Certain models of Illustra cameras, on connection, may cause server to stop streaming from all other Illustra cameras.
If the camera is connected to ExacqVision Server and showing connected on the add IP camera page but not streaming videos and showing acquiring video. That means the RTSP streaming port may need to be opened on the Firewall, normally 554
RTSP server is no longer seen in the tree under Add IP camera after upgrade to 20.12. If the server version is rolled back to 20.09 it can be seen again. This does not seem to affect windows installs
20.12.x
Linux
sudo mv /usr/local/exacq/server/plugin-store/RtspServerPI.so /usr/local/exacq/server/plugins/rtspserverpi.soThis only applies to Start licensed systems.
If a restricted user attempts to login to a server through the web service (thin client or Exacq Mobile 3), a login error may be received even when valid credentials are provided. In this case, the exacqVision server does not have any logs indicating failed login attempts.
When a user installs the exacqVision software on a fresh machine and creates a new user and makes them a part of the “Restricted” user group they can only log in to the NVR and not the EV Web Thin Client or Exacq Mobile 3 app. It does not matter whether they apply or don’t apply a START license to the NVR.
If they change the user to Admin, Power User or User Admin it works as expected.
If you run in to an issue on a G-series where the Data and Management Ports show a MAC address of 02-00-00-00-00-00 you will need to reimage the NVR with the latest Linux Image RETAIL1804-21.03.4.zip Added: May 11, 2021 or newer.
Temperature Scale:
Exacq defaults to Fahrenheit. Go into the Client Settings page and check the box for displaying the temps in Celsius
Client Temperature Display:
Tyco Illustra Pro Gen3 cameras placed in Corridor Mode will not have motion masks/detection zones that match between the exacqVision Client’s camera settings page and the camera’s web browser graphical interface. Nothing can be done to properly synchronize the motion masks/detection zones between the two interfaces.
In the exacqVision Client, Motion masks are created to block out areas where motion detection IS NOT DESIRED and are displayed in red. In the Illustra camera, the Motion Detection Zones are created to define areas where motion detection IS DESIRED and are displayed in yellow. Essentially, the displays should be the inverse of each other but the respective zone area(s) in the field-of-view should match.
Figure 1 displays one possible symptom where the Illustra camera has the entire field-of-view defined for motion detection but the corresponding zone in the exacqVision Client shows an area “masked” for exclusion. The client motion mask CANNOT be deleted. This is an error condition.
In other words, a full-screen motion detection area set in the camera is displayed as masked for ignoring motion events in some areas from within the client. Smaller zones do not match either.
Illustra Pro Gen3 2MP, 3MP, 5MP, & 8MP Mini-Dome and Bullet camera models are affected. Verified with firmware versions:
None available.
Description:
User cannot change OSD colors for rules defined in Analytics tab in Camera configuration
Tested Version:
20.09.08
Fixed:
21.03.107.0
Description:
If all the storage drives are ISCSI, then “Recording Not Possible” is seen on the Storage page of the desktop client.
If some storage drives are local, then recording only happens to local drives, thus reduces the overall content age of the oldest available video/audio.
Workaround:
Fixed Version:
21.03.107
Back patched and available in 21.03.7
In this example using Letsencrypt SSL certificates. The webservice is behind HAProxy and was not been able to successfully configure HAProxy to update Letsencrypt certificates over HTTP. Therefore, I manually updated the certificate.
/etc/webservice/tls/server.crt _> /etc/letsencrypt/live/site.com/cert.pem
/etc/webservice/tls/server.key -> /etc/letsencrypt/live/site.com/privkey.pem.
After updating the certificates, I linked the original to the new certificates in the Letencrypt folder:
When I try to connect to the webservice, I get this error message sent an invalid response. ERR_SSL_PROTOCOL_ERROR’.
The destination of his symlink, not the symlink itself, needs to be readable by the nvrweb user. In this example the directory that the symlink did not have permissions to allow the link to work correctly.
The best way to be sure would be to run terminal command
sudo -i
to root and then run
su nvrweb -s /bin/bash
and try to view the files (e.g., cat the paths listed in the config file).
This should give you an out put.
{
“service”: {
“name”: “Customer Name”,
“url”: “https://site.com”,
“loginTokenExpiration”: 30,
“discoverable”: true,
“inactivityTimeout”: 0,
“enableAutocomplete”: false,
“enableRelay”: false
},
“webserver”: {
“listen”: 80,
“tls”: {
“listen”: 443,
“cert”: “/etc/webservice/tls/server.crt”,
“key”: “/etc/webservice/tls/server.key”,
“type”: “external”
}
},
“log”: {
“duration”: 1,
“interval”: “W”,
“level”: “debug”,
“retain”: 1
},
“servers”: [
{
“host”: “site.com”,
“port”: 22609,
“passthrough”: {
“enabled”: false
},
“poweruser”: {
“enabled”: true,
“username”: “INFO”,
“password”: ” INFO”
}
}
],
“nvrg”: {
“port”: 22717,
“remote”: {
“enabled”: false,
“port”: 35111
}
},
“updates”: {
“fileInfo”: “https://www.exacq.com/downloads/evFileInfo.txt”,
“downloadTimeout”: 10
},
“auth”: {
“type”: “none”
We also need to make sure nvrweb can read the cert files
/etc/webservice/tls/server.crt and .key
The output will show the certs.
nvrweb@sunstone:/root$ cd /etc/webservice
nvrweb@sunstone:/etc/webservice$ cat tls/server.crt
—–BEGIN CERTIFICATE—–
Contents of cert will be displayed here.
—–END CERTIFICATE—–
nvrweb@sunstone:/etc/webservice$ cat tls/server.key
—–BEGIN PRIVATE KEY—–
Contents of Cert will be displayed here
—–END PRIVATE KEY—–
These certs were in the TLS directory and being linked to the Letsencrypt folder, which we found having permissions issues.
To check try the following:
Try the same thing with su to nvrweb and see if nvrweb can access the certs in the let’s encrypt folder, before changes WS config.
Important to note that it’s not just the permissions of the target file that matter, but all the directories in between. In this case the target file was fine but the directory was LetsEncrypt and that did not have permissions. Since we were pointing the link to another file, that file needs to be accessible to nvrweb.
ls -ld for each directory – /etc/letsencrypt, /etc/letsencrypt/live, /etc/letsencrypt/site.com
Without -d it will show the contents, if you want to look at the directory like /etc/letsencrypt it’s necessary to do ls -ld /etc/letsencrypt
The site.com directory is fine. We need to check the live or letsencrypt directories.
letsencrypt live directory’s permissions are rwx—- which means only root can enter or read the directory.
In the above photo we can see that the Permission is denied for the letsencrypt/live folder.
Configuration this way in not the normal process and it is possible the next time I run letsencrypt again to update certs it might error due to perms or reset them. The process might need to be done each time.