jp1911
join:2013-02-08
Saint Francisville, LA | Remote access troubleshoot? AT&T DSL6, 2wire 2701HG-B, 5.29.109.13, works great.
Added wireless video cam, opened pinhole 184.xx.xxx.xx:10xx, works great inside LAN, no remote access:
fw,fwmon: src=202.75.xxx.xx dst=184.46.1xx.xx ipprot=6 sport=6000 dport=65500 Unknown inbound session stopped
Sport and dport numbers different every attempt either with or without :10xx port # append to end of address
Public routed subinterface is enabled
ideas? |
|
 wayjacPremium,MVM
join:2001-12-22
Indy | The [sport=] source port is the orgin of the traffic
The [dport=] destination port [dport=] is the video cam
said by jp1911:Sport and dport numbers different every attempt either with or without :10xx port # append to end of address The firewall allows you to change [dport] number for the target lan device.
If you'er going to use the same port number from the internet to the lan device either enter the same port number in each box or leave the second box empty.
Do you have a block of public ip addresses? |
|
jp1911
join:2013-02-08
Saint Francisville, LA | >fw,fwmon: src=202.75.xxx.xx dst=184.46.1xx.xx ipprot=6 sport=6000 dport=65500 Unknown inbound session stopped
above is a line from the log of a failed attempt, one of many. it is in the log that the source and destination port is different every time. (xxx inserted to not broadcast my ip addresses...)
The pinhole/port forwarding was established with a specific port # 10xx.
I have a public routed subinterface enabled but no public proxied subnet. |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by jp1911:>fw,fwmon: src=202.75.xxx.xx dst=184.46.1xx.xx ipprot=6 sport=6000 dport=65500 Unknown inbound session stopped
above is a line from the log of a failed attempt, one of many Yes I agree that this message is a typical one.
Here's a example of a message with port fowarding configured/working:
fw,fwmon: src=202.75.229.113 dst=184.46.1.180 ipprot=6 sport=1195 dport=6000 Local Session, Packet Passed
said by jp1911:>I have a public routed subinterface enabled but no public proxied subnet. I have only ever seen these terms used in the 2wire gui pages and they relate to the configuration of public ip address(s)
So again I ask............have you purchased a block of public ip's?
|
|
jp1911
join:2013-02-08
Saint Francisville, LA | sorry, didn't understand the question
No, have purchased none - understand a small number (~9) of static ip's available to me/ATT user, only need one... |
|
|
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by jp1911:No, have purchased none - understand a small number (~9) of static ip's available to me/ATT user, only need one...
Att sells blocks of public ip's only.
said by jp1911:No, have purchased none OK....you should not enable the:
Public routed subinterface option
OR
Public proxied subnet (nat/routed)
said by jp1911:Sport and dport numbers different every attempt either with or without :10xx port # append to end of address The messages look normal to me, once you set up the port forwarding the messages should look more like what I posted.
said by jp1911:Added wireless video cam, opened pinhole 184.xx.xxx.xx:10xx, works great inside LAN, no remote access: Accessing your lan devices from your lan using your public/wan ip address will not work....
You must use another internet connection and the 2wire event log to verfiy the port forwarding. |
|
jp1911
join:2013-02-08
Saint Francisville, LA | Thanks for your help -
public routed and proxied are now both disabled.
Pinhole was established long ago, allowing use of camera intranet ok. port=10xx
cleared log & set time
checked link manager, obtained address and remote, tried them from iPhone with wireless disabled (3G connection):
INF 2013-02-12T14:16:03-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=6447 dport=80 Unknown inbound session stopped
INF 2013-02-12T14:16:04-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=32058 dport=80 Unknown inbound session stopped
INF 2013-02-12T14:16:51-06:00 fw,fwmon: src=166.137.xxx.72 dst=192.168.1.64 ipprot=6 sport=34751 dport=10xx Session Matches User Pinhole, Packet Passed
INF 2013-02-12T14:16:52-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=5302 dport=80 Unknown inbound session stopped
INF 2013-02-12T14:16:52-06:00 fw,fwmon: src=166.137.xxx.42 dst=184.xx.xxx.1xx ipprot=6 sport=51609 dport=80 Unknown inbound session stopped |
|
wayjacPremium,MVM
join:2001-12-22
Indy | Looks like it's working!!!!!
Why did you need to check the "link manager"? |
|
jp1911
join:2013-02-08
Saint Francisville, LA | nope, not working, above was sessions stopped err 502 on browser.
the one that passed was addressed in browser:
184.xx.xxx.1xx:10xx
but still wouldn't work/connect - chrome on iPhone/3G: "this webpage is not available"
??
BTW, after setting everything as you suggested, I set time, cleared log, and power reset the 2wire before the above attempts. |
|
jp1911
join:2013-02-08
Saint Francisville, LA | also BTW, I'm in 2wire /MDC, checked link mgr to look at details of that pinhole/ppp0/addresses... same as addr in static routes |
|
wayjacPremium,MVM
join:2001-12-22
Indy | reply to jp1911
said by jp1911:nope, not working, above was sessions stopped err 502 on browser. Was the camera server software up and running?
The message:packet passed means the traffic was directed to the lan device
That has ip address 192.168.1.64 with port10xx opened
You can also use a port checker website here's a link to one I use regulary.
This can be done from a lan computer.
T1 online port scan
said by jp1911:BTW, after setting everything as you suggested, I set time, cleared log, and power reset the 2wire before the above attempts. I would not do all of this it's really not necessary. |
|
jp1911
join:2013-02-08
Saint Francisville, LA | t1port scan reports "isn't responding on port" in all cases.
Yes, the camera was/is up and responding to all LAN accesses/requests... via wireless. I can see it from anywhere inside the LAN, just nowhere outside...
Funny thing about 2wire 2710 ATT, port forwarding must be done for specific applications to a specific "the computer that will host applications through the firewall:"
that is 192.168.1.64 I created a new app for the camera, port 10xx through 192.168.1.64. Only choices were computers the 2wire recognized.
I can't get the 2wire to recognize the camera as an ip device wireless. I can't see the camera via ipscan unless inside the LAN.
I tried the reset under the tried and true rule if all else fails, restart everything...
getting frustrated with the 2wire BS but still really appreciate your help... |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by jp1911:t1port scan reports "isn't responding on port" in all cases. This means the camera's server isn't answering/seeing the remote request.
Are there any event log messages showing the traffic for the camera
What is the make and model number of the camera? |
|
jp1911
join:2013-02-08
Saint Francisville, LA
1 edit | Wansview NCB541W (= Foscam 8908W), firmware 21.37.2.47 (can not find update)
I did update the device embedded web UI to 0.0.4.17, better interface but no difference
I'm glad you like a challenge... |
|
wayjacPremium,MVM
join:2001-12-22
Indy | I could not locate a manual for the camera so I could have a look
Do you have a copy of the manual you can post? |
|
jp1911
join:2013-02-08
Saint Francisville, LA | reply to jp1911
»wansview.net/tools-support.html |
|
jp1911
join:2013-02-08
Saint Francisville, LA | I really think this is a 2wire issue, not a camera wifi issue. If I can't remote access the router, I can't access any device attached, wifi or hardwire. I currently can't get the router to respond/talk from outside the LAN.
I've emailed att_tier2 to see if they will assist. I'll let you know if they respond. |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by jp1911:I really think this is a 2wire issue, not a camera wifi issue. If I can't remote access the router, I can't access any device attached, wifi or hardwire. Ok...I'll move along |
|
jp1911
join:2013-02-08
Saint Francisville, LA | reply to jp1911
actually I posted to this particular forum for 2wire assistance
I can't even acces the camera hardwired, remotely...
at&t is not responding to email request for assistance
any 2 wire ideas out there? |
|
