Unable to access the web server from outside the LAN
  • I'm running the latest version 5.2.2 on a headless Mac Mini with 10.13.6.
    But I still have the following problems with a monitor connected.

    The web server is setup more or less the same as your example using ports 8000 and 8001.
    Dynamic DNS is set and the test indicates it's working.
    But UPnP service list on my TP Link router is not showing the server.
    Other applications on the same computer are listed there and work.
    I have also enabled port forwarding on the router for ports 8000 and 8001.
    I'm unable to connect using the latest version of the iOS app over 4G. Local LAN connection over WiFi works fine.
    I'm also unable to connect over 4g using any web browser with the suggested Dynamic DNS URL's.
    Little snitch on the Mac is disabled.
    I am running my own DNS server on a Raspberry Pi using PiHole and there is no indication that PiHole is blocking any outgoing connections from the securityspy server.
    Does your DDNS really need Googles public DNS to work?

    I have only just set this up and I have not yet registered the software, although I have paid for the iOS app.
    I would obviously very much like to resolve this issue so any pointers as to what might be the problem?

    Thanks
  • It sounds like you have checked all the basics, and it's not immediately apparently why this isn't working.

    SecuritySpy doesn't need Google's public DNS, but during troubleshooting of these kinds of issues we may ask you to enter this into your network settings, just to rule out any problems with the DNS server you were using before.

    What Internet connection do you have? Is is standard fibre/cable/ADSL? Note that if you have a satellite or 4G/5G connection, this won't work and other steps are necessary (see our blog post Remote Access via Mobile/Cellular or Satellite Internet.

    If you are going to set up port forwarding manually, then the basic steps are:

    - Make sure your Mac has a manually-assigned IP address on your local network.
    - In your router, forward ports 8000 and 8001 to the Mac's manual IP address.
    - Make sure the Mac's firewall is turned off, or SecuritySpy is added as an exception.
    - Make sure SecuritySpy's web server is enabled.

    If you are still having problems with this, please email us at support@bensoftware.com and include screenshots of the Mac's IP setup, the Web settings in SecuritySpy, and your router's port forwarding configuration.
  • Ben, thank you for your prompt response.
    In case anyone has similar issues in the future, I'm pleased to say it now appears to be working.
    In the Mac network settings I changed the primary DNS server to 8.8.8.8 (Googles public server) in place of my own. That simple change fixed the issue and I can now access over 4G using the iOS app, and web browsers.
    But the webserver still hasn't appeared in the UPnP service list on the router, but that does take a while to update. I'll check that again tomorrow. I have left port forwarding enabled.
    To answer your other suggestions, for the benefit of any future viewers, the Mac already has a fixed ip from the router DHCP address reservation.
    I also have a fixed ip address from my ISP, and very fast fibre.

    I'll get to registering in short order now I know it works. It really is a very nice application.
    Thanks again for your prompt attention.
  • Great to hear that it's working now. Sometimes with manual configuration of port forwarding, it takes time, or even a router reboot to start working, so that could have been the case here too.

    Manual port forwarding is an alternative to UPnP, so if you are using one then you shouldn't be using the other, as as they can conflict with each other. So now that you have set up manual port forwarding, I would recommend turning off the "Allow access from the Internet" options under Preferences -> Web in SecuritySpy (these options control whether UPnP is used or not).
  • Thanks for the tip, I've turned off automatic port forwarding.
  • Quick follow up question, is it necessary to use ports 8000/1. Concerned about security as they are common ports, often scanned.
  • No, it's not necessary to use the default ports, you can choose any port above 1024 for SecuritySpy's web services. However, the best way you can protect yourself is by using strong passwords, not obscure ports (there are bots that scan all ports on random IP addresses, looking for vulnerabilities).
  • That’s true but thanks for the clarification re alternative ports.
    And I'm using a very strong password.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!