Jump to content
WildCard

troubleshooting help needed with Geo remote playback

Recommended Posts

So, this is sort of a continuation of my port forwarding post from last week.

 

Background:

Systems are installed in stores that have networks installed by whomever installed the POS systems, so they are protective about making all network changes themselves.

 

I had them set port forwarding to the Geo DVR, ports 80, 3550, 4550, 5550, & 3389. 3389 has always worked. No joy on any remote Geo access.

 

I think it boils down to the ISP blocking port 80. So I changed the web port in Geo to 8888.

 

Worked great to start with. When I browse to http://IP:8888, I get the active x download boxes, it installs - even gets to the point of asking for login.

 

That's when it goes bad. For about 30 seconds, the login hangs - eventually failing with a failed to connect' error. To confirm the obvious, this username/pass works great in connecting remotely from computers on the local network.

 

Any guesses? This is just a Geovision 8 system, no audio.

 

Thanks!

-WC-

Share this post


Link to post
Share on other sites

I would be surprised if the ISP blocked port 80. I would however not be surprised if the POS company (network admins) failed to forward the port numbers correctly. It is to no benefit to them for your equipment to work correctly, so at times they will just suffice you with saying they "are here to help".

 

What type of router setup does your customer have onsite that the DVR is sharing with the POS terminals?

 

scottj

Share this post


Link to post
Share on other sites

just tell the owner you need access to the routers or you cannot guarantee remote video will work properly.

Share this post


Link to post
Share on other sites

I confirmed with the ISP tech support (Charter cable modem), that their dynamic ip cablemodem users are prohibited from operating various servers on those cheaper accounts. They block the common http, ftp, mail server ports.

 

They then tried to upsell to me the static ip plan, which has no ports blocked.

 

I did verify with the network management group that the ports are set to route all the above mentioned ports to the proper internal ip.

 

Rory, I could take the hard approach as you mentioned, but this POS system is incredibly important to this end user and I believe he would not agree to forcing the management team give us access.

 

-WC-

Share this post


Link to post
Share on other sites

which POS system is it?

 

POS is basic stuff, also the installers ive come across (including dealt with in the US over the phone) are not exactly pros when it comes to routers.

Share this post


Link to post
Share on other sites

Radiant systems is the POS, it's a large chain of restaurants.

 

So I just ran an nmap on the IP, seems that 'something' is blocking the traffic, whether it be the ISP or router. Here are the allowed ports as seen by nmap:

 

3389/tcp open microsoft-rdp Microsoft Terminal Service

5550/tcp open sdadmind?

5631/tcp open pcanywheredata?

5800/tcp open vnc-http TightVNC

5900/tcp open vnc VNC (protocol 3.3)

8080/tcp filtered http-proxy

8888/tcp open sun-answerbook?

1 service unrecognized despite returning data. If you know the service/version,

please submit the following fingerprint at http://www.insecure.org/cgi-bin/servi

cefp-submit.cgi :

SF-Port8888-TCP:V=3.81%D=6/9%Time=42A8710F%P=i686-pc-windows-windows%r(Get

SF:Request,2BC,"HTTP/1\.0\x20200\x20OK\r\nServer:\x20GeoHttpServer\r\nDate

SF::\x20Thu,\x2009\x20Jun\x202005\x2016:37:19\x20GMT\r\nContent-type:\x20t.

 

I am going to run a deeper scan. brb.

 

-WC-

Share this post


Link to post
Share on other sites

goto GRC.com, Shields Up, and test the ports from there .. thats another way ..

Share this post


Link to post
Share on other sites

PORT STATE SERVICE VERSION

80/tcp filtered http

3550/tcp open unknown

3551/tcp closed unknown

4550/tcp open unknown

8888/tcp open unknown

 

I am scratching my head here. It's so close. I'll PM you the IP, please try it from your end and tell me what you see, k?

 

Thanks,

-WC-

Share this post


Link to post
Share on other sites

They may be running an incomming proxy server that just routes all requests to dev/null/ at the ISP level.

Share this post


Link to post
Share on other sites

odd, I have it working, but it's so incredibly slow that it shows only 4 of the 8 cameras, low frame rate.

 

I wonder if I was trying to connect to it and the webcam software was timing out due to the slow upload speeds.

 

4 cams, getting about a frame a second each. Never thought to check the upload speeds available from the store. Guessing it's way low.

 

-WC-

Share this post


Link to post
Share on other sites

Maybe depending on what they are using, you can ask them to increase the bandwidth for the DVR ... they may be sending large traffic from the other PCs/POSs.?

Share this post


Link to post
Share on other sites

yeah, that's my thought. I am wondering if they are on one of those cheaper XX download, 128k upload. I will go over there this afternoon and do a bandwidth test.

 

As for the transfer from the POS, I don't think the transfer overhead for that system would be too big, better bet is that they have small upload pipe.

 

I think increasing upload speeds will be no problem once he sees that he's only getting 4fps overall remote vs the 120fps he has local.

 

Thanks again guys.

-WC-

Share this post


Link to post
Share on other sites

Are you connecting with Mpeg4? Wavelet will be slower, and very slow on DSL.

Share this post


Link to post
Share on other sites

We have at least 100 customers who use Charter Cable and have never encountered the issue you are having regarding a "blocked port". I rarely believe ISP services technical support people, as they are taught to just read from a script and most have no clue who the current President of the US is.

 

The slow rate could be related to the POS system sending data over WAN from the location (depending on how nice of a POS it is). Charter is know for "dog" service in our area, we recommend ADSL through SBC is at all posible due to upload speed issues with Charter.

 

scottj

Share this post


Link to post
Share on other sites

Actully the Charter blocking is pretty well documented. But keep in mind, some geographic areas will have some differant policies.

Share this post


Link to post
Share on other sites
We have at least 100 customers who use Charter Cable and have never encountered the issue you are having regarding a "blocked port". I rarely believe ISP services technical support people, as they are taught to just read from a script and most have no clue who the current President of the US is.

 

The slow rate could be related to the POS system sending data over WAN from the location (depending on how nice of a POS it is). Charter is know for "dog" service in our area, we recommend ADSL through SBC is at all posible due to upload speed issues with Charter.

 

scottj

 

I totally respect what you have to say, but note that I think, atleast in this division of Charter, that they are truly blocking port 80 from the upload side of the modem. After all I put into getting port 80 to work, 5 minutes after changing it to port 8888 in the router's port forwarding list and in the Geovision software, remote access worked.

 

I called 3 times to Charter, in my area it appears they are using this port blocking as an opportunity to upsell a static ip (at $15/mo). Static IP accounts have no ports blocked.

 

-WC-

Share this post


Link to post
Share on other sites

check grc.com, open port 80 in the router, if it is not open on shields up, then it is blocked.

Share this post


Link to post
Share on other sites
We have at least 100 customers who use Charter Cable and have never encountered the issue you are having regarding a "blocked port". I rarely believe ISP services technical support people, as they are taught to just read from a script and most have no clue who the current President of the US is.

 

The slow rate could be related to the POS system sending data over WAN from the location (depending on how nice of a POS it is). Charter is know for "dog" service in our area, we recommend ADSL through SBC is at all posible due to upload speed issues with Charter.

 

scottj

 

I guess Charter is blocking a whole slew of ports for non-static business customers in this area. I have the list at my office, but off-hand I know they are blocking 80, 8080, 21, 110, and 10-15 others. Basically they are blocking all of the most common server services.

 

ISP's these days are going crazy trying to block ports. SBC just recently started blocking port 25 so now people are forced to use SBC's smtp server unless their SMTP has an alternative listen port.

Share this post


Link to post
Share on other sites

yeah the crackers down here just up and blocked port 25 one day ... it was such as pain in the butt. .. they arent blocking port 80 yet though ... but there are ways around that ... just like with port 25. Their view on the port 25 thing is you have to be a business to have a web site or email, so then you have to pay the business acount price starting at $150 a month ... morons .. they just want an excuse to make more money is all, with doing less work

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×