07-22-2011 11:50 AM - edited 03-04-2019 01:04 PM
I purchased a Cisco 851 Router for the reliablity, but the process to manage the router to port forward a IP address for a internet camera ... I'm lost. I will try the forums, versus paying a $400 dollar fee for support.
What is the process to have an internal IP address for my outdoor network camera visiable for WWW?
How do I port forward 10.10.10.40
How do I assign a static IP to this outdoor network camera?
I can access the Cisco SDM Express V2.5
07-22-2011 12:18 PM
Do you know how to use CLI? if yes, telnet into the router & capture the output of "show run".
If you could share that, I can give you can sample config to copy/paste.
What port does your internet camera uses?
07-22-2011 12:31 PM
Sorry, I don't know CLI but I'm willing to learn.
I assume my port is 80 per Toshiba.
07-22-2011 12:54 PM
Go to command prompt & type in "telnet x.x.x.x" where x.x.x.x is the IP address of the router that you have configured, see if can get into the router.
If you can, type in "enable" & it will prompt you for a password, type in the password & you will a # sign. Type "show run" there
07-22-2011 01:32 PM
This is a long output, you would need to keep pressing "Space" untill it ends,
then copy the whole o/p
07-22-2011 01:41 PM
Still not complete ....Do you have a console cable..Its a blue cable that comes with the router ...??
If yes, you can connect that cable to your computer & router's console port..
Capture the o/p using the following link:
http://www.cisco.com/en/US/products/hw/routers/ps233/products_tech_note09186a00800a6bc0.shtml
07-22-2011 01:46 PM
Amit, thank you for your time. No, I don't have the cable anymore, but what I've provided you was from the telnet promt from Cisco Telnet window which is located on Cisco SDM express. I could start over from your original process and see if I get more.
07-22-2011 01:52 PM
Authorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!
User Access Verification
Username: mcalpin1
Password:
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username
Replace
use.
-----------------------------------------------------------------------
yourname#enable
yourname#show run
Building configuration...
Current configuration : 6082 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$X2gD$5wyK6VsADhUU1T5wBkVIp0
!
no aaa new-model
clock timezone PCTime -8
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-2356464123
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2356464123
revocation-check none
rsakeypair TP-self-signed-2356464123
!
!
crypto pki certificate chain TP-self-signed-2356464123
certificate self-signed 01
3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32333536 34363431 3233301E 170D3038 30363133 32303238
34395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33353634
36343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100D31D BC8A9833 FAFE8A90 5DDBE9BD 74856849 F8DED59A B3AC0CF0 15D31374
D407A5D1 A14ED44D 2C15D488 CB48B0B0 77C7F2F7 74C85640 239D3D1F 54BF9644
0D15C16A C9996587 E809E9D0 981A491A A07C621D 6A9A7CE5 1DFDAAA5 149913E6
8587A81E FEBC7D41 0D67951B BBE22CD8 C11BE766 B70EABCA 371D9DFB A610F3B4
50AB0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D
301F0603 551D2304 18301680 148BD858 50EA1EF8 F26A67C4 BD2F4A5A AD284D78
84301D06 03551D0E 04160414 8BD85850 EA1EF8F2 6A67C4BD 2F4A5AAD 284D7884
300D0609 2A864886 F70D0101 04050003 81810025 4B7A3BEB F7BCFE63 DF266DB1
35C70156 52FA7E6D 6929A014 C44D7029 812EC0FA 99045D0F 1CCEA38E F7803423
98D3DD4E 61B778CB 7416289B 31F56A27 82DC71B6 63301A11 F3ABF828 F98DA9DF
DAC1E879 12F9F480 BDA29277 03F0A803 9546F83C D56B165C F1D9B4F7 B0F2E2EC
F33F4B13 53D0D1C7 48F6E7FB 5452331A 026E34
quit
dot11 syslog
!
dot11 ssid flower2
vlan 1
authentication open
guest-mode
!
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
!
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
!
!
!
username mcalpin1 privilege 15 secret 5 $1$oYCa$JwJpDMPBCI89FYcc9vgwQ0
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
bridge irb
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $FW_OUTSIDE$$ES_WAN$
ip address dhcp client-id FastEthernet4
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
!
interface Dot11Radio0
no ip address
!
encryption vlan 1 key 1 size 128bit 7 3821D66C62193F7BD0B9F0495A6A transmit-key
encryption vlan 1 mode wep mandatory
!
ssid flower2
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0
54.0
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
no ip address
bridge-group 1
!
interface BVI1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface FastEthernet4 overload
ip nat inside source static tcp 10.10.10.17 80 interface FastEthernet4 80
ip nat inside source static tcp 10.10.10.17 443 interface FastEthernet4 443
ip nat inside source static udp 10.10.10.17 4125 interface FastEthernet4 4125
ip nat inside source static tcp 10.10.10.17 8080 interface FastEthernet4 8080
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark SDM_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username
Replace
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
yourname#
07-22-2011 02:31 PM
Ok, let me confirm the objective. You have an internet camera whose IP address is 10.10.10.40 & you want to access it from internet using port 80. So, from internet, when you try to access it using the public IP at port 80, that is being given by your ISP, you want to get connected to your camera.
Here's something conflicting:
ip nat inside source static tcp 10.10.10.17 80 interface FastEthernet4 80
You are already using port 80 with 10.10.10.17.
You could use a different port from internet to connect to the camera on inside.
All you have to do is to add the following lines to the configuration:
On the # sign, copy/paste the following three lines:
config t
ip nat inside source static tcp 10.10.10.17 80 interface FastEthernet4 8000
end
Now, check if you could connect to internet camera from internet using the Public IP that is being given by your ISP on port 8000.
If you want to see what public IP you are currently using type in "show ip int br fa4" on # sign & you will see the IP address.
good luck
if helpful Rate
07-22-2011 03:19 PM
Whats given now.. you have my data above
- I can see my outside camera on my internal network on 10.10.10.40
- No one from the WWW can see this camera view.
- The ISP hasn't provided me any data or ports at this time.
I would like to see my camera from any location from the world without using an username password. I would like for you to see my outside view via a domain address.
SHould I still follow your process?
07-22-2011 03:31 PM
Is your ISP resolving the domain name for you? What domain name are you using?
How were you using this camera earlier? Any other router?
With the configuration that I suggested, you should able to view the camera from WWW by using http://Public IP address of router/8000
Please confirm that you could do it.
07-22-2011 03:36 PM
I can use any of the many domain names I own.. I will use http://backyardgardener.com/
I thought the camera was accessable via the WWW, but come to find out it was only internal. I have the same router.
I will verify your process.
07-22-2011 03:43 PM
yourname#config t
Enter configuration commands, one per line. End with CNTL/Z.
yourname(config)#
yourname(config)#$static tcp 10.10.10.17 80 interface FastEthernet4 8000
yourname(config)#
yourname(config)#end
yourname#config t
Enter configuration commands, one per line. End with CNTL/Z.
yourname(config)#$static tcp 10.10.10.17 80 interface FastEthernet4 8000
yourname(config)#end
yourname#show ip int br fa4
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet4 131.191.17.48 YES DHCP up up
yourname#
07-22-2011 03:57 PM
I've tried several ip numeric ip addresses with /8000 via web browser and I'm unsuccessful in viewing the camera. At least I'm trying... I hope I don't have to shelf this router and buy another router to that allows me to port forward and view my camera via the WWW.
07-22-2011 04:22 PM
From my exp, this router works pretty well for port forwarding. My bad..It should have been:
I tried connecting to it, it doesn't work. Are you sure that port 80 is the only one that you need to forward? What are the specifications of this camera (company, make, model no. etc.)?
What is 10.10.10.17 device?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide