I recently bought a cheap IP camera from China, the ESCAM Ant QF605. I have bought cheap Chinese stuff before, and generally they have decent hardware but really crappy software.
The QF605 was no exception.
The software is a cloud based app for Android phones, and is supposed to “just work”. But it didn’t. The application reported that the camera was “successfully registered”, but then “offline” when I tried to connect to it.
After leaving the camera on for the night I was able to successfully connect to it. But after a reboot the “offline” problem was back.
As always, I turned to Whireshark to see what was going on. The problem is that the camera is WiFi-only so I had to configure a monitor port in my switch and listen to the access point traffic. But after that the problem was obvious.
The camera successfully receives an IP address from my DHCP server in my router. The DHCP offer contains two DNS server of my Internet Provider.
The problem is that these DNS-server was only used initially (packet 566-575 below), but after that the camera tries to use the gateway as DNS-server (packet 590-940 below).
Home routers normally sets itself as a DNS server for the DHCP clients on the network, but this camera apparently REQUIRES that your router is your DNS-server.
Since I have a competent router I just entered a custom NAT-rule to forward incoming DNS-requests to a external server, a sort of DNS-proxy.
After that everything works as expected.