Tag: Port Forwarding

Categories
Documentation Quick Start Guides exacqVision Mobile Categories exacqVision Webservice

Remote exacqVision Connection Diagrams

The method used for connecting to an exacqVision system from outside the LAN it resides on will depend on your network configuration and use case. Examples are provided below based on each method.

Remote Connections

Remote Connections are supported by exacqVision Server/Client 24.09 and above to facilitate connections from the exacqVision Mobile app. When considering the network configurations Remote Connections eliminate the need to open ports or enable port forwarding rules on your router by using Exacq’s Remote Connectivity service. Users of the mobile app enter an access code generated by the system admin and the Remote Connectivity agent handles the connecting of the mobile app user and the Server.

NOTE: Remote Connectivity does not accept connections for the Desktop Client software or the earlier Exacq Mobile 3 app. Only exacqVision Mobile 24.09 and higher are supported.

<br>

Traditional

In a traditional setup, the site’s router is configured to port forward incoming external connections on each port. The ports configured for forwarding incoming traffic vary depending on whether users will connect via exacqVision Desktop Client software, the web browser client, or a mobile app.

<br>

Web Relay Service

Sites using exacqVision Web Service 19.06 and higher may wish to take advantage of the web service Relay, which provides a web-based proxy to connect to, avoiding the need to configure the router for port forwarding. When enabled, the exacqVision Web Service Status page will display the Relay Service IP. Remote users will then be able to connect their Exacq Mobile 3 app or web browser client directly to this proxy IP address.

NOTE: The Relay Service does not accept connections for the Desktop Client software, only web browser and Exacq Mobile 3 connections.

<br><br>

Related Articles

<br>

Categories
Knowledge Support Cloudvue Cloudvue Gateway Support Categories Products

Tunneling to a Cloudvue Gateway From a Local Windows Machine

Description 

At times it may be necessary to access either the Gateways local Cloudvue interface and/or a connected cameras web interface. PuTTY Portable can establish an SSH connection with or without port forwarding from a local  Windows machine which once established will allow access to these resources  from a web browser on the local machine.

Product 

  • Cloudvue Gateway
  • C2G Cameras

Solution

Installing PuTTY Portable

  • Download PuTTY Portable here 
  • Browse to the location which the PuTTYPortable _x.x.paf.exe file was downloaded
  • Double-click the file to start the installation
  • Follow the on-screen prompts and select the location you’d like to install to
  • If the installer detects an existing PortableApps directory on one of your attached drives or within your USERPROFILE folder, it will automatically select that. Otherwise, the current directory will be selected by default. Within the directory you select, a PuTTYPortable directory will be created containing the portable app. Note that installing to the C:\Program Files or equivalent is not supported.

Standard SSH Connection

  • Navigate to the directory created during the install
  • Double Click the PuTTYPortable.exe file
  • The PuTTY Configuration window will appear
  • Enter the LAN/NET IP address in the Host Name (or IP address) field
  • Note: The IP address can be found in the Network Settings section via Cloudvue or Cloudvue Manager
  • Change the Port to 7627
  • Click Open
  • A terminal window will appear and prompt you to login
  • The username is smartvue
  • You will be prompted for the password
  • This is the SSH password found on the device page in Cloudvue Manager
  • Enter the password and press enter
    • TIP:  Right click your mouse to paste into the terminal window
  • If successful a welcome will display, and you should now have an SSH connection to the Cloudvue Gateway

SSH with Port Forwarding

At times you may need to access  Cloudvue Local or cameras connected to the Cloudvue Gateway “C2G” from a web browser.   You can use PuTTY Portable to setup port forwarding in addition to the SSH connection.

  • Enter the IP Address of the Cloudvue Gateway
  • Enter the SSH port (7627)
  • Before Clicking Open Click the + next to SSH to expand the section
  • Select Tunnels
  • Use the Source Port and Destination fields to add port forwarding entries for C2G cameras
  • Source Port can be any unused port the on the local machine
  • Destination Port is a combination of the C2G Cameras IP address and port, typically port 80

NOTE:  If unknown, camera IP addresses can be found in the Cloudvue Gateways Cameras section of Cloudvue Manager

Pro Tip: To verify a local port is available run the following from either PowerShell or a Command Prompt. 

netstat -ano | findstr :80

Uninstalling PuTTY Portable

  • Once work has been completed it is best practice to uninstall the software from the customers machine
  • Unlike traditional apps, a portable app isn’t ‘installed’ with an entry in Add/Remove programs, so uninstallation is quick and easy
  • Delete the PuTTYPortable folder to completely remove the app and all its settings.

Example

Standard SSH Connection
Tunneling Configuration
  • port 80 of the Cloudvue Gateway has been forward to port 80 of the localhost and is accessible using http://localhost/
  • port 80 of Cloudvue Gateway camera 1 has been forwarded to port 8000 of the localhost http://localhost:8000/
  • port 80 of Cloudvue Gateway camera 2 has been forwarded to port 8001 of the localhost http://localhost:8001/

Note:  PuTTy will display the forwarded ports with an “L” before the Local port

Categories
Knowledge Support Support exacqVision Enterprise exacqVision Client exacqVision Server exacqVision Mobile exacqVision Webservice Categories Products

Exacq Software/Service Connections Diagram

This diagram illustrates how the various Exacq applications work together and the ports used to communicate.

Internal (LAN)

Remote (WAN)

In cases where external users plan to connect for remote monitoring, you will may need to configure port forwarding on your router to allow traffic on those ports to pass through. exacqVision provides several ways to connect to your system from outside of your site’s LAN.

  • The Desktop Client software requires port forwarding.
  • Users of the exacqVision Mobile app may configure port forwarding or use the Remote Connectivity feature, configured within the Desktop Client.
  • Users connecting with the Web Browser Client or the Exacq Mobile 3 app may configure port forwarding, or use the Relay Service, configured within the exacqVision Web Service.

Remote Management

In the case of the Integrator Service Portal (ISP), this may connect to the server using an inbound connection to port 22609, or the server may be configured for an outbound connection to reach out to the ISP.

Additional Links

See also: exacqVision Default Ports

See also: Example Network Diagram for Multi-NIC Systems

<br>

Categories
Knowledge Support Support Categories exacqVision Webservice Products

Using exacqVision Web Service with Edge Cameras

Edge cameras cannot run the exacqVision Web Service. If you want to connect to an Edge camera using the Web Client or the Exacq Mobile 3 app you will need to install the exacqVision Web Service on another machine.

The web service can be run on other machines but you will need to enter the Web Service Configuration to change the default server address from the loop back of 127.0.0.1 to the address of your Edge device(s).

Unlike an NVR installation of the exacqVision Server, the Edge Server application does not permit changing the default listening port for incoming client connections. Therefore, if you need to use the web service with Edge cameras you will need to configure the proper port forwarding for these connections. The addresses and port forwarding used depend on where you are placing the web service, and whether you are using multiple Edge devices behind the same router.

<br>

Web Service Inside LAN

If the web service is inside the same Local Area Network as the Edge cameras, you may use the Server Connections page in the Web Service Configuration to connect the web service to each Edge camera. This requires minimal port forwarding in the router.

<br>

Web Service Across WAN

If the web service is placed outside of the Local Area Network the Edge cameras are on, you will need to configure port forwarding as well as port translation. Port translation is used because the listening port of the Edge servers cannot be changed from their default port numbers. 

NOTE: Some home or small business routers may not be capable of port translation.

<br>

Categories
Knowledge Support Support exacqVision Server Categories Products

Example Network Diagram for Multi-NIC Systems

Best practice for servers with more than one NIC includes isolating camera traffic to a separate scheme. This practice not only isolates camera bandwidth consumption from other network traffic, but also adds an additional layer of security to prevent workstation users from accessing cameras and video streams directly.

Whether using separate network switches or creating a VLAN on shared switches, the concept is the same.

<br>

IMPORTANT: DO NOT place both NICs within the same subnet. This is a poor network practice that WILL cause communication problems. Administrators that wish to attempt utilizing more than one NIC within a single subnet for redundancy or transfer speeds must configure NIC bonding/teaming. This is only recommended for systems with more than two NICs so that cameras may continue to be isolated from other network traffic.
See also:

<br>

External Connectivity

For administrators seeking to connect from outside the local network, across a WAN or MAN, see also:
Remote exacqVision Connection Diagrams

<br><br>