?
Solved

Cannot consistently view security cameras through software provided. Firewall seems to be the issue?

Posted on 2007-12-06
4
Medium Priority
?
955 Views
Last Modified: 2010-04-21
I have a client with a Dedicated Micros DS1 video camera unit. In conjunction with DM network viewer software (http://www.dedicatedmicros.com/australia/support_downloads_online.php) I am able to view the security camera's in some circumstances.

The camera unit has been setup behind two different firewall units. A sonicwall TZ190 running enhanced firmware. A linksys WAG54G v3 wireless access point. Both running the latest firmware.
The camera server uses tcp and udp ports 8234 and 8235.

The problem is on the return to the person using the viewer software. Depending on the connection type the camera's can be viewed.

If I use a dialup connection the video streams successfully.
If I attempt to view from behind our sonicwall TZ170 standard at work it fails. The logs reveal the packets are dropped due to a Probable TCP NULL scan.

Various other combinations work or not. A 3G internet connection via a PCMCIA card works. While a motorola cable modem will fail.

I have tried creating an ANY rule on the firewall between the 2 addresses to no avail. I have played around with MTU setting and allowing packet fragmentation. No result.

Any help would be appreciated.

0
Comment
Question by:silky38
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 5

Expert Comment

by:jsthursday
ID: 20430614
you might need to forward the ports so the router reads them. it sounds like the ports are being discarded to the router as soon as they are hitting it. check out this site, its one of the best tutorial sites--

http://portforward.com/routers.htm
0
 

Author Comment

by:silky38
ID: 20438950
Thanks JS but I am already forwarding ports 8234-8239 to the unit through the firewall. The problem is not that the packets don't get forwarded. The problem is that the packets are detected  as a TCP NULL SCAN on the return trip by our Sonicwall.
The problem doesn't occur if you use a dialup connection and some routers such as my netgear wireless router have no issues either.
0
 
LVL 12

Accepted Solution

by:
Freya28 earned 1500 total points
ID: 20494129
if we send a packet to a remote system in which all the flags are turned off (That is, set to NULL), then the remote system would actually not know what to do with the packet or in other words, it would not know what this packet was meant for.

You see, each flag is supposed to perform a particular function. According to the function that you wish to perform, the various TCP flags are turned on and turned off. Now, when the client sends a packet with all the flags turned off, then the server has absolutely no idea as to what it has to do with the packet or as to why the client sent the packet. If the NULL packet is directed to an open port, then the service running on that port replies with a error message. However, if the NULL packet is directed to a closed port, then the remote system replies with a RST or reset because the NULL packet it received did not contain enough information to establish a connection.

0
 

Author Closing Comment

by:silky38
ID: 31413314
Doesn't really solve the problem, but chances are that no one will have an answer.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month12 days, 22 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question