Axis Camera Station + Fortinet

16th April 2024

We had a strange failure on Axis Camera station that was behind a Fortinet firewall.

The Scenario:
CellPhone+AxisCameraStationApp > Fortinet1 > Internet > Fortinet2 > AxisNVRServer

Problem scenario is that there is a VPN between Fortinet1 and Fortinet2 but no Rules to allow traffic.
The AxisCameraStationApp first tries to do a Peer2Peer connection between the App and the Server.(Cloud traffic costs $) Ideal if you are onsite and not across the internet. If this FAILS the App falls back to Cloud routing.
There is a route in our scenario, but no traffic is allowed thru, and the App gets confused
That’s my theory anyway

Solution: Tested working on Android v14.
Fortinet2 Outbound rule, turn on IPS set to high_security
this will block all peer2peer traffic, the App Fails to find an impossible route and uses the cloud to route traffic instead, which succeeds.

Symptoms:
At the top of the CameraStationApp there is a circle that stays White when in Peer2Peer mode and changes to Blue when in CloudRouting mode. You can tap the circle to get some description and show how much CloudData usage you have left.

Fortinet1 logs will show the Public IP address of the Firewall that the AxisNvrServer is behind.

Strangely enough Android v10 always works, even without IPS