Solved

Cannot consistently view security cameras through software provided. Firewall seems to be the issue?

Posted on 2007-12-06
4
912 Views
Last Modified: 2010-04-21
I have a client with a Dedicated Micros DS1 video camera unit. In conjunction with DM network viewer software (http://www.dedicatedmicros.com/australia/support_downloads_online.php) I am able to view the security camera's in some circumstances.

The camera unit has been setup behind two different firewall units. A sonicwall TZ190 running enhanced firmware. A linksys WAG54G v3 wireless access point. Both running the latest firmware.
The camera server uses tcp and udp ports 8234 and 8235.

The problem is on the return to the person using the viewer software. Depending on the connection type the camera's can be viewed.

If I use a dialup connection the video streams successfully.
If I attempt to view from behind our sonicwall TZ170 standard at work it fails. The logs reveal the packets are dropped due to a Probable TCP NULL scan.

Various other combinations work or not. A 3G internet connection via a PCMCIA card works. While a motorola cable modem will fail.

I have tried creating an ANY rule on the firewall between the 2 addresses to no avail. I have played around with MTU setting and allowing packet fragmentation. No result.

Any help would be appreciated.

0
Comment
Question by:silky38
  • 2
4 Comments
 
LVL 5

Expert Comment

by:jsthursday
ID: 20430614
you might need to forward the ports so the router reads them. it sounds like the ports are being discarded to the router as soon as they are hitting it. check out this site, its one of the best tutorial sites--

http://portforward.com/routers.htm
0
 

Author Comment

by:silky38
ID: 20438950
Thanks JS but I am already forwarding ports 8234-8239 to the unit through the firewall. The problem is not that the packets don't get forwarded. The problem is that the packets are detected  as a TCP NULL SCAN on the return trip by our Sonicwall.
The problem doesn't occur if you use a dialup connection and some routers such as my netgear wireless router have no issues either.
0
 
LVL 12

Accepted Solution

by:
Freya28 earned 500 total points
ID: 20494129
if we send a packet to a remote system in which all the flags are turned off (That is, set to NULL), then the remote system would actually not know what to do with the packet or in other words, it would not know what this packet was meant for.

You see, each flag is supposed to perform a particular function. According to the function that you wish to perform, the various TCP flags are turned on and turned off. Now, when the client sends a packet with all the flags turned off, then the server has absolutely no idea as to what it has to do with the packet or as to why the client sent the packet. If the NULL packet is directed to an open port, then the service running on that port replies with a error message. However, if the NULL packet is directed to a closed port, then the remote system replies with a RST or reset because the NULL packet it received did not contain enough information to establish a connection.

0
 

Author Closing Comment

by:silky38
ID: 31413314
Doesn't really solve the problem, but chances are that no one will have an answer.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Customized VNC 1 59
Simple Router Management, Subnets and VLANs e.g. RV0xx 7 76
Window update errors on VMs 9 48
Behavior-based and anomalies detection for Symantec 2 23
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question