dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3164
share rss forum feed

jp1911

join:2013-02-08
Saint Francisville, LA

Remote access troubleshoot?

AT&T DSL6, 2wire 2701HG-B, 5.29.109.13, works great.

Added wireless video cam, opened pinhole 184.xx.xxx.xx:10xx, works great inside LAN, no remote access:

fw,fwmon: src=202.75.xxx.xx dst=184.46.1xx.xx ipprot=6 sport=6000 dport=65500 Unknown inbound session stopped

Sport and dport numbers different every attempt either with or without :10xx port # append to end of address

Public routed subinterface is enabled

ideas?



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

The [sport=] source port is the orgin of the traffic
The [dport=] destination port [dport=] is the video cam

said by jp1911:

Sport and dport numbers different every attempt either with or without :10xx port # append to end of address

The firewall allows you to change [dport] number for the target lan device.
If you'er going to use the same port number from the internet to the lan device either enter the same port number in each box or leave the second box empty.

Do you have a block of public ip addresses?

jp1911

join:2013-02-08
Saint Francisville, LA

>fw,fwmon: src=202.75.xxx.xx dst=184.46.1xx.xx ipprot=6 sport=6000 dport=65500 Unknown inbound session stopped

above is a line from the log of a failed attempt, one of many. it is in the log that the source and destination port is different every time. (xxx inserted to not broadcast my ip addresses...)

The pinhole/port forwarding was established with a specific port # 10xx.

I have a public routed subinterface enabled but no public proxied subnet.



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by jp1911:

>fw,fwmon: src=202.75.xxx.xx dst=184.46.1xx.xx ipprot=6 sport=6000 dport=65500 Unknown inbound session stopped
above is a line from the log of a failed attempt, one of many

Yes I agree that this message is a typical one.

Here's a example of a message with port fowarding configured/working:
fw,fwmon: src=202.75.229.113 dst=184.46.1.180 ipprot=6 sport=1195 dport=6000 Local Session, Packet Passed

said by jp1911:

>I have a public routed subinterface enabled but no public proxied subnet.

I have only ever seen these terms used in the 2wire gui pages and they relate to the configuration of public ip address(s)

So again I ask............have you purchased a block of public ip's?

jp1911

join:2013-02-08
Saint Francisville, LA

sorry, didn't understand the question

No, have purchased none - understand a small number (~9) of static ip's available to me/ATT user, only need one...



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by jp1911:

No, have purchased none - understand a small number (~9) of static ip's available to me/ATT user, only need one...

Att sells blocks of public ip's only.

said by jp1911:

No, have purchased none

OK....you should not enable the:
Public routed subinterface option
OR
Public proxied subnet (nat/routed)

said by jp1911:

Sport and dport numbers different every attempt either with or without :10xx port # append to end of address

The messages look normal to me, once you set up the port forwarding the messages should look more like what I posted.

said by jp1911:

Added wireless video cam, opened pinhole 184.xx.xxx.xx:10xx, works great inside LAN, no remote access:

Accessing your lan devices from your lan using your public/wan ip address will not work....
You must use another internet connection and the 2wire event log to verfiy the port forwarding.

jp1911

join:2013-02-08
Saint Francisville, LA

Thanks for your help -

public routed and proxied are now both disabled.

Pinhole was established long ago, allowing use of camera intranet ok. port=10xx

cleared log & set time

checked link manager, obtained address and remote, tried them from iPhone with wireless disabled (3G connection):

INF 2013-02-12T14:16:03-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=6447 dport=80 Unknown inbound session stopped
INF 2013-02-12T14:16:04-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=32058 dport=80 Unknown inbound session stopped
INF 2013-02-12T14:16:51-06:00 fw,fwmon: src=166.137.xxx.72 dst=192.168.1.64 ipprot=6 sport=34751 dport=10xx Session Matches User Pinhole, Packet Passed
INF 2013-02-12T14:16:52-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=5302 dport=80 Unknown inbound session stopped
INF 2013-02-12T14:16:52-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=51609 dport=80 Unknown inbound session stopped



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

Looks like it's working!!!!!
Why did you need to check the "link manager"?


jp1911

join:2013-02-08
Saint Francisville, LA

nope, not working, above was sessions stopped err 502 on browser.

the one that passed was addressed in browser:
184.xx.xxx.1xx:10xx
but still wouldn't work/connect - chrome on iPhone/3G: "this webpage is not available"

??

BTW, after setting everything as you suggested, I set time, cleared log, and power reset the 2wire before the above attempts.


jp1911

join:2013-02-08
Saint Francisville, LA

also BTW, I'm in 2wire /MDC, checked link mgr to look at details of that pinhole/ppp0/addresses... same as addr in static routes



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1
reply to jp1911

said by jp1911:

nope, not working, above was sessions stopped err 502 on browser.

Was the camera server software up and running?
The message:packet passed means the traffic was directed to the lan device
That has ip address 192.168.1.64 with port10xx opened

You can also use a port checker website here's a link to one I use regulary.
This can be done from a lan computer.
T1 online port scan

said by jp1911:

BTW, after setting everything as you suggested, I set time, cleared log, and power reset the 2wire before the above attempts.

I would not do all of this it's really not necessary.

jp1911

join:2013-02-08
Saint Francisville, LA

t1port scan reports "isn't responding on port" in all cases.

Yes, the camera was/is up and responding to all LAN accesses/requests... via wireless. I can see it from anywhere inside the LAN, just nowhere outside...

Funny thing about 2wire 2710 ATT, port forwarding must be done for specific applications to a specific "the computer that will host applications through the firewall:"
that is 192.168.1.64 I created a new app for the camera, port 10xx through 192.168.1.64. Only choices were computers the 2wire recognized.

I can't get the 2wire to recognize the camera as an ip device wireless. I can't see the camera via ipscan unless inside the LAN.

I tried the reset under the tried and true rule if all else fails, restart everything...

getting frustrated with the 2wire BS but still really appreciate your help...



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by jp1911:

t1port scan reports "isn't responding on port" in all cases.

This means the camera's server isn't answering/seeing the remote request.
Are there any event log messages showing the traffic for the camera

What is the make and model number of the camera?

jp1911

join:2013-02-08
Saint Francisville, LA

1 edit

Wansview NCB541W (= Foscam 8908W), firmware 21.37.2.47 (can not find update)
I did update the device embedded web UI to 0.0.4.17, better interface but no difference

I'm glad you like a challenge...



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

I could not locate a manual for the camera so I could have a look
Do you have a copy of the manual you can post?


jp1911

join:2013-02-08
Saint Francisville, LA
reply to jp1911

»wansview.net/tools-support.html


jp1911

join:2013-02-08
Saint Francisville, LA

I really think this is a 2wire issue, not a camera wifi issue. If I can't remote access the router, I can't access any device attached, wifi or hardwire. I currently can't get the router to respond/talk from outside the LAN.

I've emailed att_tier2 to see if they will assist. I'll let you know if they respond.



wayjac
Premium,MVM
join:2001-12-22
Indy
kudos:1

said by jp1911:

I really think this is a 2wire issue, not a camera wifi issue. If I can't remote access the router, I can't access any device attached, wifi or hardwire.

Ok...I'll move along

jp1911

join:2013-02-08
Saint Francisville, LA
reply to jp1911

actually I posted to this particular forum for 2wire assistance

I can't even acces the camera hardwired, remotely...

at&t is not responding to email request for assistance

any 2 wire ideas out there?