December 17, 2018 at 11:12 am #183139
Doing some searching, I have the identical concern this gentlemen does:
Prior to finding this article, I realized it’s indeed the UID allowing external access to my system. By disabling the UID, it caused the app to no longer function, which I then manually set up via the IP and TCP port *I* configured in my router’s port forwarding .
What I can’t seem to find is HOW the UID function actually works? How is my NVR establishing external, two-way communication with my iPhone via the UID? I had not opened/forwarded any ports and it just ‘worked.’ Is the NVR unknowingly communicating (sending video) via Reolink’s cloud? What is the ‘system’ that the UID is actually UNIQUE on??
Think about it: If we HAVE security cameras in the first place, we ARE a security-conscious bunch. I NEED to know EXACTLY how this works for me to feel comfortable with this system. And SOON.
JustinDecember 17, 2018 at 2:07 pm #183202
My understanding is “yes, the Reolink devices (cameras, NVR) open IP connections to the Reolink cloud servers.” Once a connection is opened “outbound”, it is open for return traffic from that IP. Like, when you connect to a web site, that web site can send packets back to you. The unique user name and password are used to look up the connection to a particular UID that is associated with that customer. Port forwarding allows anyone, anywhere to attempt to connect to your cameras. The only thing stopping them is knowing the user name/password for the camera. (Just like they need to know the user name/password for the Reolink app.)
I would email the question to “firstname.lastname@example.org”, rather than asking Community members. We users have opinions, whereas the support staff are usually pretty knowledgeable.
People who are “totally paranoid” about security do not register their cameras using UID, and probably do not set up port forwarding. They either do not allow access from outside their LAN, or they set up VPN’s to tunnel into their network.December 18, 2018 at 2:42 pm #183821
Hi Justin, about the remote accessing on Reolink products. We provide the UID (based on P2P) for users to make it easy to use. You may just connect the cameras/NVRs to the Internet and log in them via the UID with your username/password. For the P2P, please refer to here. And the UID uses the random UDP ports on the network. If you don’t need that, you may just disable it and set the port forwarding by yourself. But we hope to provide users with a convenient way to use the cameras/NVRs, users needn’t know how it works or worry about the security issue. We used the private protocol and also has the encryption from the AWS to protect your data safety. Also, our server won’t save any private data from users. If you still have any questions, feel free to contact us at https://support.reolink.com/hc/en-us/requests/new. Have a nice day!
You must be logged in to reply to this topic.