Protocols
TCP: The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major Internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP.
- ICRealtime Remote Client Software and Phone Application use TCP port to communicate with ICRealtime Recorders and Cameras.
UDP: User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite. It has no handshaking dialogues, and thus exposes the user's program to any unreliability of the underlying network; There is no guarantee of delivery, ordering, or duplicate protection. Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that emphasizes reduced latency over reliability.
HTTP: Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, and hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web. Hypertext is a structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.
- HTTP is a plain text protocol and is not recommended to have port forwarded for recorders as it may lead to vulnerabilities. Recommended using HTTPS for web access externally. More on Cyber Security
HTTPS: HTTP Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP) for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted by Transport Layer Security (TLS), or formerly, its predecessor, Secure Sockets Layer (SSL). The protocol is therefore also often referred to as HTTP over TLS, or HTTP over SSL.
RTSP: Real-Time Streaming Protocol (RTSP) is a network control protocol designed for use in entertainment and communications systems to control streaming media servers. The protocol is used for establishing and controlling media sessions between endpoints.
In the CCTV industry, this is usually used for integration or communicating over ONVIF protocol when compression mode is H264.
Ports
The default ports for ICRealtime Recorders and IP Cameras:
| Protocol | Default |
|---|---|
| TCP Port | 32789/37777 |
| UDP Port | 37778 |
| HTTP Port | 80 |
| HTTPS Port | 443 |
| RTSP Port | 554 |
Web Interface
Step 1: Login in through the web interface by opening Internet Explorer and type the IP address of the recorder into the address bar.
Step 2: Click on Setup at the top of the page.
Step 3: Click on NETWORK and under network select CONNECTION.
On this page, you will see the port numbers that each port is set to. You can change the port from the default port to any other port you would like by typing it in the appropriate field and select Save
Local Interface
Step 1: Right-click with the mouse and select Main Menu from the drop-down list.
Step 2: Navigate to Settings and select Network.
Step 3 Depending on the recorder you have the menu may vary. Either the ports will be identified at the bottom of the same page with the IP address information or on the left side list there will be underneath TCP/IP will say either Connections or Ports.
SmartICRSS Remote Client Software
Step 1: Open Smart ICRSS and select Device Setup from the Home Page.
Step 2: Inside Device Setup, Select your device on the left. Then Select Network
Step 3: Once the Network window opens select Connect. The ports will be displayed here for you.
Port Forwarding Steps
In order to port forward, you need to first determine how many firewalls you will need to pass through or the type of network you have. In most cases, you will have a single cable modem + router combo from the Internet Service Provider (ISP). In these events, you will only have just the one modems firewall you need to have the connection to pass through. In other cases you will have is multiple firewalls that you need to pass through (Example: ISP Cable Modem Combo + 3rd Party Wifi Router) in which case you will need to do cascade port forwarding.
Some companies have managed Networks. In the event the network is managed you will need to contact the IT staff or company managing the network
Single Firewall
Step 1: In order to port forward, we will need to access the router. The easiest way to locate the router address would be to open a command prompt on windows and type in IPCONFIG. In order to bring up a command prompt, press the Windows key on your keyboard and type in the search bar CMD. In the information provided it will report back what the Default Gateway is currently set to (Ex. 192.168.1.1/10.1.1.1). Open a web browser and type the IP Address of the Default Gateway. It should bring you to the routers login page if not then the routers page is hidden and most likely managed. If it is a managed network consult the IT staff managing it. Some network device requires programs to access the router or other special means in which case consult your network device's manual.
Step 2: Once you are logged into the router you need to navigate to the port forwarding section. Generally, the port forwarding can be found under Advanced, Security, Firewall, NAT Gaming. Some devices will have a quick link on there home page to Port Forwarding. If you need help locating the port forwarding section in your device you can either consult the network devices manual or go to PortForward.com.
- PortForward.com is a website that helps walking through port forwarding on network devices. They have a large list of network device manufacturers. Select the manufacturer of your device and then when on the new page there will be a list of models. Select your model and they have a step by step guide for most devices port forwarding steps that you could follow.
Step 3 On the port forwarding page we are going to add a new port forwarding rule. Depending on your router there will be Add New Service or Add Custom Service button. For the fields you will generally have the following:
Service Name: The service name can be named anything you want. Generally, it is recommended to use something that will help identify what it is for anyone who looks in the router. Example: NVR TCP or DVR TCP.
Service Type: The service type is to identify what type of protocol if will follow. ICRealtime software communicates with the recorder over its TCP port. For remote access, we will be setting the service type to either TCP or Both (TCP/UDP).
External Starting Port: Starting port number that will be opened to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
External Ending Port: Ending port number that will be opened to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
Internal Starting Port: Starting port number that will be opened in your network to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
Internal Ending Port: Ending port number that will be opened in your network to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
Internal IP Address: The IP Address of the device that the port is being opened for. In this case, it would be the IP Address of the recorder.
External IP Address: Used to specific access only from someone accessing it with a specific WAN IP address. Generally, this is left blacked or set to Any.
Example:
| Field | Default |
|---|---|
| Service Name | NVR TCP |
| Service Type | TCP |
| External Starting Port | 32789 |
| External Ending Port | 32789 |
| Internal Starting Port | 32789 |
| Internal Ending Port | 32789 |
| Internal IP Address | 192.168.1.108 |
| External IP Address | ANY |
Step 4 After creating your port forwarding rule the next step is to test to make sure it is showing up as open. There are many sites that can be used to check it. You can use canyouseeme.org or yougetsignal.com. Once on the website, it will show your current WAN IP Address and there will be a field to enter a port number by default it will be 80. Put the TCP port number (32789/37777) in and select the test. If the port is open properly it will come back saying Success the port is open. If it comes back as failed or closed then you must go and verify your port forwarding rules. Some routers require a power cycle to apply the settings.
Two or More Firewalls (Cascade Port Forward)
Every router has both an external IP address and an internal IP address. The external IP address is generally described as your WAN (Wide Area Network) and the internal IP address would be its LAN address. The LAN address would be used to access the router. The first several steps are the same as doing a single port forward as we will need to just do this twice. The first port forward will point to the recorder or camera. The second port forward will be done on Router 1 pointing to Router 2 WAN Address (External Address).
Step 1: In order to port forward, we will need to access the router. The easiest way to locate the router address would be to open a command prompt on windows and type in IPCONFIG. In order to bring up a command prompt, press the Windows key on your keyboard and type in the search bar CMD. In the information provided it will report back what the Default Gateway is currently set to (Ex. 192.168.1.1/10.0.0.1). Open a web browser and type the IP Address of the Default Gateway. It should bring you to the routers login page if not then the routers page is hidden and most likely managed. If it is a managed network consult the IT staff managing it. Some network device requires programs to access the router or other special means in which case consult your network device's manual.
Step 2: Once you are logged into the router you need to navigate to the port forwarding section. Generally, the port forwarding can be found under Advanced, Security, Firewall, NAT Gaming. Some devices will have a quick link on there home page to Port Forwarding. If you need help locating the port forwarding section in your device you can either consult the network devices manual or go to PortForward.com.
- PortForward.com is a website that helps walking through port forwarding on network devices. They have a large list of network device manufacturers. Select the manufacturer of your device and then when on the new page there will be a list of models. Select your model and they have a step by step guide for most devices port forwarding steps that you could follow.
Step 3 On the port forwarding page we are going to add a new port forwarding rule. Depending on your router there will be Add New Service or Add Custom Service button. For the fields you will generally have the following:
Service Name: The service name can be named anything you want. Generally, it is recommended to use something that will help identify what it is for anyone who looks in the router. Example: NVR TCP or DVR TCP.
Service Type: The service type is to identify what type of protocol if will follow. ICRealtime software communicates with the recorder over its TCP port. For remote access, we will be setting the service type to either TCP or Both (TCP/UDP).
External Starting Port: Starting port number that will be opened to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
External Ending Port: Ending port number that will be opened to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
Internal Starting Port: Starting port number that will be opened in your network to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
Internal Ending Port: Ending port number that will be opened in your network to the outside. It is recommended to do direct port to port. The starting and ending port will be the same number.
Internal IP Address: The IP Address of the device that the port is being opened for. In this case, it would be the IP Address of the recorder.
External IP Address: Used to specific access only from someone accessing it with a specific WAN IP address. Generally, this is left blacked or set to Any.
Example:
| Field | Default |
|---|---|
| Service Name | NVR TCP |
| Service Type | TCP |
| External Starting Port | 32789 |
| External Ending Port | 32789 |
| Internal Starting Port | 32789 |
| Internal Ending Port | 32789 |
| Internal IP Address | 10.0.0.15 |
| External IP Address | ANY |
Step 4 After creating your port forwarding on Router 2 which the recorder is connected to the next step is port forwarding on Router 1. In order to access Router 1 while connected to Router 2, you can log into your routers web interface and look at its network settings. You will be looking for the WAN Address with the WAN Gateway. Take note of both the WAN IP address and the gateway. The WAN Gateway will be the address that you can use to access Router 1. The WAN IP address will be the address of Router 2 connected to Router 1 which we will be doing the port forwarding to. In this example, the WAN IP address is 192.168.1.5 and the WAN Gateway is 192.168.1.1. Put the Gateway address (192.168.1.1) into a browser and log into the router.
Step 5 Locate the port forwarding rule section.
Step 6 Create a new port forward rule which will be pointing to Router 2. To point it to Router 2 we will do that by putting Router 2 WAN IP address in the field for the LAN address.
Example:
| Field | Default |
|---|---|
| Service Name | NVR TCP |
| Service Type | TCP |
| External Starting Port | 32789 |
| External Ending Port | 32789 |
| Internal Starting Port | 32789 |
| Internal Ending Port | 32789 |
| Internal IP Address | 192.168.1.5 |
| External IP Address | ANY |
Step 4 After creating your port forwarding rule the next step is to test to make sure it is showing up as open. There are many sites that can be used to check it. You can use canyouseeme.org or yougetsignal.com. Once on the website, it will show your current WAN IP Address and there will be a field to enter a port number by default it will be 80. Put the TCP port number (32789/37777) in and select "test". If the port is open properly it will come back saying Success the port is open. If it comes back as failed or closed then you must go and verify your port forwarding rules. Some routers require a power cycle to apply the settings.
Comments
0 comments
Please sign in to leave a comment.