Solved

Remote Access for CCTV behind ASA 5505

Posted on 2014-01-09
6
499 Views
Last Modified: 2014-04-30
Hi,

We have a CCTV system using the vxh264pro CCTV system.

I need to allow an app on iPhone to connect externally to the CCTV system so that it can be monitored on the go.

The CCTV system has an internal IP of 10.0.0.13. It is connected to via 2 ports. HTTP 6200 and RTSP 1554.

We have a static global IP address.

Can anyone help with this?
0
Comment
Question by:willholt89
  • 4
  • 2
6 Comments
 
LVL 13

Accepted Solution

by:
stergium earned 500 total points
Comment Utility
hello.
Try using these:

hostname(config)# object network name
hostname(config-network-object)# host 10.0.0.13
hostname(config-network-object)# nat (inside,outside) static interface service tcp 6200 6200
hostname(config-network-object)# nat (inside,outside) static interface service tcp 1554 1554

You need also to configure an ACL permitting tcp traffic destined for inside address and corresponding ports then apply it inbound on interface outside:

access-list OUT_IN extended  permit tcp any host 10.0.0.13 eq  6200

access-list OUT_IN extended  permit tcp any host 10.0.0.13 eq  1554
accesss-group OUT_IN in interface outside

the above should suffice to your needs. I hope that helps
0
 

Author Comment

by:willholt89
Comment Utility
do I change object network name to the name of my network? or could I call it CCTV
0
 
LVL 13

Expert Comment

by:stergium
Comment Utility
change it to something familiar like cctv .  object network cctv  (should be the command)
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:willholt89
Comment Utility
Hi Stergium. Many thanks for your prompt replies. I get the error when trying to identify the host

Euro-PIX(config-network)# host 10.0.0.13
ERROR: Invalid hostname: '10.0.0.13'
INFO: A hostname must start and end with a letter or digit, and have as interior characters only letters, digits, or a hyphen.
0
 

Author Comment

by:willholt89
Comment Utility
Just realised my asa is running version 8.0 and these commands are for version 8.3 and later. do you know the equivalent syntax for 8.0
0
 

Author Comment

by:willholt89
Comment Utility
Thank you for your help. I was able to use the new syntax to workout what I needed to type in for the old syntax. Much appreciated

Will
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now