Jump to content
empedokles

How make an ipcam accessible over the net?

Recommended Posts


I get asked this so many times, I wrote and article on my blog years ago as it's not a simple one step process, but the basics are;

 

1. set you cameras up with fixed IP addresses on your home network which you probably already have

2. port map & port forward ports 80 and 554 for each camera (if it's Hikvision) to an external port number. I like to start in the 10000 so it does not interfere with other port usage or ISP rules and you can go up to about 65,535.

3. find your WAN address, easiest way if your router does not show you this is to go to http://whatismyipaddress.com/

4. go to http://canyouseeme.org/ and check that you can get to that WAN address and those new external port numbers you created

5. try and connect from another network outside your home with a browser to that WAN address and port number to see if it works, like http://79.34.32.32:10005

6. lastly, setup a DDNS account to map a name to your IP address that likely is DHCP and changes every now and then. The name will remain stable as the WAN IP address changes

7. setup a single device in your home to keep DDNS updated. I prefer using my router for that, but you can use a camera or PC too as long as they are on 24/7.

8, test remote access using your new DDNS domain name.

Share this post


Link to post
Share on other sites

Most routers these days have port mapping is what it's called. You map port 80 on camera 1 to port 10080, map port 80 on camera 2 to port 10081, so you leave the port as is on the camera. Then if you have to replace the camera, there's less configuration work. You can just use port 80 and 554 if all you have is one camera and your ISP lets you, mine does actually, have used port 80. You can change these ports in the camera, then just port forward the same port. Also, depending how adventurous you are, you can see if your router works with DD-WRT firmware. It replaces the factory firmware with very good open source firmware that is loaded with features. I did that in a few locations. What's nice if you have several locations is you program them all with the same firmware, you don't have to learn Netgear, D-Link, Linksys and every other router each time you have to replace one. Like one annoying thing on Netgear is you only do like 20 port forwards, good enough of some people but I ran out quickly. So DD-WRT can fix those sort of problems or of your router does not support port mapping.

Share this post


Link to post
Share on other sites
How can I make an ip-cam accessible for the public over the net?

Also. Here are secure methods to do this. That can also support allowing PTZ controls as well better bandwidth control:

 

http://foscam.us/forum/showing-secure-methods-using-php-to-display-your-ip-cameras-t8721.html

 

While the demonstrations above are using Foscam IP Camera models. They do work for any other IP Camera models or Imaging devices that support HTTP or HTTPS access methods.

 

The methods allow any Internet browser capable device running on any Operating System and using any browser to be able to see your IP Camera. Without the need to download/install anything or be required to have specific media players installed on any device, to do so.

 

Don

Share this post


Link to post
Share on other sites
How can I make an ip-cam accessible for the public over the net?

Also. Here are secure methods to do this. That can also support allowing PTZ controls as well better bandwidth control:

 

http://foscam.us/forum/showing-secure-methods-using-php-to-display-your-ip-cameras-t8721.html

 

While the demonstrations above are using Foscam IP Camera models. They do work for any other IP Camera models or Imaging devices that support HTTP or HTTPS access methods.

 

The methods allow any Internet browser capable device running on any Operating System and using any browser to be able to see your IP Camera. Without the need to download/install anything or be required to have specific media players installed on any device, to do so.

 

Don

 

Hi Guys

 

Anyone managed to get Don's scripts working for the Hikvision dome cams? (ie. 2cd2xx2 or simiilar series).

 

I've tried and failed abysmally... I have very little knowledge on setting up web pages but I have managed to install PHP and IIS and have another web facing site up and running.

 

I followed the instructions in the ZIP files supplied and managed to get as far as testing the "SecureImageDisplay.php" but never found the right syntax to put in the script for pulling the snapshot from my Hikvision 2cd2332.

 

I tried both

 

http://IP:80/onvif/snapshot and also http://IP:80/Streaming/channels/1/picture (user: admin pass: 12345) both of which work when entered directly into a web browser.

 

Since then I have managed to get myself in mess and now get an "Internal Server Error" when trying to pull up the "SecureImageDisplayLogin.php" page.

 

I've removed everything and started from scratch but still get the same error. Anyone have this working with Hikvision?

Share this post


Link to post
Share on other sites

In your case. It looks like the cameras URL may not be a scripting language URL. Meaning, it may not allow or support using parameters to be part of the URL.

 

So. You want to change this line in SecureImageDisplay.php:

 

$ipcam_url = "http://DDNSorISPIPAddress:PortForCamera/snapshot.cgi?&user=admin&pwd=YourPassword&cnt=".microtime(true);

I tried both

 

http://IP:80/onvif/snapshot and also http://IP:80/Streaming/channels/1/picture (user: admin pass: 12345) both of which work when entered directly into a web browser.

 

Since then I have managed to get myself in mess and now get an "Internal Server Error" when trying to pull up the "SecureImageDisplayLogin.php" page.

 

I've removed everything and started from scratch but still get the same error. Anyone have this working with Hikvision?

To be ("Using your example(s) above"):

 

$ipcam_url = "http://admin:12345@IP:80/onvif/snapshot";

or

 

$ipcam_url = "http://admin:12345@IP:80/Streaming/channels/1/picture";

I am assuming that you already have used the check included in SecureImageDisplay.php to determine the web servers current setup:

 

1. That php curl and GD methods are currently installed on this web server?

 

2. That the web server is currently allowing the port for your camera to be opened as an outbound port using php curl and GD methods?

 

Also. You make no mention of what this "same error" is and has been showing?

 

Don

Share this post


Link to post
Share on other sites

Hi Don,

 

1. php curl and GD methods are installed on the web server. I get the following messages when running "SecureImageDisplay.php" with the debug enabled

 

"Your web server allows the IP Cameras port to be opened using php GD methods.

Your web server allows the IP Cameras port to be opened using php Curl methods."

 

2. I set $ipcam_url to "http://IP:80/onvif/snapshot". This url does not require user/password authentication and when entered directly into a browser will return a snapshot image from my camera.

 

3. I have also edited the remaining php files with the necessary IP addresses for my server and paths as indicated in the files.

 

After doing all the above, I have commented out the debug line "$check_for_blocked_port = true" with a "#"

 

Finally, I uncommented "#include("RestrictToSecureImageDisplayHtm.php");" and only this line in "SecureImageDisplay.php"

 

When I try running "RestrictToSecureImageDisplayHtm.php" from my browser, I get the "Accessed Denied" graphic in response.

 

I also tried the alternate "RestrictToSecureImageDisplayLogin.php" after commenting out the alternate line and get the same "Access Denied" graphic.

 

Interestingly, I don't get prompted for a User/Pass when calling "RestrictToSecureImageDisplayLogin.php" which I was expecting to get.

 

Sorry, I cant provide more information. As I mentioned I have another web facing site running on the same server using php which works so I am reasonably confident the php is running.

Share this post


Link to post
Share on other sites
Hi Don,

 

1. php curl and GD methods are installed on the web server. I get the following messages when running "SecureImageDisplay.php" with the debug enabled

 

"Your web server allows the IP Cameras port to be opened using php GD methods.

Your web server allows the IP Cameras port to be opened using php Curl methods."

 

2. I set $ipcam_url to "http://IP:80/onvif/snapshot". This url does not require user/password authentication and when entered directly into a browser will return a snapshot image from my camera.

 

3. I have also edited the remaining php files with the necessary IP addresses for my server and paths as indicated in the files.

 

After doing all the above, I have commented out the debug line "$check_for_blocked_port = true" with a "#"

 

Finally, I uncommented "#include("RestrictToSecureImageDisplayHtm.php");" and only this line in "SecureImageDisplay.php"

 

When I try running "RestrictToSecureImageDisplayHtm.php" from my browser, I get the "Accessed Denied" graphic in response.

 

I also tried the alternate "RestrictToSecureImageDisplayLogin.php" after commenting out the alternate line and get the same "Access Denied" graphic.

 

Interestingly, I don't get prompted for a User/Pass when calling "RestrictToSecureImageDisplayLogin.php" which I was expecting to get.

 

Sorry, I cant provide more information. As I mentioned I have another web facing site running on the same server using php which works so I am reasonably confident the php is running.

Hello,

 

So I think you can see your camera without the restrictions in place?

 

Assuming that the HTML file you are using is "SecureImageDisplay.htm" You should try accessing that with the restrictions commented out in "SecureImageDisplay.php" to make sure that works.

 

Once that is working. Then to force the logon to the camera you need to access the camera using "SecureImageDisplayLogin.php" and not "SecureImageDisplay.htm".

 

Once that is working. You need to change "RestrictToSecureImageDisplayLogin.php" to match your website and folder location. If your end-goal is to restrict access to the camera by forcing the logon page to be always used.

 

Once that is done correctly you should no longer be able to use "SecureImageDisplay.htm" to see your camera and the only way to see your camera should be by using "SecureImageDisplayLogin.php" when you have uncommented the reference to "RestrictToSecureImageDisplayLogin.php" in "SecureImageDisplay.php".

 

Note: You can send me a PM ("Private Message") and I will give you my email address if you need more help or instructions. I don't want to take this Forum thread off topic. I simply wanted the original poster here to understand there are many methods one can use to do what they are trying to do.

 

Don

Share this post


Link to post
Share on other sites
The problem is I can't connect to my camera in Step 5.

 

Is there a good free dynamic dns site (DynDNS isn't)? Hikvision has its own:

http://www.hik-online.com

 

I use noip.com as that's why my router supports.

 

So you can see the IP and ports are actie with canyouseeme but what happens when you use a browser, can you log inn but no picture, can't log in at all?

Share this post


Link to post
Share on other sites

Hi Buellwinkle. The thing was that I always got my router admin interface while trying to connect and not the camera. But I've been told now that this is usual if you are on the same DNS for most routers and only persons that aren't on my DNS can connect to the cam. I did set port-forward of 80 and 554 on my router now (haven't found that port mapping on the this centro grande router from my provider). And I've set up an account on hikvision and then added the camera with the ddns number my camera gave me. Probably better if I can keep it on the level of my camera.

 

My sister gets the Hikvision admin interface. I'm not sure how to set it public though.

Share this post


Link to post
Share on other sites

Just a heads up. Ports 80, 8080 and 8090 are some of the worse ports you can use for an IP Camera. In many cases it can cause port conflicts with your local network equipment when trying to use them for remote access to your IP Cameras. You would be much better off changing the port to port 90 as an example.

 

Of course this will require you to change both the cameras port configuration as well as your port forwarding setup.

 

Don

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×