erict@airweld.net 0 Posted April 25, 2006 Does anyone know how to set up a digimerge dvr for remote access going through a cisco 2600 series router. I have fowarded the ports I was told I have to with nat translations in the router. I can connect to the actual dvr through the internet, I can imput my password, however when I go to click on a camera it takes about 25 seconds before it comes back with connection failed. Can anyone help me? Share this post Link to post Share on other sites
MrSquid 0 Posted April 26, 2006 If we assume this is a network problem and suspect that another port needs to be opened... Issue the following command "sh log" after you get the error message about not being able to connect. That will show you what ports are being dropped (Assuming logging is enabled on the router). You will then need to adjust your ACL accordingly. It is a little strange that just a router would be used as a gateway to the internet. If you have a diagram or any further information it would help. Share this post Link to post Share on other sites
erict@airweld.net 0 Posted April 26, 2006 According to digimerge all the ports that need to be fowarded are. Share this post Link to post Share on other sites
MrSquid 0 Posted April 26, 2006 We need to narrow this down to a DVR or network problem. Are you able to connect to the DVR, login, and see the video from inside the network? Share this post Link to post Share on other sites
erict@airweld.net 0 Posted April 26, 2006 I can access the dvr from the internal network. I can access the dvr from the internet as well, I can even get into the remote configuration screen to change settings but when I go to view the live cameras it tells me connection failure. Share this post Link to post Share on other sites
MrSquid 0 Posted April 26, 2006 Can you view the live cameras from inside the network? Share this post Link to post Share on other sites
erict@airweld.net 0 Posted April 26, 2006 I can view the cameras from the internal network... Share this post Link to post Share on other sites
MrSquid 0 Posted April 26, 2006 OK, then this is a network related problem. It is most likely an issue with port blocking or NAT. Even though you can connect and bring up the management screen, the video portion could be on another port. I don't have any experience with Digimerge, but I do work on router and PIX related issues daily. It is not uncommon for vendors to be wrong with the information they provide. If you can post your NAT statements and ACL from your router I will take a look to see if I see any problems and offer some suggestions on determining if any ports are being blocked. One thing to try is to telnet to each of the ports the vendor provided you with, 1st from the internal network, then from the public internet. It would look like this from a dos command line telnet xxx.xxx.xxx.xxx 80 (80 being one of the ports the vendor asked you to open). If you get a black screen with a blinking cursor that is considered a successful connection. If it bounces you right out with an error that is a failed connection. If you have ports you can connect to internally but not from the internet you then know which port to check on the router. Another general tip is to scan the DigiMerge with a port scanner to see what ports it responds back on. Be sure to do this during a non critical monitoring time becasue there is a small chance it could cause the device to hang and require a reset. Then compare that list of ports to the list given to you by the vendor. Share this post Link to post Share on other sites
erict@airweld.net 0 Posted April 26, 2006 Here is a copy of my nat translations and my acl.... I can telnet from the internal network I will try from internet tonight... ip nat inside source static tcp 192.168.7.110 9000 66.251.104.162 9000 extendable ip nat inside source static udp 192.168.7.110 9000 66.251.104.162 9000 extendable ip nat inside source static tcp 192.168.7.110 8003 66.251.104.162 8003 extendable ip nat inside source static udp 192.168.7.110 8003 66.251.104.162 8003 extendable ip nat inside source static tcp 192.168.7.110 8002 66.251.104.162 8002 extendable ip nat inside source static udp 192.168.7.110 8002 66.251.104.162 8002 extendable ip nat inside source static tcp 192.168.7.110 8001 66.251.104.162 8001 extendable ip nat inside source static udp 192.168.7.110 8001 66.251.104.162 8001 extendable ip nat inside source static tcp 192.168.7.110 7000 66.251.104.162 7000 extendable ip nat inside source static udp 192.168.7.110 7000 66.251.104.162 7000 extendable ip nat inside source static tcp 192.168.7.110 2000 66.251.104.162 2000 extendable ip nat inside source static udp 192.168.7.110 2000 66.251.104.162 2000 extendable ip nat inside source static udp 192.168.7.110 8000 66.251.104.162 8000 extendable ip nat inside source static tcp 192.168.7.110 8000 66.251.104.162 8000 extendable ip nat inside source static tcp 192.168.5.110 9001 66.251.98.182 9001 extendable ip nat inside source static udp 192.168.5.110 9001 66.251.98.182 9001 extendable ip nat inside source static tcp 192.168.5.110 9000 66.251.98.182 9000 extendable ip nat inside source static udp 192.168.5.110 9000 66.251.98.182 9000 extendable ip nat inside source static tcp 192.168.5.110 8003 66.251.98.182 8003 extendable ip nat inside source static udp 192.168.5.110 8003 66.251.98.182 8003 extendable ip nat inside source static tcp 192.168.5.110 8002 66.251.98.182 8002 extendable ip nat inside source static udp 192.168.5.110 8002 66.251.98.182 8002 extendable ip nat inside source static tcp 192.168.5.110 8001 66.251.98.182 8001 extendable ip nat inside source static udp 192.168.5.110 8001 66.251.98.182 8001 extendable ip nat inside source static tcp 192.168.5.110 7000 66.251.98.182 7000 extendable ip nat inside source static udp 192.168.5.110 7000 66.251.98.182 7000 extendable ip nat inside source static tcp 192.168.5.110 2000 66.251.98.182 2000 extendable ip nat inside source static udp 192.168.5.110 2000 66.251.98.182 2000 extendable ip nat inside source static udp 192.168.5.110 8000 66.251.98.182 8000 extendable ip nat inside source static tcp 192.168.5.110 8000 66.251.98.182 8000 extendable access-list 102 deny 53 any any access-list 102 deny 55 any any access-list 102 deny 77 any any access-list 102 deny pim any any access-list 102 deny ip 192.168.1.0 0.0.0.255 any log access-list 102 deny ip 192.168.254.0 0.0.0.255 any log access-list 102 permit tcp host 24.185.35.202 any access-list 102 permit tcp host 24.186.247.138 any access-list 102 permit tcp host 24.190.165.75 any access-list 102 permit tcp host 24.190.9.211 any access-list 102 permit tcp host 69.123.114.95 any access-list 102 permit tcp host 24.186.247.37 any access-list 102 permit tcp host 24.187.33.186 any access-list 102 permit tcp host 69.117.246.208 any access-list 102 permit tcp host 69.119.136.54 any access-list 102 permit tcp host 69.113.138.131 any access-list 102 permit tcp host 69.123.13.254 any access-list 102 permit tcp host 24.185.39.201 any access-list 102 permit tcp host 69.123.2.57 any access-list 102 permit tcp host 69.123.36.245 any access-list 102 permit tcp host 69.123.166.205 any access-list 102 permit tcp host 69.123.120.238 any access-list 102 permit tcp host 68.194.200.118 any access-list 102 permit tcp host 68.194.207.218 any access-list 102 permit tcp host 69.123.54.232 any access-list 102 permit tcp host 24.45.120.185 any access-list 102 permit tcp host 24.186.45.60 any access-list 102 permit tcp host 24.191.20.182 any access-list 102 permit tcp host 24.190.14.18 any access-list 102 permit tcp host 68.194.202.89 any access-list 102 permit tcp host 69.113.137.33 any access-list 102 permit tcp host 24.186.236.138 any access-list 102 permit tcp host 24.191.23.61 any access-list 102 permit tcp host 69.123.162.81 any access-list 102 permit tcp host 24.184.121.111 any access-list 102 permit tcp host 68.194.195.147 any access-list 102 permit tcp host 68.194.203.58 any access-list 102 permit tcp host 68.194.199.79 any access-list 102 permit tcp host 24.191.21.161 any access-list 102 permit tcp host 24.187.57.13 any access-list 102 permit tcp host 24.189.20.120 any access-list 102 permit tcp any any established access-list 102 permit ip host 24.186.93.152 any log access-list 102 permit tcp any host 66.251.98.182 eq smtp log access-list 102 permit udp any any eq domain access-list 102 permit udp any eq domain any access-list 102 permit tcp any any eq ftp-data access-list 102 permit icmp any any echo access-list 102 permit icmp any any echo-reply access-list 102 permit ip 204.212.166.0 0.0.0.255 any log access-list 102 permit ip host 208.8.251.51 any log access-list 102 deny ip any any log access-list 102 permit ip 192.168.1.0 0.0.0.255 any log Share this post Link to post Share on other sites
MrSquid 0 Posted April 26, 2006 I need a few items clarified. Is your DVR 192.168.5.110 or 192.168.7.110, or maybe you have (2) DVR's? Is access list 102 applied to the interface both the "in bound" and "out bound" directions? Share this post Link to post Share on other sites
erict@airweld.net 0 Posted April 27, 2006 Yes there are two dvr's, both do not work. The access list is applied to both incoming and outgoing on the interface. Share this post Link to post Share on other sites
MrSquid 0 Posted April 28, 2006 Your NAT's look good. You will need to modify your ACL to allow the same traffic to pass that you have the NAT's setup for. Also that Last permit statement on the ACL is being ignored because it is after the deny all statement. Did your telnet from the internet fail? Share this post Link to post Share on other sites
erict@airweld.net 0 Posted April 28, 2006 what do you mean i have to change my acl to allow the same traffic to pass that you have the NAT's setup for. Can you give me an example Share this post Link to post Share on other sites
tomeb 0 Posted April 30, 2006 Anyone recommend a good port scanner program? Share this post Link to post Share on other sites
rory 0 Posted April 30, 2006 i just use the one built into Ewido .. for connections to my PC at least. Share this post Link to post Share on other sites
Wayne_ferrari 0 Posted April 19, 2011 I had the same issue. The solution was in the Port Forwarding. Considering the standard ports of 80 and 554. I had my router set up to TCP 80, and UDP 554. With the result of connection, and no image. When I set 80 and 554 to "Both".. Or made another port forward to look like : TCP port 80 to 192.168.x.x UDP port 554 to 192.168.x.x TCP port 554 to 192.168.x.x UDP port 80 to 192.168.x.x Either way, the problem is that both ports need to be setup for both functions. If you have more then one DVR, the second one need it's own ports.. of course. Cheers Share this post Link to post Share on other sites
ali_yk6 0 Posted December 10, 2012 Has anyone got the solution to this? I tried what "Wayne_ferrari" suggested, and nothing worked. I have a Digimerge DH216+ DVR running on a Cisco VPN RV180W Router. I port forwarded TCP and UDP ports 80 and 554 as listed and I still have a problem. I can do an internal live view, and I can access my Digimerge from the internet, but cannot see live view. The furthest I can get using my browser is the Digimerge menu which is attached: I have just installed this 16 channel for a customer of mine and can't get this thing working after 8 hours of diagnostics. Is there any other way other than port forwarding i can try this? Should i try different ports? Thanks Share this post Link to post Share on other sites