IP cameras accessible over the internet without exposing the whole network

IP cameras are notorious for two reasons:

• Almost no manufacturer ships firmware updates — putting one on the open internet is an open invitation to botnets.
• The vendor usually forces you to use their "cloud" (P2P), which sends the stream to an unknown server in China or Vietnam.

The LAN Gateway feature in SuperDMZ fixes both: you expose the cameras through our tunnel, without anything reaching the open internet, and the packets never leave your control.

Typical scenario

A small shop has 4 IP cameras at 192.168.0.21–24. There's an old Windows PC used as the POS that stays on all day. The owner wants to check the cameras from the hotel.

Solution in 3 steps

1. Install the SuperDMZ client on the POS PC. Enable Gateway in the local panel (Pro+ plan).

2. In superdmz.com, create 4 HTTP tunnels — one per camera. In "Tunnel destination" choose "Another machine on the internal network" and enter the corresponding IP.

3. On the phone, open the 4 URLs https://cam1.dmzgate.com, https://cam2.dmzgate.com, etc. Done. No vendor app, no DDNS, no port forwarding.

Security layers this adds

• Cameras never appear on the public internet — only through our subdomain, behind an IP allowlist
• No vulnerable firmware exposed — the SuperDMZ client on the Windows PC is the entry point, not the camera
• Automatic TLS — even if the camera only speaks HTTP, the tunnel adds HTTPS before the packet leaves the PC
• Defense in depth — without enabling -allow-gateway locally, the client refuses any non-loopback dial, even with a compromised panel

Limits

Pro plan allows up to 20 gateway tunnels (1 IP per tunnel). For more volume, Business plan allows full /24 subnets with a single tunnel.