it says Not Secure which means it is using HTTP not HTTPS. I would bet you can't get an HTTPS connection to the DVR.
On digging further into uPnP it appears DHCP plays a big part in it so I would also suggest removing the static IP address and letting it pick one up via DHCP. Afterwards you can always tie the MAC address of the box to the IP given to ensure it always gets that address(on the router). Reset HTTPS on the box back to 443 as well.
On your router you are not logging at the moment.
Can you enable logging on everything to see if you are getting any attempts but they are being blocked?
This has fixed it!
After all that, it’s the simplest of things! All ports working fine when connecting remotely and the HikVision app picks it up straight away.
Thanks all for your help.
Thats good things are working now but could you confirm that the firewall is on in the router as it is an integral part of your defenses.