MikroTik

Hi, I am writing to investigate a problem I am having with the display of some video surveillance cameras.

The cameras and NVR are from Hikvision and are in a remote location.

There is no connection (such as a VPN) between my office and the remote site.

To access the video stream I use Hikvision's iVMS-4200 application which after logging in allows me to access the cameras.

I do not need to access the NVR directly, so we are talking about a video streaming service through an application.

The mikrotik firewall for some reason blocks the streaming by returning for each camera the error ‘Reconnecting...Error code: OpenSDK StringError[520034].’

Unfortunately I can't find anything in the logs to help me.

If I connect my notebook via hotspot or directly to the operator's router everything works. The error only appears when I'm behind the Mikrotik.

I use no VLAN, no layer 7 rule, no qos or bandwidth management rules.
The eth2 is my wan and is configured with public IP.
I have a bridge between port eth4 and wifi (which are the two interfaces for the LAN).
I have no blocks to ICMP packets in the firewall rules.

Do you have any suggestions for me?

Thank you.

https://en.akinator.com/

or

export file=anynameyouwish (minus sensitive info like public IPs, passwords, etc.)

True, you are right, but I was hoping for an indication of how and what to check in the logs.

I attach the file as requested: Thank you.

First off, your firewall is a mess to say the very least - misordered rules, redundant rules, etc.

Secondly, I suspect you're missing some NAT port forwardings like 80,443,554

For this firewall certainly needs to be checked and cleaned.

For the NAT, however, I do not need any rules.
As I had anticipated, streaming is done via a video application that downloads the video stream via an https connection. I do not need to connect to a DVR/NVR.

Before proceeding with the firewall remediation, I wanted to resolve this issue.

Also because, until some time ago, video streaming worked without any problems with the same rules.

Thank you.

Is it better to fix the firewall rules before delving into the matter, or can some logs be investigated to make the cameras operational and in parallel proceed with the rules?

No clues?

Is the firewall too bad to solve?

I totally get how frustrating that can be! I had a similar issue with my cameras and a MikroTik router. It turned out that the necessary ports weren’t open, which was blocking the stream. I’d recommend checking to see if the ports for Hikvision, like TCP 8000 and 554 for RTSP, are properly configured on your MikroTik. Also, look into any NAT or connection tracking settings that might be causing issues. It took me a while to figure it out, but diving into the firewall logs really helped me pinpoint the problem.

I tried checking the firewall logs and even narrowing the search to the one (static) IP related to the PC on which the Hikvision software is launched, but I could never find anything.

I will try opening the outgoing ports as you suggested.

For NAT/tracking verification what specifically do you recommend I check?

Thank you very much anovojr.