Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
0
Helpful
6
Replies

CCTV connection problems

crmljc1976
Level 1
Level 1

‎08-03-2008 08:03 AM - edited ‎03-03-2019 11:00 PM

Ive put cisco 877 routers in my depot offices and users behind the cisco router cant connect to any of our CCTV servers remotely. I think it might be a Nat issue but cant be sure. Everything works correctly when connected behind a Draytek Vigor, so there must be a fault on the cisco config somewhere. Can anyone help?

Labels:
0 Helpful
6 Replies 6

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-04-2008 11:38 AM

Hello Colin,

if you can post a filtered(without public ip addresses passwords, ..) config of one of your 877 and if you can provide some details about the CCTV server (what protocol are they using ? are they sending multicast frames if so you need to turn on multicast routing) you can find some help on the forum.

If your CCTV are using H.323 they might find some dynamic ports closed if you are using CBAC (ip inspect) and NAT.

Hope to help

Giuseppe

0 Helpful

crmljc1976
Level 1
Level 1
In response to Giuseppe Larosa

‎08-05-2008 07:45 AM

Hi Guiseppe,

Please find my config attached. The CCtv server runs on a remote LAN and various udp and tcp protocols are forwarded from the draytek broadband router to the server,ports tcp/udp 2000-2006, tcp/udp 3001. When I try to connect using the remote viewing application from behind the Cisco 877(which is on a remote subnet) only one TCP session is established, and the application hangs.

Could it be the IOS version or dsl firmware that's causing the problem. I hope that you can help me because we need this operational during the night in case of intruder break ins. Hope this makes sense!

Thanks

Colin...

Preview file
4 KB
0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to crmljc1976

‎08-05-2008 12:44 PM

Hello Colin,

from waht I see in your config I would add

access-list 2 permit 10.0.0.0 0.0.255.255

because your inside interface has the following config:

interface Vlan1

ip address 10.0.2.86 255.255.0.0

ip nat inside

ip virtual-reassembly

!

anc current acl 2 says:

access-list 2 permit 192.168.0.0 0.0.0.255

So NAT cannot work because it uses acl 2 to decide what to translate to dialer ip address:

ip nat inside source list 2 interface Dialer0 overload

Or change vlan1 ip address in 192.168.0.X 255.255.255.0

Hope to help

Giuseppe

0 Helpful

crmljc1976
Level 1
Level 1
In response to Giuseppe Larosa

‎08-05-2008 01:27 PM

sorry vlan 1 address is 192.168.0.1/24, 10.0.2.86/16 was there so I could configure on 10.0.0.0/16 subnet, my fault, that isn't the reason its not working!

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to crmljc1976

‎08-06-2008 08:06 AM

Hello Colin,

I was thinking it was too evident to be true !

Best Regards

Giuseppe

0 Helpful

crmljc1976
Level 1
Level 1
In response to Giuseppe Larosa

‎08-06-2008 08:17 AM

so could it be the ios version

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card