• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 574
  • Last Modified:

port forwarding wit sonicwall firewall

hello experts -

I work for a security surveillance company that sells PC based digital video recorders for retail environments.  Basically the client has the PC DVR hooked up on their network capturing the video and recording onto the hard drive.  This particular one captures standard analalog signals via a capture card.   So the client can of course access the recorded and live feed directly from the DVR itself - or they can load the client software on a remote PC and connect remotely and view and watch.

We've sold 100's of these and havent had  a problem with the networking side.  It always comes down to programming the port forwarding on the routers when there is a problem.

Now, we have a rather difficult customer who is insisting that we get his dvr's to work over the internet for him.  He has one unit that works fine, and two (all are at different locations), that dont work.

Both the units that dont work over the internet, do work on the internal network from within the retail store.  This I would think would tell me that the problem is somewhere within the router.  Unfortunatly, the programming of the router is done by a different company - myself and the customer do not have access to the programming, all done by their "service provider".  

One firewall is a Sonicwall Tele3, the other is a Sonicwall TZ170.  

The person from the company that programs the router says everthing is port forwarded correctly and to the right internal IP address... however, access from the internet is still not working.  Anybody have any ideas how I should go about troubleshooting this??  I feel I'm stuck in the middle, with a hot head end user that is looking to point fingers at anyone he can, because of course he is frustrated.  

These DVR's are running Windows XP embedded - and like I said we have never had problems with them, and they are working fine from their internal network.  I had them confirm IP addresses, subnet mask, default gateway on both - end user says they are ok.  

Please help I need to know how to proceed with this mess.

thanks
0
tomeb1
Asked:
tomeb1
  • 3
  • 2
1 Solution
 
Craig_200XCommented:
I would tell the user that HE has to involve the ISP... its possible the ISP has changed the default username and password for logging on - so this could throw a wrench into your problem....

however, since your device IS working internally. and due to this "CUSTOMER" equipment, how can YOU be expected to configure it.. im sure within your contract/sales agreement you didnt specify that you would assist in configuring HIS routers... BUT......if you STILL feel your responsibility is to help him... you can offer your assistance WITH the ISP and call them yourself and have them walk you through it.. Im sure they are VERY familiar with this kind of situation... I used to do this with vendors when I worked at an ISP - the equip was different tho.....

logon to the sonic default ip: 192.168.168.168

username : admin
password  : password

Go into the Sonicwall setup menu, into Access, and Services, and create a custom service called DVR.  Set it up for your port and type.

Save this away.

Now on the main Access services grid you should find a new line at the bottom of the list for the new service you just created. Put the internal IP address of the videocam into in the right hand column, i.e. under "Public Server".

This will create the port forwarding rule in the NAT system and a "permit" rule opening the port for anyone to access your PC from anywhere, on that port.

Save this away.

http://www.sonicwall.com/support/pdfs/SonicWALL_TELE3_TZ_Getting_Started_Guide.pdf
pg 16 will start you through the setup..

http://www.no-ip.com/support/guides/routers/sonicwall.html
tz150 info
0
 
Craig_200XCommented:
OH 1 more thing.....

you might have to configure the machine your configuring from as management station with IP addreess 192.168.168.200 dgw 192.168.168.100 sm 255.255.255.0 as shown on page 19 of the first link....now this should be the info IF the ISP didnt change the defaults...
0
 
tomeb1Author Commented:
Still working on this one - lot of politics involved on who is responsible for what - but that is besides the point.  I'm trying to get their IT people involved, they have nobody onsite they contract it out - I was thinking I could request screen prints from the router screens (since they probably won't allow me direct access, nor do i necessarily want it) - what screens would you suggest getting, in order to spot a problem.

On a slightly different note - would it be possible to put another switch/firewall between the DSL modem and the sonicwall?  Say, a simple Lynksys 4 port - have the DVR device forwarded through that - and have all other traffic go to the Sonicwall?

Thanks,

T
0
 
tomeb1Author Commented:
One more question - you wrote :


**********************************************************
"Go into the Sonicwall setup menu, into Access, and Services, and create a custom service called DVR.  Set it up for your port and type.

Save this away.

Now on the main Access services grid you should find a new line at the bottom of the list for the new service you just created. Put the internal IP address of the videocam into in the right hand column, i.e. under "Public Server".

This will create the port forwarding rule in the NAT system and a "permit" rule opening the port for anyone to access your PC from anywhere, on that port.

Save this away.

http://www.sonicwall.com/support/pdfs/SonicWALL_TELE3_TZ_Getting_Started_Guide.pdf
pg 16 will start you through the setup..

http://www.no-ip.com/support/guides/routers/sonicwall.html
tz150 info"
**********************************************************************


Is this procedure the same for both the tele3 and the tz150?  Page 6 of the document from no-ip.com shows an "Access Rules" table, is this the "main access services" grid you are talking about??

Thanks again,

T.
0
 
Craig_200XCommented:
they should be similar..

the access rules table/wizard is different from the main access services.... I will see if I can get some more detailed info for you.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now