JoeBryce
asked on
Viewing a security DVR from outside the LAN
One of my clients has just installed a security system with four cameras feeding into a Honeywell HRDP DVR. The DVR connectes by Ethernet to a port on the office switch (a NetGear FSM726). The switch, in turn, is connected to a Netopia 3347NWG DSL modem with DSL service through AT&T.
We can see the video feed from the other computers on the LAN by putting in the DVR's LAN IP in a web browser. My issue is that I need to be able to have the video feed available to be monitored from an employee from their home (in case there is an alert or alarm at night on over the weekend). I am not 100% sure how to go about this.
If I log into the Netopia, I see the Local WAN IP address and the remore gateway address. I can also see the primary and secondary DNS addresses. When I go over to IP Passthrough section of the Netopia setup, it is disabled, but I also do not see the DVR's IP address or name in the list of devices.
We can see the video feed from the other computers on the LAN by putting in the DVR's LAN IP in a web browser. My issue is that I need to be able to have the video feed available to be monitored from an employee from their home (in case there is an alert or alarm at night on over the weekend). I am not 100% sure how to go about this.
If I log into the Netopia, I see the Local WAN IP address and the remore gateway address. I can also see the primary and secondary DNS addresses. When I go over to IP Passthrough section of the Netopia setup, it is disabled, but I also do not see the DVR's IP address or name in the list of devices.
ASKER
So does that mean to access the DVR from outside the office LAN we simply use the IP of the edge device plus the port (xxx.xxx.xxx.xxx:443) or do I have to do IP passthrough on the Netopia? When I log in to the Netopia router in my list of devices to do a passthrough, I don't see the DVR.
If you have overload nat setup then yes, you may have to setup the port forward to the inside though
on Cisco I would overload nat setup and I would add a translation to the inside ip, like this
static (inside,outside) tcp interface 443 10.1.2.3 netmask 255.255.255.255
inerface = outside interface
443 = https
10.1.2.3 = inside IP
You may be doing this via gui
harbor235 ;}
JB, no problem, I've config'd a few of these bad boyz...
Q: Did at&t provide the acct a single or multiple (/29) IP?
Q: Is there an add'l router, firewall or switch attached to the netopia?
Depending on your response to above Q's,Ii would likely recommend ip passthrough mode. This would essentially place the CCTV/DVR system in the DMZ.
P2E
Q: Did at&t provide the acct a single or multiple (/29) IP?
Q: Is there an add'l router, firewall or switch attached to the netopia?
Depending on your response to above Q's,Ii would likely recommend ip passthrough mode. This would essentially place the CCTV/DVR system in the DMZ.
P2E
ASKER
Press2:
I am not sure about the number of IPs provided by AT&T. I will have to check on that.
The Netopia is connected on one end to the Internet via the DSL enabled phone line. The other end of the Netopia connection is into the #1 port on a NetGear FSM726 switch. The rest of my network (computers, printers, and DVR) attach to the FSM726 via the various other ports on the 726.
I am not sure about the number of IPs provided by AT&T. I will have to check on that.
The Netopia is connected on one end to the Internet via the DSL enabled phone line. The other end of the Netopia connection is into the #1 port on a NetGear FSM726 switch. The rest of my network (computers, printers, and DVR) attach to the FSM726 via the various other ports on the 726.
How is the DVR WAN IP configured - with DHCP, a public IP, or private IP? If you are using a public IP - what is assoiated netmask?
At the Netopias LAN Discovery (ExpertModem > Troubleshoot > SystemStatus) or ARP section, does the router see the DVR attached?
This info will determine the best configuration to acceess the DVR via the net
P2E
At the Netopias LAN Discovery (ExpertModem > Troubleshoot > SystemStatus) or ARP section, does the router see the DVR attached?
This info will determine the best configuration to acceess the DVR via the net
P2E
ASKER
When the DVR was set up, it was given a static IP on the LAN - 192.168.1.xxx with a subnet of 255.255.255.0. I do not know if there was a WAN option or not.
On LAN Discovery, the router does see the DVR on the correct LAN IP address, and it shows up correctly in the ARP table as well.
When looking at the WAN setup in the Netopia, it has a local address and a peer address, shows that NAT is on and that WAN users are unlimited.
On LAN Discovery, the router does see the DVR on the correct LAN IP address, and it shows up correctly in the ARP table as well.
When looking at the WAN setup in the Netopia, it has a local address and a peer address, shows that NAT is on and that WAN users are unlimited.
in order that you consistantly access the dvr via the internet - get/use a single static IP. with at&t dsl, there is likely no add'l fee.
once you obtain a public statip ip address & the dvr is configure properly, the following steps will get the system online...
under ExpertMode, click "IP Maps > Configure > Advanced > IP Maps > Add @ Internal Address - enter 192.168.x.x & under External Address - enter your static ip > Submit > click Alert (!) > Save & Restart.
P2E
once you obtain a public statip ip address & the dvr is configure properly, the following steps will get the system online...
under ExpertMode, click "IP Maps > Configure > Advanced > IP Maps > Add @ Internal Address - enter 192.168.x.x & under External Address - enter your static ip > Submit > click Alert (!) > Save & Restart.
P2E
ASKER
One last (hopefully) dumb question.
I talked to AT&T and I actual;ly have 8 static IPS on this account. xxx.xxx.xxx.16 through xxx.xxx.xxx.23 with .18 through .22 available for use. I understand from your post above that I need to go in and map the DVR's internal IP to one of my 5 available external static IPs. Is there a need to set a port, or include a port in the IP address when accessing from the outside, or will hitting strictly on that static IP be enough?
I talked to AT&T and I actual;ly have 8 static IPS on this account. xxx.xxx.xxx.16 through xxx.xxx.xxx.23 with .18 through .22 available for use. I understand from your post above that I need to go in and map the DVR's internal IP to one of my 5 available external static IPs. Is there a need to set a port, or include a port in the IP address when accessing from the outside, or will hitting strictly on that static IP be enough?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks so much. It is up and running on the outside IP.
Hello
I know this sound dumb but I been trying to configure my AT T DSL Router (Netopia 3000) with my CCTV Unit
Here are my setting Please Help
I have 5 static IP
DHCP Server Address: xxx.xxx.xxx.192 to xxx.xxx.xxx.197
I can access my router thought this IP address xxx.xxx.xxx.198
I setup Pinholes as follows:
TCP
External Port start: 80
External Port End: 80
xxx.xxx.xxx.196
Internal Port 80
I also setup IP Maps
Internal IP Address: xxx.xxx.xxx.196
External IP Address xxx.xxx.xxx.196
DVR Static IP is as follows
Ip Address: xxx.xxx.xxx.196
Sub Net Mask is: 255.255.255.248
Gateway is xxx.xxx.xxx.198
Please Help. Thank you very Much
I know this sound dumb but I been trying to configure my AT T DSL Router (Netopia 3000) with my CCTV Unit
Here are my setting Please Help
I have 5 static IP
DHCP Server Address: xxx.xxx.xxx.192 to xxx.xxx.xxx.197
I can access my router thought this IP address xxx.xxx.xxx.198
I setup Pinholes as follows:
TCP
External Port start: 80
External Port End: 80
xxx.xxx.xxx.196
Internal Port 80
I also setup IP Maps
Internal IP Address: xxx.xxx.xxx.196
External IP Address xxx.xxx.xxx.196
DVR Static IP is as follows
Ip Address: xxx.xxx.xxx.196
Sub Net Mask is: 255.255.255.248
Gateway is xxx.xxx.xxx.198
Please Help. Thank you very Much
Typically your edge device (netopia) is doing NAT, so you must do port forwarding to the webserver builtin on the DVR on port 443
most times. SSL or port 443 uses encryption which is good for remote access, you don't want someone else using your DVR.
harbor235 ;}