How to access 8 IP cam on lan from wan
-
hi
i have an interesting request from a pre-school principle, she wants parents to access school's internal cams to see their pupils, at a certain limited time of a day with username and password for each parents, is that possible? do i need a public IP for eache IP can? any body have done some thing similar? if so please can you help me?
help really appreciated
thanks in advance
hadi57
-
you need to forward the ports.
either you have a public IP for each cam
or you have a single IP and forward different ports to the different cams.you can make timescheduled rules to allow access on different times.
but the autentifiction has to happen at the cam itself.
dont think you can do that with pfsense. -
thanks for the reply
can you please give me lead how to create a rule to forward ports to IP?
thanks again
hadi57
-
search?
–> http://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense%3F
-
hi and thanks for the link
i followed the text in the link but it didnt work, what port range should i use?
could you please give me en example on 192.168.0.x, i am trying to access 36 D-link access points and upgrade them, this would be a great time saving to do it from home.
hadi57
-
hi
i tried the follwoings:
interface: wan
external address: any
protocol: tcp
external port range:
from: other 1400
to: other
nat ip: 192.168.113.112 (that is one of my wireless access point
local port: other 1400my dhcp range is: 192.163.10 to 192.163.1.245
my gateway address is: 192.163.1.254so i tried accessing one access point with the public ip of my server 87.230.x.x:1400 with no luck.
what did i do wrong
help is highly appreciated
hadi57
-
Did you NAT port 1400?
Your post makes me believe you only put in a firewall rule.And the rule's source port should be any as well, BTW!
-
hi
thank you for your help
this was the firewall/Nat
and i can see on the nat page:
if: wan
proto: TCP
ext.port range: 1400
NAT IP: 192.163.1.112 ext:any
Int. port range: 1400i don't know if this is correct
note: i am using 1.2-RC3
that's all
is that right, if so how to access my ip cams form wan?
-
hi again
still cant access, how access the 8 cams? so i put the wan ip of pf box with the port to the wanted to be access cam, like this: 212.45.xx.xx:1400? if so i still cant access
help really appreciated
hadi57
-
you have added a NAT rule. now check if you have firewall allow rule on the WAN interface to allow traffic to 192.163.1.112 : 1400
-
…access cam, like this: 212.45.xx.xx:1400? if so i still cant access
If you are using Internetexplorer it's maybe just an issue with a missing "http://" in front of that IP and port. For non standard ports (80 and 443) it won't know that this is http. Somehow stupid. Other browsers like firefox do it better ;)
Also how do you test this? If you test this from inside your network it won't work without natreflection turned on (system>advanced, very bottom).
-
hi
i am using linux and firefox for browse, this is my current configuration:
-
Your first nat rule (the one for port 810) is wrong. It has to have the interface IP like all the others in it and not "any". Also disable or delete the first firewallrule at the WAN tab. Your pfSense is wide open to the world that way.
Just another thought, a colleague of me baught a rather cheap ipcam. The cam has one port for the webgui to configure, however once you hit the webgui it loads an activex plugin that needs some other ports to be forwarded as well, that you can't change or that are not even documented in the manual. Once we found that out and added the according portforwards the cam worked. However if that was the case with your cam you would not be able to make more than one cam available at WAN.
-
hi and thanks
i am looking now at the ip cam site http://www.networkipcamera.com/faq_009-java.php
trying to understand it. -
Their cameras really seem to use multiple ports: http://www.networkipcamera.com/faq_004_soho.php
So you have to modify all of those ports on each cam so that each cam has unique ports and add a bunch of portforwards/firewallrules for each. Btw, you can make this much easier by adding portaliases for the cams and reduce the number of portforwards/firewallrules this way ;)
-
thanks again and again, ill go to site tomorrow and work on that
hadi57
-
hi
i went today and changed the video and web ports for all cams as well so my nat and fw looks like this but still cant access the cams i don't know what i did wrong:
-
Just a quick observation:
If you NAT 15973 UDP you should firewall this as 15973 UDP as well. Not TCP… -
How do you check that you cannot reach the cams from WAN?
If you're sitting behind a consumer router, usually doing just NAT, this is doable.
Since you are using pfSense in this install, chances are, you are behind a pfSense at home/in your office as well.
If you only opened http(s) ports for surfing there, you'll never get to school-ip:810. Then the problem is on the other side of the connection. -
hi
the port 15973 tcp is now udp
i am checking from home:
1- with pfbox connected.
2- without pfbox connected directly to dsl routeri try changing the 1st line https:443 to allow any so every thing is wide open like before, but still couldn't to connect to the school ip cams. i still don't know where is the problem, is it ok i give you the access to the server for a check? it will be really appreciable.
thank you again.
