Solved

Setting Up Remote Viewing On IP Security Cameras

Posted on 2014-01-28
7
1,138 Views
Last Modified: 2014-01-30
I need help getting all of my port forwarding correct.

I have a SBS 2008 + SnapGear Firewall

I have setup a DDNS (Included as part of the camera system).

The DDNS address is AV125872.AvertxDDNS.com

My Quesitons:

1 - Should I use DDNS even if I have a static IP address?

2 - What ports do I need to setup on the firewall? (i.e. Destination Address: xx.xxx.xx.xx <---External IP Address OR destination address: av125872.AvertxDDNS.com).

3 - What do I need to do in the IIS console to forward the correct settings?



I called their tech support and they were not helpful in the least. "Forward your ports to the outside world" is all they could tell me.
0
Comment
Question by:Nicholas_BlueStar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39815759
1)  Use DDNS because you want to access the cameras by name rather than IP.

2)  No idea.  What does your security camera documentation say?

3) See (2)
0
 

Author Comment

by:Nicholas_BlueStar
ID: 39815787
I have an NVR that "controls" and manages the cameras. It is 10.10.10.38 on my local network.

What I think I need to do is:

ISP ----> Firewall (10.10.10.254)  -----> Server (10.10.10.1) -----> NVR (10.10.10.38)

When you go to the DDNS address (listed in my original post) you just see the IIS7 logo but nothing else.

I have OWA setup through the firewall and it looks like:

Name: OWA
Source Address: Any
Destination Address: "Port B" (xx.xxx.xx.xx <----External IP Address)
Services: OWA (Where "OWA" refers to "tcp/http/80 tcp/https/443 tcp/4125")
To Destination Address: Server (Where "server" refers to "10.10.10.1")


Does that help decipher how my firewall functions?

The big picture (I believe) is to enter the DDNS address (AV125872.AvertXDDNS.com) and be directed to 10.10.10.38 (where the NVR is located).

Does that help? Sorry if I made things more confusing.
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39815926
You'll need to set up port forwarding in your router to send port-specific outside traffic to the NVR, and NAT to allow that traffic back out again.  

I presume you monitor the NVR as if it were a web page, and it may even use straight HTTP/port 80 to transmit.  In that case, you might configure the firewall to direct requests it receives for 65.182.71.39:8080 to the NVR.  Then, from outside your network, traffic to 65.182.71.39 would be sent to your IIS7 server and 65.182.71.39:8080 would be sent to your NVR.

Portforwarding the SG565
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:Nicholas_BlueStar
ID: 39816283
Paul

Im trying to follow your instructions but I am a little confused...

Are you saying that the only "configuration" will be on my SnapGear? Will I need to modify anything within my SBS 2008 server?

I can only choose port B which does not have the 8080 after the IP address...I am not sure how to get around that...Again, I am a novice when it comes to this advanced port stuff.
0
 

Author Comment

by:Nicholas_BlueStar
ID: 39817737
I am still not sure what I need to do Paul.

Here is what my current NAT (port forwarding looks like)

Screenshot Of SnapGear
My "Destination Address" can only be "Port B" which does not have the :8080 after it so I am not sure how to do that.

Also - If I point incoming (outside) traffic to the server (10.10.10.1), how do I make the server point that request to 10.10.10.38?
0
 
LVL 11

Accepted Solution

by:
hecgomrec earned 500 total points
ID: 39820883
I'm not a master of SnapGear but I'll try to get you there....


Port B in this device refers to the Internet service provider (ISP) access and you see this because here you can have internal and external port forwarding in the same place.

In your case you want to create and incoming rule therefore your Destination address will be once again Port B.

AV125872.AvertXDDNS.com is a DNS name assigned by AvertX to get to your public IP.  If you already have a name assigned to your IP you can still use that one, use the one assigned by AvertX or if you have access to your on DNS records just add something more meaningful to it like security.yourdomain.com or webcams.yourdomain.com.


Now, when you get a request to your IP (65.182.71.39) regardless the name used on port (NVR settings) your services could be named NVRSVR and have the port of the NVR device and your LAN destination will be the IP of the device (10.10.10.38) and the "to services" will be unchanged (meaning will be sent to the same port on device).

Please note the following:

You most change your cameras settings to use a different port rather than 80 as it is standard for Internet Browsing.  Must likely, all your cameras have an IP and a port assigned which in turn allows you see any camera individually if you set it up on the firewall. This will allow you to monitor lets say the camera for a cash register only directly from your tablet, phone or any internet attached device.

Hope it is more clear for you now!!!!
0
 

Author Comment

by:Nicholas_BlueStar
ID: 39821250
hecgomrec

"Please note the following:

You most change your cameras settings to use a different port rather than 80 as it is standard for Internet Browsing.  Must likely, all your cameras have an IP and a port assigned which in turn allows you see any camera individually if you set it up on the firewall. This will allow you to monitor lets say the camera for a cash register only directly from your tablet, phone or any internet attached device."

EXACTLY! That was the only issue! Once I changed the port from 80 I got it to work.

Thank you for the info!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question