Sophos | OPNSense | Ubiquiti | IPCAM chinese)

Hello together, i have a question:
I have starting to segment my network with VLANS. Everthings working great but i have troubles to connect to my IPCams from the smartphone app.

Setup VLAN:
more than 2 VLANS but
VLAN50 (CAM) and
VLAN67 (WIFI-Internal)
is important.
Port 22 is Native VLAN50 and the IPCAM get the adress from the sophos DHCP.

firewall rule (for testing) (main firewall sophos)

allow | services: any |
also work with:
allow | services: 80;8080,443 |

i could access my cams over the browser (CTRonic, chinese things) (Great)
also RTSP/Onif is working.

but when i start my app in VLAN67 and the app is trying to reach the CAM the traffic according the monitoring is


*Default DROP UDP * : 23836
*→ * : 32108

len=32 ttl=64 tos=0x00 srcmac=c4:91:0c:50:ac:05 dstmac=00:01:2e:95:fa:8c

the second port is always changing. for me it looks like the app is sending a broadcast (*.255)

when i connect a laptop into the same network i could find the cam with the desktop application. but there are missing functions in this software to configure the things.

what is missing - maybe a interface route?


Sounds like the app is trying to use MDNS/Bonjour to find the cameras. I would look into whether Sophos has an MDNS reflector/repeater, if not you can set up Avahi in a VM or on a Pi.

Thx, for your response. I have created a dedicated wifi with the CAM VLAN ID (Ubiquiti). When i Need to make some changes, over the app, i connect to it.

Everything else (onif, webview,etc) is working over the firewall so i could connect with my nvr-software (zoneminder server)