Solved

Setting Up Remote Viewing On IP Security Cameras

Posted on 2014-01-28
7
1,109 Views
Last Modified: 2014-01-30
I need help getting all of my port forwarding correct.

I have a SBS 2008 + SnapGear Firewall

I have setup a DDNS (Included as part of the camera system).

The DDNS address is AV125872.AvertxDDNS.com

My Quesitons:

1 - Should I use DDNS even if I have a static IP address?

2 - What ports do I need to setup on the firewall? (i.e. Destination Address: xx.xxx.xx.xx <---External IP Address OR destination address: av125872.AvertxDDNS.com).

3 - What do I need to do in the IIS console to forward the correct settings?



I called their tech support and they were not helpful in the least. "Forward your ports to the outside world" is all they could tell me.
0
Comment
Question by:Nicholas_BlueStar
  • 4
  • 2
7 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39815759
1)  Use DDNS because you want to access the cameras by name rather than IP.

2)  No idea.  What does your security camera documentation say?

3) See (2)
0
 

Author Comment

by:Nicholas_BlueStar
ID: 39815787
I have an NVR that "controls" and manages the cameras. It is 10.10.10.38 on my local network.

What I think I need to do is:

ISP ----> Firewall (10.10.10.254)  -----> Server (10.10.10.1) -----> NVR (10.10.10.38)

When you go to the DDNS address (listed in my original post) you just see the IIS7 logo but nothing else.

I have OWA setup through the firewall and it looks like:

Name: OWA
Source Address: Any
Destination Address: "Port B" (xx.xxx.xx.xx <----External IP Address)
Services: OWA (Where "OWA" refers to "tcp/http/80 tcp/https/443 tcp/4125")
To Destination Address: Server (Where "server" refers to "10.10.10.1")


Does that help decipher how my firewall functions?

The big picture (I believe) is to enter the DDNS address (AV125872.AvertXDDNS.com) and be directed to 10.10.10.38 (where the NVR is located).

Does that help? Sorry if I made things more confusing.
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39815926
You'll need to set up port forwarding in your router to send port-specific outside traffic to the NVR, and NAT to allow that traffic back out again.  

I presume you monitor the NVR as if it were a web page, and it may even use straight HTTP/port 80 to transmit.  In that case, you might configure the firewall to direct requests it receives for 65.182.71.39:8080 to the NVR.  Then, from outside your network, traffic to 65.182.71.39 would be sent to your IIS7 server and 65.182.71.39:8080 would be sent to your NVR.

Portforwarding the SG565
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:Nicholas_BlueStar
ID: 39816283
Paul

Im trying to follow your instructions but I am a little confused...

Are you saying that the only "configuration" will be on my SnapGear? Will I need to modify anything within my SBS 2008 server?

I can only choose port B which does not have the 8080 after the IP address...I am not sure how to get around that...Again, I am a novice when it comes to this advanced port stuff.
0
 

Author Comment

by:Nicholas_BlueStar
ID: 39817737
I am still not sure what I need to do Paul.

Here is what my current NAT (port forwarding looks like)

Screenshot Of SnapGear
My "Destination Address" can only be "Port B" which does not have the :8080 after it so I am not sure how to do that.

Also - If I point incoming (outside) traffic to the server (10.10.10.1), how do I make the server point that request to 10.10.10.38?
0
 
LVL 11

Accepted Solution

by:
hecgomrec earned 500 total points
ID: 39820883
I'm not a master of SnapGear but I'll try to get you there....


Port B in this device refers to the Internet service provider (ISP) access and you see this because here you can have internal and external port forwarding in the same place.

In your case you want to create and incoming rule therefore your Destination address will be once again Port B.

AV125872.AvertXDDNS.com is a DNS name assigned by AvertX to get to your public IP.  If you already have a name assigned to your IP you can still use that one, use the one assigned by AvertX or if you have access to your on DNS records just add something more meaningful to it like security.yourdomain.com or webcams.yourdomain.com.


Now, when you get a request to your IP (65.182.71.39) regardless the name used on port (NVR settings) your services could be named NVRSVR and have the port of the NVR device and your LAN destination will be the IP of the device (10.10.10.38) and the "to services" will be unchanged (meaning will be sent to the same port on device).

Please note the following:

You most change your cameras settings to use a different port rather than 80 as it is standard for Internet Browsing.  Must likely, all your cameras have an IP and a port assigned which in turn allows you see any camera individually if you set it up on the firewall. This will allow you to monitor lets say the camera for a cash register only directly from your tablet, phone or any internet attached device.

Hope it is more clear for you now!!!!
0
 

Author Comment

by:Nicholas_BlueStar
ID: 39821250
hecgomrec

"Please note the following:

You most change your cameras settings to use a different port rather than 80 as it is standard for Internet Browsing.  Must likely, all your cameras have an IP and a port assigned which in turn allows you see any camera individually if you set it up on the firewall. This will allow you to monitor lets say the camera for a cash register only directly from your tablet, phone or any internet attached device."

EXACTLY! That was the only issue! Once I changed the port from 80 I got it to work.

Thank you for the info!
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Setting up a VPN 60 135
SBS 2011 certificates expired - need to renew? 4 69
By pass website on ASA for Websense 4 70
Palo Alto Networks: Truly No Hit Count? 2 43
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now