different Interface / IP for cams and for User-UI ?

[wolfgangr]

Is it possible to configure AgentDVR so that Cams and User http connection is on different subnets?

Details:
I try to integrate AgentDVR in my segmented network.
Think of cams in a separate subnet (e.g. 192.168.3/24), where they may perform all this nasty multicasting / mDNS/ polling / onvif / autoconfig / phoning-home / god-knows stuff as they like, but separate user workstation(s) (e.g. 192.168.1/24) in a different subnet where I may try to implement tidy layer3+ management such as routing, DNS.
(I even caught Agent trying to connect to my switches' admin port at :80 - something I'd consider as close to evil misbehaviour ;-) ...)

Accordingly, the box (ubuntu 24.04.1 LTS ) has two different interfaces: 192.168.3.1 and 192.168.1.37.

The documentation is not very specific on that topic, so I startet testing and configured <BindInterface>192.168.3.1</BindInterface>
and get (no cams connected at the moment):

root@nvr:/opt/AgentDVR$ netstat -antup | grep Agent
tcp        0      0 192.168.3.1:8090       0.0.0.0:*               LISTEN      1014/Agent          
udp        0      0 192.168.3.1:5353       0.0.0.0:*                           1014/Agent          
udp        0      0 192.168.1.37:5353      0.0.0.0:*                           1014/Agent          
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           1014/Agent          
udp        0      0 0.0.0.0:3478            0.0.0.0:*                           1014/Agent  

Not unexpected, I can't connect to http://192.168.1.37:8090 from my workstation on 192.168.1/24.
OK, I can live with port 3478 (STUN?) being open for all interfaces.
Do we need Port 5353 (googled as mDNS) at all? For all or for some cams?
I don't see any need for mDNS in my client network, have working DNS there.

Next obvious approach, I tried to put a haproxy reverse proxy in front of AgentDVR to redirect http.
I get "404 - Not Found (Not Found)"

As referred here https://www.reddit.com/r/ispyconnect/comments/xevyhv/agent_dvr_reverse_proxy/

Port forwarding is locked down with the free version of Agent DVR.

... and as I read on, it's not easy/recommended with a business license, either?

But both brute port forwarding and reverse proxy are mere ideas for workarounds, anyway.
The straight forward solution would be a clean implementation of differentiated interface binding.

Could this be done? May be some secret config?
If not, what other way to go?

[ispysoftware]

Agent does network discovery to find cameras on your network you can turn it off in server settings (under ONVIF discovery). That'll disabled the mDNS stuff as well.
I'm not really sure what you are asking about but you can specify the bind interface in server settings - local server

See
https://chatgpt.com/share/6789cc35-4190-800a-b9fe-026bb99959b2