Showing posts with label Port Forwarding. Show all posts
Showing posts with label Port Forwarding. Show all posts

Monday, May 15, 2023

Port Forwarding on a Netcomm 3G Broadband Router 3G15Wn

Port Forwarding on a Netcomm 3G Broadband Router 3G15Wn 

This guide will walk you through the steps of port forwarding on the Netcomm 3G Broadband router 3G15Wn (Firmware L411-402NVM-C01_R10)

NetComm's web user interface (UI) was easy to navigate, although for no reason we could determine loading any of the wireless configuration pages took an exceedingly long time, leading to frustration.

Almost every menu option also creates a drop down when you mouse over, which is fine enough, but some of those drop-down menus then expand sideways when you mouse over them, with no indication that there's further options hidden there in the first place. With 16 menu items under the "Advanced" menu, many of which have daughter menus, it's really quite easy to get lost, or have an idea of just how many features there are.

1) Open up your favorite browser and go to the router’s default gateway address.

http://192.168.1.1 (Default Address)

2) Log in to the router.

Default Username: admin

Default password: admin

3) Once you have logged into your router go to the “Advanced” tab hover over “NAT” then click “Port Forwarding”.

4) Click on “Add” ad the bottom of the page.

5) Be sure to select the radio button “Custom Service” and choose a name for the service (small description eg. web, camera, xbox, etc..). “Server IP Address” is the Internal IP address that you want the port to be open on. Be sure you have “Protocol” set to “TCP/UDP” and “External Port” is the port you wish to open, “Internal Port” is the port leading to the machine on your home network. Apply/Save.

Once you save the settings you should now be able to test your port at www.portchecktool.com. Please keep in mind your ISP (Internet Service Provider) can be blocking certain ports such as port 8025 and 21. You can call and ask if they are. If you are still not able to see the ports check your firewall and anti-virus software on your computer.

An example configuration, you have a web cam that has the IP address 192.168.1.100 and it runs on port 80. You want to be able to access this camera from outside your network on port 8080. You would enter the below values into port forwarding page.

Custom Service = Small Description

Server IP Address = 192.168.1.100

Protocol = TCP/UDP

External Port = 8080

Internal Port = 80

Then to view the camera you would use your No-IP host of “somehost.no-ip.com” like this: http://somehost.no-ip.com:8080 to reach the webcam.

Port Forward Troubleshooting

If you are having problems with a port forward, try the following.

1. If you did not exactly follow the How can I forward ports with pfSense? guide, delete anything you have tried, and start from scratch with those instructions.

2. Port forwards do not work internally unless you enable reflection. Always test port forwards from outside your network.

3. If you're still having problems, edit the firewall rule that passes traffic for the NAT entry, and enable logging. Save and Apply Changes. Then try to access it again from the outside. Check your firewall logs to see if the traffic shows as being permitted or denied.

4. Use tcpdump to see what's happening on the wire. This is the best means of finding the problem, but requires the most networking expertise. Start with the WAN interface, and use a filter for the appropriate protocol and port. Attempt to access from outside your network and see if it shows up. If not, your ISP may be blocking the traffic, or for Virtual IPs, you may have an incorrect configuration. If you do see the traffic on the WAN interface, switch to the inside interface and perform a similar capture. If the traffic is not leaving the inside interface, you have a NAT or firewall rule configuration problem. If it is leaving the interface, and no traffic is coming back from the destination machine, its default gateway may be missing or incorrect, or it may not be listening on that port. For certain types of traffic you may see return traffic indicating the host is not listening on that port. For TCP, this would be a TCP RST. For UDP, it may be an ICMP Unreachable message.

Common Problems

1. NAT and firewall rules not correctly added (see How can I forward ports with pfSense?). Hint: You probably do NOT want to set a source port.

2. Firewall enabled on client machine.

3. Client machine is not using pfSense as its default gateway.

4. Client machine not actually listening on the port being forwarded.

5. ISP or something upstream of pfSense is blocking the port being forwarded

6. Trying to test from inside your network, need to test from an outside machine.

7. Incorrect or missing Virtual IP configuration for additional public IP addresses.

8. The pfSense router is not the border router. If there is something else between pfSense and your ISP, you must also replicate port forwards and associated rules there.

9. Forwarding ports to a server behind a Captive Portal. You must add an IP bypass both to and from the server's IP in order for a port forward to work behind a Captive Portal.

10. If this is on a WAN that is not your default gateway, make sure there is a gateway chosen on this WAN interface, or the firewall rules for the port forward would not reply back via the correct gateway.

11. If this is on a WAN that is not your default gateway, ensure the traffic for the port forward is NOT passed in via Floating Rules or an Interface Group. Only rules present on the WAN's interface tab under Firewall Rules will have the reply-to keyword to ensure the traffic responds properly via the expected gateway.

12. If this is on a WAN that is not your default gateway, make sure the firewall rule(s) allowing the traffic in do not have the box checked to disable reply-to.

13. If this is on a WAN that is not your default gateway, make sure the master reply-to disable switch is not checked under System > Advanced, on the Firewall/NAT tab.

14. WAN rules should NOT have a gateway set, so make sure that the rules for the port forward do NOT have a gateway configured on the actual rule.

Monday, November 16, 2020

Access your Hikvision NVR or Camera on Android devices

How to access your HikVision NVR or Camera on Android devices 

Closed-circuit television (CCTV), also known as video surveillance, is the use of video cameras to transmit a signal to a specific place, on a limited set of monitors. It differs from broadcast television in that the signal is not openly transmitted, though it may employ point-to-point (P2P), point-to-multipoint (P2MP), or mesh wired or wireless links but transmit a signal to a specific place only. Not for open to all. This article I write just for HikVision Lover only. Personally I am not support to install Hikvision/Dahua product or OEMN product. Technically 100% unsafe your personal video data.

Day by Day increase hacking of video surveillance camera. Now cyberattacks on CCTV systems making news headlines on a weekly basis of late, there is a good deal of concern and uncertainty about how at risk these systems are, as well as why they are being attacked.

In 2014, a US ally observed a malicious actor attacking the US State Department computer systems. In response the NSA traced the attacker’s source and infiltrated their computer systems gaining access to their CCTV cameras from where they were able to observe the hackers’ comings and goings.

In October 2016, 600,000 internet connected cameras, DVR’s, routers and other IoT devices were compromised and used to for a massive Bot Net to launch what was the largest Denial of Service (DOS) attack the internet had experienced to date.

In the lead up to the 2017 US Presidential inauguration, 65 per cent of the recording servers for the city of Washington CCTV system were infected with ransomware. How did the attack take place? Whilst unknown, it most likely occurred by the same means as other common PC hacks such as infected USB keys, malicious web sites, or phishing attacks.

May, 2018, over 60 Canon cameras in Japan were hacked with “I’m Hacked. bye2” appearing in the camera display text. How did the attack take place? Simple. IP cameras were connected to the internet and were left on default credentials. It appears that the hackers logged into the cameras and changed the on-screen display. What was the impact? Other the defacement of the camera displays and some reputational damage, there doesn’t seem to have been much impact from these attacks.

On Aug 13, 2018, The US President has signed the 2019 NDAA into law, banning the use of Dahua and HikVision (and their OEMs) for the US government, for US government-funded contracts and possibly for 'critical infrastructure' and 'national Security’ usage.

US government is effectively blacklisting Dahua and HikVision products, this will have a severe branding and consequentially purchasing impact. Many buyers will be concerned about:

What security risks those products pose for them

What problems might occur if they want to integrate with public / government systems

What future legislation at the state or local level might ban usage of such systems

On Jun 06, 2019 Hanwha Techwin is dropping Huawei Hisilicon from all of their products. Its belongs to China’s origin. Backdoor entry is open on product.

China's Wuhan Institute of Virology, the lab at the core of coronavirus. The institute is home to the China Centre for Virus Culture Collection, the largest virus bank in Asia which preserves more than 1,500 strains ( https://www.livemint.com/news/world/china-s-wuhan-institute-of-virology-the-lab-at-the-core-of-a-virus-controversy-11587266870143.html ). Result Corona has infected people in 185 countries. Its spread has left businesses around the world counting the costs. Global economy impact. Recession increase. Now people avoid to get china factory made product, electronics goods importing has stopped from china to other country. People looking for product except china. Now come to Video surveillance, access control equipment.

The ban that prohibits the purchase and installation of video surveillance equipment from Hikvision, Dahua and Hytera Communications in federal installations – passed on year 2018 National Defense Authorization Act (NDAA). In conjunction with the ban’s implementation, the government has also published a Federal Acquisition Regulation (FAR) that outlines interim rules for how it will be applied moving forward. Like NFPA, now NDAA law accept globally.

Rules outlined in this FAR include:

  • A “solicitation provision” that requires government contractors to declare whether a bid includes covered equipment under the act;
  • Defines covered equipment to include commercial items, including commercially available off-the-shelf (COTS) items, which the rule says, “may have a significant economic impact on a substantial number of small entities;”
  • Requires government procurement officers to modify indefinite delivery contracts to include the FAR clause for future orders;
  • Extends the ban to contracts at or below both the Micro-Purchase Threshold ($10,000) and Simplified Acquisition Threshold ($250,000), which typically gives agencies the ability to make purchases without federal acquisition rules applying.
  • Prohibits the purchase and installation of equipment from Chinese telecom giants Huawei and ZTE Corporation. This would also presumably extend to Huawei subsidiary Hisilicon, whose chips are found in many network cameras;
  • And, gives executive agency heads the ability grant a one-time waiver on a case-by-case basis for up to a two-year period.

Specifically, NDAA Section 889 creates a general prohibition on telecommunications or video surveillance equipment or services produced or provided by the following companies (and associated subsidiaries or affiliates):

  • Huawei Technologies Company; or
  • ZTE Corporation

It also prohibits equipment or services used specifically for national security purposes, such as public safety or security of government facilities, provided by the following companies (and associated subsidiaries or affiliates):

  • Hytera Communications Corporation;
  • Hangzhou Hikvision Digital Technology Company; or
  • Dahua Technology Company

While the prohibitions are initially limited to the five named companies, Section 889 authorizes the Secretary of Defense, in consultation with the Director of National Intelligence or the Director of the FBI, to extend these restrictions to additional companies based on their relationships to the Chinese Government. The prohibitions will take effect for executive-branch agencies on August 13, 2019, one year after the date of the enactment of the 2019 NDAA, and will extend to beneficiaries of any grants, loans, or subsidies from such agencies after an additional year.

The provisions of Section 889 are quite broad, and key concepts are left undefined, such as how the Secretary of Defense is to determine what constitutes an entity that is “owned or controlled by, or otherwise connected to” a covered foreign country, or how the head of an agency should determine whether a component is “substantial,” “essential,” or “critical” to the system of which it is part. The statute also fails to address the application of the prohibitions to equipment produced by U.S. manufacturers that incorporate elements supplied by the covered entities as original equipment manufacturers (“OEMs”) or other kinds of supplier relationships.

Section 889 contains two exceptions under which its prohibitions do not apply:

(1) It allows Executive agencies to procure services that connect to the facilities of a third party, “such as backhaul, roaming, or interconnection arrangements.” This likely means telecommunications providers are permitted to maintain common network arrangements with the covered entities.

(2) It permits covered telecommunications equipment that is unable to “route or redirect user data traffic or permit visibility into any user data or packets” it might handle, meaning a contractor may still be able to provide services to the Government so long as any covered equipment provided is unable to interact or access the data it handles.

Now we come to short process. First of all we need to find the IP address of the Hikvision device we want to connect too. First of all download SADP. This program will scan your network for Hikvision devices connected on your network.

Older Hikvision devices are shipped with a static IP address of 192.64.0.0, whereas new devices are shipped with DHCP enabled which means they will automatically be assigned an IP address that corresponds to your local network. If you're camera is set to a static IP address you will need to find out what range it needs to be changed to. To find out your local IP address follow the steps below.

  1. click start > control panel
  2. click network and internet
  3. Click network sharing center
  4. click Local area Connection
  5. Look at your IPv4 Default Gateway, it is usually either 192.168.1.1 or 192.168.0.1, however it can differ.

Once you know the default gateway you can set a new IP address for your device. You only want to change the last three digits of the IP address. I would recommend starting the last three digits at 100, so you don't conflict with anything else on your network such as a printer or phone.

If you're not responsible for your network, make sure to check with your IT department or administrators that the IP address isn't already taken.

An example of a set IP address would be 192.168.1.100.

Once you know what IP address to set your device too, you will need the password of the device to set it.
By default the password is 12345 for Hikvision devices.

For a quick overview of what you should see in SADP, check the image below. In the example the IP address is 192.168.1.212, this is because we have a variety of different cameras and devices on our network.

Once all this is set up, your cameras or NVR will be properly configured with your Local Network. You should be able to go into your browser and type in the IP address of the camera/NVR, and it will come up with a log in page.

Getting everything to work in the app


First of all, head on to the play store, as you need to install the iVMS4500 android app. Once you have downloaded the app, go ahead and launch it.

The first time you start up the app you will have to go through a small tutorial, which will show you a variety of cameras in china. Once the tutorial is over, tap the menu tab in the top right corner of the app and then tap the devices tab. from here there will be a plus sign in the top right hand corner. Tap this to add your Hikvision Device.

When you click the plus button you will see the following screen (Minus some information I have already entered) I will explain the options further below.

Alias - what you want to call the device you're adding. Useful for organisation. The alias is exclusive to the app, and doesn't change any actual camera settings.

Register mode - Set this to IP/Domain to add the device via it's IP address properly.

Address - The IP address of the device goes here

Port - usually leave this the same.

Username - admin
Password - 12345

Camera no. - Ignore this part, it will change depending on what device you are adding.

Tap the floppy Disk Icon to save the device.

Now go back, you will return to the devices tab. Uncheck the "Hangzhou, China" device, and check the device you added. From here click live view and you are ready to view your cameras on your local network.

From this point onwards, you will be able to view your Hikvision device on your android device, as long as you are on the same network.

Port-Forwarding, and accessing your devices from anywhere

If you want to access your cameras, or NVR remotely (From anywhere) You will need to have the devices port-forwarded. Port-forwarding is different for each router, but the ports that must be opened remain the same. For more information on Port-Forwarding, and a guide on how to set up your specific router, please head tohttp://portforward.com/.

When port forwarding a Hikvision camera, the ports that should be opened are

Port 80 - HTTP Protocol
Port 8000 - Client Software Port
Port 554 - RTSP Port
Port 1024 - 3G/4G Port, for access via a 3G or 4G mobile connection

Once you have successfully port forwarded your Hikvision device, follow the steps above, relevant to the OS you're using, and then insert the port-forwarded address of the device where the IP option goes.

This view may be slightly choppier, it depends on the speed of your current internet connection.

Q. What is the driving issue behind the National Defense Authorization Act (NDAA),
formerly known as HR5515?
A.     Cybersecurity concerns. In particular, cybersecurity of telecommunications and video surveillance products from specific companies that have deep relationships with a “covered foreign country” government, the People’s Republic of China.

Q.The named companies that are banned by the NDAA are based in China. Does the NDAA ban all video surveillance and telecommunications products and components made in China?
A: No. The NDAA does not ban all products and components that are designed or manufactured in China.
As per NDAA Section 889, f – definitions, 3 – Covered Telecommunications [and Video Surveillance] Equipment or Services, items A through D calls out specifically-named companies “that the Secretary of Defense, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, believes to be an entity owned or controlled by, or otherwise connected to, the government of a covered foreign country [The People’s Republic of China]”.
Hence, the NDAA does not ban products manufactured in China by companies that are headquartered and owned by entities that are not based in China.

Saturday, December 23, 2017

Port Forwarding on a Netcomm 3G Broadband Router

Port Forwarding on a Netcomm 3G Broadband Router 3G15Wn for Camera Online

This guide will walk you through the steps of port forwarding on the Netcomm 3G Broadband router 3G15Wn (Firmware L411-402NVM-C01_R10)

1) Open up your favorite browser and go to the router’s default gateway address.
 http://192.168.1.1 (Default Address)
2) Log in to the router.
Default Username: admin
Default password: admin

3) Once you have logged into your router go to the “Advanced” tab hover over “NAT” then click “Port Forwarding”.
4) Click on “Add” ad the bottom of the page.
5) Be sure to select the radio button “Custom Service” and choose a name for the service (small description eg. web, camera, xbox, etc..). “Server IP Address” is the Internal IP address that you want the port to be open on. Be sure you have “Protocol” set to “TCP/UDP” and “External Port” is the port you wish to open, “Internal Port” is the port leading to the machine on your home network. Apply/Save.

Once you save the settings you should now be able to test your port at www.portchecktool.com. Please keep in mind your ISP (Internet Service Provider) can be blocking certain ports such as port 8025 and 21. You can call and ask if they are. If you are still not able to see the ports check your firewall and anti-virus software on your computer.

An example configuration, you have a web cam that has the IP address 192.168.1.100 and it runs on port 80. You want to be able to access this camera from outside your network on port 8080. You would enter the below values into port forwarding page.

Custom Service = Small Description
Server IP Address = 192.168.1.100
Protocol = TCP/UDP
External Port = 8080
Internal Port = 80
Then to view the camera you would use your No-IP host of “somehost.no-ip.com” like this: http://somehost.no-ip.com:8080 to reach the webcam.

Port Forward Troubleshooting

If you are having problems with a port forward, try the following.
1. If you did not exactly follow the How can I forward ports with pfSense? guide, delete anything you have tried, and start from scratch with those instructions.
2. Port forwards do not work internally unless you enable reflection. Always test port forwards from outside your network.
3. If you're still having problems, edit the firewall rule that passes traffic for the NAT entry, and enable logging. Save and Apply Changes. Then try to access it again from the outside. Check your firewall logs to see if the traffic shows as being permitted or denied.
4. Use tcpdump to see what's happening on the wire. This is the best means of finding the problem, but requires the most networking expertise. Start with the WAN interface, and use a filter for the appropriate protocol and port. Attempt to access from outside your network and see if it shows up. If not, your ISP may be blocking the traffic, or for Virtual IPs, you may have an incorrect configuration. If you do see the traffic on the WAN interface, switch to the inside interface and perform a similar capture. If the traffic is not leaving the inside interface, you have a NAT or firewall rule configuration problem. If it is leaving the interface, and no traffic is coming back from the destination machine, its default gateway may be missing or incorrect, or it may not be listening on that port. For certain types of traffic you may see return traffic indicating the host is not listening on that port. For TCP, this would be a TCP RST. For UDP, it may be an ICMP Unreachable message.

Common Problems

1. NAT and firewall rules not correctly added (see How can I forward ports with pfSense?). Hint: You probably do NOT want to set a source port.
2. Firewall enabled on client machine.
3. Client machine is not using pfSense as its default gateway.
4. Client machine not actually listening on the port being forwarded.
5. ISP or something upstream of pfSense is blocking the port being forwarded
6. Trying to test from inside your network, need to test from an outside machine.
7. Incorrect or missing Virtual IP configuration for additional public IP addresses.
8. The pfSense router is not the border router. If there is something else between pfSense and your ISP, you must also replicate port forwards and associated rules there.
9. Forwarding ports to a server behind a Captive Portal. You must add an IP bypass both to and from the server's IP in order for a port forward to work behind a Captive Portal.
10. If this is on a WAN that is not your default gateway, make sure there is a gateway chosen on this WAN interface, or the firewall rules for the port forward would not reply back via the correct gateway.
11. If this is on a WAN that is not your default gateway, ensure the traffic for the port forward is NOT passed in via Floating Rules or an Interface Group. Only rules present on the WAN's interface tab under Firewall Rules will have the reply-to keyword to ensure the traffic responds properly via the expected gateway.
12. If this is on a WAN that is not your default gateway, make sure the firewall rule(s) allowing the traffic in do not have the box checked to disable reply-to.
13. If this is on a WAN that is not your default gateway, make sure the master reply-to disable switch is not checked under System > Advanced, on the Firewall/NAT tab.
14. WAN rules should NOT have a gateway set, so make sure that the rules for the port forward do NOT have a gateway configured on the actual rule.

Friday, August 12, 2016

Step by Step Guide to Remote view DVR

CCTV – Guide to Remote view of DVR

This post will walk you through setting up a CCTV DVR for remote viewing on Mobile or PC.
Connect the cameras to your DVR using BNC connectors & provide the power supply to DVR.Connect a mouse to the USB port. To view the cameras the DVR can be connected to a monitor through the VGA output of DVR or to a TV through the Video out pin (you may need a BNC to RCA converter)
Connect the DVR to the Network Router (providing internet connection as well as LAN) using the RJ45 Ethernet cable. 
For this demo I’m using DVR, Camera & a Linksys Router.
Right click on DVR screen to get the Menu list.
Click on Home & then click on Network tab.
For Net Link there are two options. Static IP & DHCP.
If you select Static IP, you’ve to feed the IP address manually.
DHCP is Dynamic Host Configuration Protocol. Generally a Router is at the top of a Network & it assigns IP address to a device like DVR when connected to it.
Select this option DHCP.
Note down the IP Addresses.
Here the IP address of DVR is assigned as 192.168.1.108 & the Gateway address is 192.168.1.1 .
The Gateway address is the IP address of the Router.
To view DVR over Internet or Mobile you’ve to open two ports for the incoming traffic on your Router.
1) HTTP PORT &
2) MOBILE PORT.
At the bottom you can see HTTP port assigned as 80.This is the default port for webservice WWW.
Click on the arrow mark next to Netservice to know the Mobile port number.
Here the Mobile port number is shown as Mobile Monitor & port assigned is 34599
Now we shall see how to open these two ports 80 (HTTP) & 34599 (Mobile)  inside Router’s settings.
This process is called Port Forwarding.
PORT FORWARDING SETUP ON ROUTER.

Open a web browser like Internet Explorer or Firefox.Type in the Gateway IP address 192.168.1.1
Following table is a list of some Routers with IP address, Username & password.
In this demo we’re using a LinkSys Router.  So type in the IP 192.168.1.1
User Name is admin & password is also admin
Setup Window of Router opens.
You can note that the Router IP address as well as Network IP address are displayed.
Click on Application & Gaming tab.
Click on Port Range Forwarding tab.
Enter any name  under application , say , DVR . Under start , as well as End enter the HTTP port 80.
Select Protocol as Both. Under IP address enter the IP of DVR. Here it is 192.168.1.108.
Check mark the Enable.
Same way enter application name as DVR1 for the Mobile port enabling. Under Start & End enter 34599 .Protocol is Both & IP is the address of DVR.
Save the settings.
Now it’s time to check whether the Forwarded Ports can be seen from outside over Internet.
For this open the web browser & visit  www.canyouseeme.org
This website displays your current external IP address , along with a question “What Port ?”
Enter the HTTP port 80 & click on Check port button.
You should see a “Success : I can see your service on IP xxx.xxx.x.x on port 80 “.
Again check for the mobile port 34599 to see a success.
If you do not get a success , the port forwarding you’ve done is not correct.Again open the Router Setup & check the correct entries for port forwarding.Check whether the Enable box is checked.
Once you see Success on this site , you can go ahead with your Mobile installation.


Tuesday, April 1, 2014

Router Compatibility for Internet Enabled Wireless CCTV Systems

The modern replacement for old analogue CCTV cameras is the wireless internet CCTV, also known as IP CCTV. The wireless CCTV system that is internet enabled has a great advantage over old system. You can see your property from anywhere in the world. You can see live images and video of your business property or your house, from wherever you are, just with the help of internet.
The technology has come in the market, but not many people know how to best use to. In order to get the best out of your wireless internet CCTV system, we must also look at the requirements and features that a router would need in order to be used successfully with the wireless system. There are a lot of things that goes into deciding your router for the wireless internet CCTV.

Broadband Type and Router Compatibility

You can have a broadband service that can come through either a phone line or a satellite CCTV box. In case the broadband service is through a phone line, you will require an ADSL modem/router also known as the DSL modem/router. Alternatively, if your broadband comes from your cable supplier, you would then require a cable router. This is another box that plugs in to your cable box.
The router part of your DSL modem/router or the cable router is basically the same. Manufacturers just make the DSL or cable version of the router that has the same features.
Router Features for Wireless CCTV System
  • The router must be set up so that the port number, a special code, is allocated to the camera. When you type the IP address and the port number in the internet browser from any system, the router sees the port number and passes the message to the camera. Without this facility, it will not be possible to view your property through internet.
  • With broadband suppliers changing your IP address at will, DDNS i.e. dynamic DNS support comes in. It helps you to use a third-party service to link a domain name you your IP address. The router’s DDNS feature makes sure that the router will tell the DDNS provider about your current IP address. Thus, even if your IP address changes, you can contact your camera with the domain name of the DDNS.
  • Having your router remain connected is very important. This is important especially when you go out on a vacation. You don’t want to find that you cannot connect to your camera because your router disconnected due to power failure. In case of power cut, the DSL line or cable may drop for some time. Not many home routers are able to handle this, but with technology, new routers are able to reconnect by themselves after power cut. The router is able to sort itself out once the power is back and provides you hassle free access to your camera from anywhere in the world.
Thus, a router is an important device that enables you to monitor the security of your home and business’s wireless cctv systems from anywhere in the world.

Choosing Routers for Wireless Internet CCTV

Wireless Internet CCTV, also known as IP CCTV, is the modern replacement for old analogue CCTV cameras, and has the great advantage that you can see your property, live, from wherever you happen to be, using the internet. Now that the technology has become popular in homes and businesses, people need to know how to get the best out of it. In this article, I want to look at the minimum set of features that a router needs in order to be used successfully with wireless CCTV.
First, a quick note about types of broadband and router compatibility. Your broadband service is likely to come through your phone line or perhaps via a satellite CCTV box. If it’s through a phone line, you will need an ADSL modem/router, sometimes called a DSL modem/router. The modem part of the box is what talks to the phone line. On the other hand, if you have broadband from your cable supplier, you need a cable router. This is not the cable box itself, but another box that plugs into your cable box. The router part of a cable router or a DSL modem/router is usually the same, with many manufacturers making cable and DSL versions of what is essentially a router with the same features. Now, let’s take a look at the features you will need to get the most out of your wireless internet CCTV system:
  • Virtual Server/Port Forwarding. This just means having the ability to set up the router so that a special code known as a port number is allocated to the camera. When you open an internet browser window and type in the URL or address of the camera, you add this special port number onto the end of the camera’s address, (e.g. for port 8765, you would type “http://:8765″) and when the router sees the port number it knows the message is to be passed to the camera. Without this facility, you would not be able to see your property over the internet.
  • DDNS Support. It stands for Dynamic DNS and is used where the address of your home or business on the broadband system, known as the IP address, is changed at will by the broadband supplier. Most DSL broadband services have changing IP addresses, also known as dynamic IP addresses. Say you have an IP address of 91.103.218.59 (they tend to look like this) today, with dynamic IP addressing it could be something different tomorrow. This means you would never know what address to use to access your camera over the internet, and that is where DDNS support comes in. Basically, you use a third party service to link a domain name to an IP address. This service is provided by a separate DDNS provider and can be free, e.g. dyndns.com. The router’s DDNS feature means that the router makes sure it always tells the DDNS provider what your current broadband IP address is. Therefore, even if the IP address changes, you can always contact your camera by using the same dyndns address, e.g. “http://myipcamera.dyndns.com:8765″.
  • Keep alive or auto-reconnect feature. This feature is all about making sure the router stays connected. You may have a power cut, or the DSL line/ cable connection may drop for a few moments. In these scenarios, you want the router to sort itself out. Earlier models of home router did not handle this well, and even today some can still be bought that don’t reconnect after a power cut or especially a broadband fault. The last thing you want is to go on holiday and then find you cannot log into your camera because a power cut several days ago left the router disconnected, so this is important.
  • Encryption. Most routers these days offer some sort of encryption, usually known as WEP or WPA. WPA is stronger and preferable. Encryption is simply encoding the messages on your wireless network so that they cannot be intercepted easily. Make sure you get a router that offers at least one type of encryption that your wireless internet CCTV cameras offer. For example, it is no good getting a router which only does WPA encryption if your cameras can only do WEP.
As always, if what you have read here leaves you dizzy and you just want an internet CCTV system to monitor your home or business without all this technical complication, my advice is to get a fully-configured wireless CCTV camera pack from a specialist supplier.