Solved

Remote Access for CCTV behind ASA 5505

Posted on 2014-01-09
6
505 Views
Last Modified: 2014-04-30
Hi,

We have a CCTV system using the vxh264pro CCTV system.

I need to allow an app on iPhone to connect externally to the CCTV system so that it can be monitored on the go.

The CCTV system has an internal IP of 10.0.0.13. It is connected to via 2 ports. HTTP 6200 and RTSP 1554.

We have a static global IP address.

Can anyone help with this?
0
Comment
Question by:willholt89
  • 4
  • 2
6 Comments
 
LVL 13

Accepted Solution

by:
stergium earned 500 total points
ID: 39767436
hello.
Try using these:

hostname(config)# object network name
hostname(config-network-object)# host 10.0.0.13
hostname(config-network-object)# nat (inside,outside) static interface service tcp 6200 6200
hostname(config-network-object)# nat (inside,outside) static interface service tcp 1554 1554

You need also to configure an ACL permitting tcp traffic destined for inside address and corresponding ports then apply it inbound on interface outside:

access-list OUT_IN extended  permit tcp any host 10.0.0.13 eq  6200

access-list OUT_IN extended  permit tcp any host 10.0.0.13 eq  1554
accesss-group OUT_IN in interface outside

the above should suffice to your needs. I hope that helps
0
 

Author Comment

by:willholt89
ID: 39767497
do I change object network name to the name of my network? or could I call it CCTV
0
 
LVL 13

Expert Comment

by:stergium
ID: 39767507
change it to something familiar like cctv .  object network cctv  (should be the command)
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:willholt89
ID: 39767576
Hi Stergium. Many thanks for your prompt replies. I get the error when trying to identify the host

Euro-PIX(config-network)# host 10.0.0.13
ERROR: Invalid hostname: '10.0.0.13'
INFO: A hostname must start and end with a letter or digit, and have as interior characters only letters, digits, or a hyphen.
0
 

Author Comment

by:willholt89
ID: 39767700
Just realised my asa is running version 8.0 and these commands are for version 8.3 and later. do you know the equivalent syntax for 8.0
0
 

Author Comment

by:willholt89
ID: 39767765
Thank you for your help. I was able to use the new syntax to workout what I needed to type in for the old syntax. Much appreciated

Will
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
URL to download Engenius BH-ENS202 firmware update 4 37
local DNS vendor. 4 67
Internet Protocol Security question 3 94
Ping configured interface on Sonicwall 16 60
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question