Limit the firewall ports & IPs needed to be opened to the outside world

mnovotny · December 9, 2020, 2:40pm

From Eufy Support in regards to what ports are needed to be opened in your home firewall:
“Regards to the requirements of the network for our home base, we use TCP port 80 and 443 and UDP 0~65535 port. Please make sure TCP port 80 and 443 and UDP 0~65535 ports have not been blocked.”

This is also needed on the remote firewalls/networks where the app is being used from, aka from work, friends, etc.

Take the approach of the https://mysecurity.eufylife.com/ website, it appears it only needs tcp:80, tcp:443, tcp:1443. This is something very doable that network administrators would open in their firewalls for remote viewing. Imagine telling your CEO that he has a choice, to be able to view his security cameras at his house & other personal properties while at work from his iMac, iPad and other Android devices or the security of his work’s IT network. This would be something to ponder for future consideration.

TahaEng · December 9, 2020, 3:58pm

Typically, UDP ports are opened on request after a session is established over the other systems. Those ports don’t need to be “open” so much as “not all blocked”. That is a very wide range to list though, likely a system like this is only using a couple in a small part of the range.

But that CEO is probably only looking at this from his phone on a cellular network, so he shouldn’t have to have IT poke holes in the work firewall at least. And most firewalls won’t have an issue with blocking UDP connections that are established from inside in any case.

adr2879 · September 24, 2022, 7:02am

Whole 0-65535 is not needed

TCP out 443
TCP out 80
UPD out 8006 this one is optional (not needed , possible some back end activates)
UDP out 32100 this one is optional (not needed , possible some back end activates)
Open High Ephemeral UDP Ports OUT from 49152–65535 to ANY for the EUFY devices only.

UDP monitoring out as listed below:

2022-09-25 09:30:37	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:35 ][@S:R=3:5, 192.168.101.58:42344->3.72.203.219:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:30:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:26 ][@S:R=3:5, 192.168.101.59:28654->3.124.97.151:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:30:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:26 ][@S:R=3:5, 192.168.101.59:28654->54.254.90.185:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:30:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:26 ][@S:R=3:5, 192.168.101.59:28654->13.38.179.104:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:30:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:26 ][@S:R=3:5, 192.168.101.58:23256->3.124.97.151:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:30:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:26 ][@S:R=3:5, 192.168.101.58:23256->54.254.90.185:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:30:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:26 ][@S:R=3:5, 192.168.101.58:23256->13.38.179.104:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:30:23	[FILTER][Pass][LAN/RT/VPN->WAN, 240:36:21 ][@S:R=3:5, 192.168.101.59:34959->18.196.160.116:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:29:57	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:55 ][@S:R=3:5, 192.168.101.58:42344->3.72.203.219:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.59:28654->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.59:28654->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.59:28654->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.58:23256->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.58:23256->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.58:23256->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.59:29156->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.59:29156->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.59:29156->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.58:17021->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.58:17021->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:46 ][@S:R=3:5, 192.168.101.58:17021->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:29:43	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:41 ][@S:R=3:5, 192.168.101.59:34959->18.196.160.116:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:29:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:26 ][@S:R=3:5, 192.168.101.59:22560->3.124.97.151:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:29:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:26 ][@S:R=3:5, 192.168.101.59:22560->54.254.90.185:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:29:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:26 ][@S:R=3:5, 192.168.101.59:22560->13.38.179.104:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:29:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:26 ][@S:R=3:5, 192.168.101.58:11388->3.124.97.151:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:29:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:26 ][@S:R=3:5, 192.168.101.58:11388->54.254.90.185:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:29:28	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:26 ][@S:R=3:5, 192.168.101.58:11388->13.38.179.104:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:29:17	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:15 ][@S:R=3:5, 192.168.101.58:42344->3.72.203.219:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:29:03	[FILTER][Pass][LAN/RT/VPN->WAN, 240:35:01 ][@S:R=3:5, 192.168.101.59:34959->18.196.160.116:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.59:22560->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.59:22560->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.59:22560->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.58:11388->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.58:11388->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.58:11388->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.59:11412->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.59:11412->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.59:11412->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.58:22563->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.58:22563->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:45 ][@S:R=3:5, 192.168.101.58:22563->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:28:37	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:35 ][@S:R=3:5, 192.168.101.58:42344->3.72.203.219:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:28:27	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:25 ][@S:R=3:5, 192.168.101.59:24162->3.124.97.151:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:28:27	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:25 ][@S:R=3:5, 192.168.101.59:24162->54.254.90.185:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:28:27	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:25 ][@S:R=3:5, 192.168.101.59:24162->13.38.179.104:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:28:27	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:25 ][@S:R=3:5, 192.168.101.58:21477->3.124.97.151:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:28:27	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:25 ][@S:R=3:5, 192.168.101.58:21477->54.254.90.185:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:28:27	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:25 ][@S:R=3:5, 192.168.101.58:21477->13.38.179.104:32100][UDP][HLen=20, TLen=76]
2022-09-25 09:28:23	[FILTER][Pass][LAN/RT/VPN->WAN, 240:34:21 ][@S:R=3:5, 192.168.101.59:34959->18.196.160.116:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:27:56	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:54 ][@S:R=3:5, 192.168.101.58:42344->3.72.203.219:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:27:53	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:51 ][@S:R=3:5, 192.168.101.58:37506->18.158.214.194:443][TCP][HLen=20, TLen=60, Flag=S, Seq=1731046415, Ack=0, Win=14600]
2022-09-25 09:27:53	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:51 ][@S:R=3:5, 192.168.101.58:37505->18.158.214.194:443][TCP][HLen=20, TLen=60, Flag=S, Seq=1963841008, Ack=0, Win=14600]
2022-09-25 09:27:48	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:46 ][@S:R=3:5, 192.168.101.59:51898->18.158.214.194:443][TCP][HLen=20, TLen=60, Flag=S, Seq=3028513569, Ack=0, Win=14600]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.59:51897->18.158.214.194:443][TCP][HLen=20, TLen=60, Flag=S, Seq=3016483258, Ack=0, Win=14600]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.59:24162->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.59:24162->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.59:24162->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.58:21477->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.58:21477->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:47	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:45 ][@S:R=3:5, 192.168.101.58:21477->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:46	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:44 ][@S:R=3:5, 192.168.101.59:11290->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:46	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:44 ][@S:R=3:5, 192.168.101.59:11290->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:46	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:44 ][@S:R=3:5, 192.168.101.59:11290->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:46	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:44 ][@S:R=3:5, 192.168.101.58:18783->3.124.97.151:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:46	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:44 ][@S:R=3:5, 192.168.101.58:18783->54.254.90.185:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:46	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:44 ][@S:R=3:5, 192.168.101.58:18783->13.38.179.104:32100][UDP][HLen=20, TLen=32]
2022-09-25 09:27:43	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:41 ][@S:R=3:5, 192.168.101.59:34959->18.196.160.116:8006][UDP][HLen=20, TLen=65]
2022-09-25 09:27:43	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:41 ][@S:R=3:5, 192.168.101.59:23194->5.173.130.71:61767][UDP][HLen=20, TLen=32]
2022-09-25 09:27:42	[FILTER][Pass][LAN/RT/VPN->WAN, 240:33:40 ][@S:R=3:5, 192.168.101.58:29567->5.173.130.71:61766][UDP][HLen=20, TLen=32]

Darshak_Shah · December 23, 2022, 9:41pm

why would EUFY suggest this? a security company?

open all ports? why? cant tell what port the dev is using? poor security

Topic		Replies	Views
Eufy firewall ports for remote viewing Archived	4	12381	December 16, 2020
Firewall ports eufy cam Archived	10	3615	December 22, 2020
Setting up router for remote viewing Archived	2	926	November 30, 2020
Eufy Cam 2K Indoor Pan&Tilt for HomeKit Secure Video: Camera stops working if all direct outgoing connections from the cam to the internet are blocked. Why? It's not needed with HKSV Archived	4	824	September 18, 2021
Unable to access cameras on home wifi Archived	6	552	June 22, 2021

Limit the firewall ports & IPs needed to be opened to the outside world

Related topics