Keeping camera on Lan only

[RedDirtMoto99]

Is the a way to Keep camera viewing to Lan only, so no remote access at all.

[longedge]

That is precisely what I do for my 3 IP cameras and I make doubly sure by using two approaches.

Firstly in the setup for each camera on the network, TCP/IP screen of the Web UI I set a fixed IP address (as opposed to DHCP) so the camera doesn't obtain correct parameters after a reboot. I set a non existent IP address for the Gateway, Preferred DNS and Alternate DNS.

Secondly in the setup page for my router I have restricted all access to the WAN for the 3 devices.

[Revo2Maxx]

Also outside of what was said above.

Go to your Cameras WebUI, Then Setup, Then Network. Depending on Firmware in older it will be under TCP/IP then P2P. However in newer it will be right under the network tab at the bottom. In there you will want to toggle off P2P. After that no access outside using the camera Serial Number

[torrey99]

That is precisely what I do for my 3 IP cameras and I make doubly sure by using two approaches.

I set a non existent IP address for the Gateway, Preferred DNS and Alternate DNS.

Secondly in the setup page for my router I have restricted all access to the WAN for the 3 devices.

do you mean setting a new seperate gateway just for the cameras? and is that in the router or NVR?
also how did you restrict access to the wan for those devices? I have tp link archer1750 and don't see an option like that but I might get a new router with more security features.


I have p2p disabled on my NVR but cant log into my web ui and im afraid the neighbor who hijacked the cameras got the s/n for the cameras already if so am I completely screwed? I know he has the s/n for the NVR but I have Blue Iris im gonna be installing soon, I just hope i dont have to get new cameras as I have four 4k Dome, one 4k bullet, two 5mp Domes, and one smaller spy cam about 1'' all amcrest brand so it was easy to plug and play, I just wasn't very smart by leaving the QR code/SN stickers on the cameras

[Revo2Maxx]

In my TP-Link you can do that within the GUI of the Router, Advanced, Security and choose access Control. Here you have the ability to give or take access to the Internet. This access will still be able to access your local network but won't be given access to anything outside of your local network.

Mine are older Archer C50 v2 and I use one as a Repeater and one as a router today, I don't use them as my main routers on my network but it works either way. My Nighthawks have the option as well, Use 6100, 6400 and 7000P in my setup and all of them also have that feature..

If your 1750 is the C7 I can confirm that it does offer the access control as well. Also by adding all devices to the Black list will make sure that any thing that is connected to your router without your giving access it will not have access to the internet however that will not block someone from that network..

[Revo2Maxx]

I just wanted to mention that I have tested this with the TP link again because it has been a while since I used the Block on there seeing I have not been using that for outside connections on a Router mode setup..

I reset one of my TP-Link C50 routers, Setup on DHCP, Gave a 841 Wifi access. Setup the 841 in ASP and on my Phone Via P2P. I connected my Phone to the router as well. After logging into the Routers WebUI and Blacklisting that camera in the routers table I can no longer access that camera on my phone or on ASP over P2P however on my phone going to the Cameras IP of 10.9.8.131 I was able to access the camera over the local network. So doing this to your cameras, if you have a NVR giving your NVR internet access then you can view your cameras over your NVR though P2P.. As I said above, having your router setup that you have to give access to anyone that makes a new connection is safe as well. This way like someone while your away plugging into your router to try and gain access to the internet would block the access and they most likely would guess your cameras were connected over a NVR type connection and didn't have internet access they could use...

Screenshot (1707).png (56.93 KiB) Viewed 2251 times

[Reddogg99]

When you mention adding all devices to the blacklist, how can I do that when they just use a VPN and keep changing their IP and Mac address. Or does the Whitelist ONLY let those IP's on your LAN?

Same question with IP filtering On my NVR If I add my IP address and my cameras to the IP filtering does that ONLY allow those IP's access?

[Revo2Maxx]

Yes if you add them on your NVR, and add your computer IP and NVR IP to your Cameras that you have connected to your local area network then yes only IP's that are White listed would have access...

Your Router you are setting up to Black list anything that logs in. Then you will remove the ones you want to give access.. You can White list ones you already know on your network. Then in the picture above where it shows the Blacklist you would just press the trash can to give it access. It wouldn't add to white list unless you setup to add to whitelist.. But that option isn't wise... Giving access to white list is one thing but setting up to just Whitelist all new log ins not wise..