I'll see if I can help a little. ISP's will block ports without asking. Outbound requests typically get through as do responses to outbound requests. Trying to connect is an inbound request and may not get through.
On on the other item, I'm more familiar with Dahua products but they are similar. Dahua lets an end user with permission stop recording on any channel through the GUI and enable it again. I'm sure on both you could wire a switch in the home and connect to an alarm input. Set recording on alarm. This might also work for them. They could leave recording off by accident.
Have you tried to do a tracert out to google or something from your laptop? (assuming laptop and NVR are on same switch)
IPVMU Certified | 06/23/15 08:30pm
When you select a channel there should be a camera looking icon, that when you hover over it says stop or start recording. A single click on this will toggle it. Not sure if accessible with the remote.
I was thinking the same as B about ISP blocked ports, I would give them a call and ask. Ive had mixed results with Hik's DDNS and if a customer wants DDNS we sell them a sub-domain and a Raspberry PI running No-IPs Linux client for a monthly fee. You could take a laptop and grab a free DDNS account from any of the various providers and run their client on the network and see if that works better. It would at least let you know it is the Hik service failing and not something ISP related.
For the port forwarding depending on how the bridge is acting you would need to forward from the MiFi box to the bridge ip and then in the bridge to the recorders IP. It sounds like you may have tried this. Locally nothing should be blocked and you are accessing the IP directly and would be expected to work fine. The fact that it does work fine locally says that the problem is in your forwarding configuration/rules or ISP blockage.
You said that Hik's DDNS was reporting a different address than discovered. Have you tried to connect through the discovered address? Also because these recorders are Linux based a full reboot may be required for the network settings to stick. Always go back and check. I have seen them many times appear to save the information but exiting and returning to the configuration page shows back to default settings.
I have put at least a couple dozen OEMd Hik boxes online and it is never painless hah.
IPVMU Certified | 06/23/15 08:37pm
In Australia, most cellular data services do not offer a public IP address. The IP address of a cellular data service may be on the 10.0.0.0/8 range which is a reserved internal use range whereas the public IP address will be something different. In these circumstances, the public IP address is being used by many cellular services at the same time & the router with the internet face is the telcos router not the router on the cellular connection. Consequently, outgoing traffic works fine but when any incoming traffic hits the telco router, that router has no idea where to send it to so it blocks it.
Here it is possible to get the Telco to provide a public IP address on the cellular service but it can be a long & painful process.
IPVMU Certified | 06/23/15 08:56pm
I've had this problem before too, try changing ports to something other than the default. Also, check to see if you can connect outside of their local network. I have seem some netgear routers not allow you to connect using external IP while you're inside the network.
@John Bazyk, I was aware of the loop back problem trying to connect from outside while inside the LAN. That's why I turn off wifi on phone and try to connect from my LTE to customer's IP address. Will try some different ports. Neither outside address (one from HIK and the one from my laptop) allowed any connectivity to the DVR. Will try the reboot next time I'm on site.
Pro Focus LLC | 06/25/15 11:06am
Ok, going super simple with my recommendations.
For the Internet issue, make sure you are using the correct gateway address for the static IPs. Usually ATT devices use .254 as the gateway, not .1 as you would assume. This would prevent any device from reaching the Internet, but would work fine internally.
You might also be double NAT'ed behind another gateway at the tower. If so, not much you can do about that.
And finally, to disable the pool cam easily, simply run a switch on the camera power that they can simply flip to cut power while "nature swimming?"
Nelly Security | 06/25/15 07:49pm
Before you go any furthur, you should check to see if ATT allows port forwarding on that type of device. With some satellite and certain cell phone connections, port forwarding is not possible. I do realize that you may have seen a port forwarding section in the Mifi settings, still though, it may not work due to the way their network topography is designed.