Jump to content
Not connected, Your IP: 18.225.117.89
AirVPN
User26401

ANSWERED Remote viewing a security/wildlive cam behind AirVPN.

By User26401, ... in Troubleshooting and Problems

Recommended Posts

User26401    1

User26401
Posted ...

Hi All,

 

I run Tomato firmware on Asus router. I have two Hikvision camera I want to remote view, is this how I'd go about it:

 

1) On AirVPN Client Area, forward two ports e.g. my-cam-name port 8001&2 forward to (my vpn IP) port say 10001&10002

 

2) In router, set up IP tables like so

 

iptables -I FORWARD -i tun1 -p udp -d 192.168.1.2 --dport 10001 -j ACCEPT
iptables -I FORWARD -i tun1 -p tcp -d 192.168.1.2 --dport 10001 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 2001 -j DNAT --to-destination 192.168.1.2
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 2001 -j DNAT --to-destination 192.168.1.2

 

Now my PC listens on Ports 2001&2 ?

 

How do I access from the outside web using ddns? Is it my-cam-name.airvpn.org:8001

 

Any info much appreciated!

Share this post

Link to post

User26401    1

User26401
Posted ...

Solved (well the networking side) this myself, posted here in case it helps other people or you land here from a search.

 

1) Grab the port number(s) you want and a ddns name so you can access it by name not IP (also if you change vpn server) let's say 12345 and mycamera1

 

2) Your camera has an internal IP of 192.168.1.50 and listens on port 80

 

3) On Tomato, VPN is tun11, check this is enabled for forwarding by running this command, it should return 1:

 

cat /proc/sys/net/ipv4/conf/tun11/forwarding

if not you need to enable by typing

 

echo '1' | sudo tee /proc/sys/net/ipv4/conf/tun11/forwarding

 

4) Put these in your routers Settings/Administration/Scripts/Firewall (first one was already there, is a killswitch)

 

iptables -I FORWARD -i br0 -o `nvram get wan_iface` -j DROP

iptables -I FORWARD -i tun11 -p udp -d 192.168.1.50 --dport 80 -j ACCEPT
iptables -I FORWARD -i tun11 -p tcp -d 192.168.1.50 --dport 80 -j ACCEPT
iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 12345 -j DNAT --to-destination 192.168.1.50:80 
iptables -t nat -I PREROUTING -i tun11 -p udp --dport 12345 -j DNAT --to-destination 192.168.1.50:80

You can now acess it from a browser here

 

http://mycamera1.airdns.org:12345

 

If you have more than one camera, then you just grab extra port numbers (12346, 12347, ...) and ddns (mycamera2, mycamera3, .. ) and forward to each internal I.P. (192.168.1.51, 192.168.1.52, .. ) all can listen on port 80.

 

Enjoy!

LZ1 reacted to this

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Go To Topic Listing
×
×
  • Create New...