Cisco ASA 5505 and security cam setup
Posted on 2011-03-15
Our security cam interface is on 192.168.119.230. The Macs use an application called ACS/Digital Watchdog to view the cam images. We don't want web-based viewing, just the app on ports 9010 and 9011.
We have a Cisco VPN which allows access to all services on the LAN EXCEPT the security cams. For reasons unknown to me, we just can't view the cams over the VPN.
The VPN assigned subnet is 192.168.50.0. Maybe the security cam is not allowing the NAT? With other networks I've worked on, this has not been an issue. Why now?
We're supposed to open ports 9010 and 9011 for the cam software. We could open up those ports to the world, but we don't want non-VPN users to access the cams.
So I set up a NAT rule and an Access Rule allowing traffic from 192.168.50.0 to 192.168.119.230, over those ports. The result: traffic to the Internet became unavailable. ??
How can we allow VPN users to see the cams without opening those ports to the world? Any thoughts?