Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: kwolson
kwolson Author
User level: Level 1
23 points

SecuritySpy/remote surveillance

Greetings, all.


I hope a networking pro can guide me in getting my SecuritySpy operational for remote viewing on my iPhone...


How things stand now:


1. A house of Macs, networked via ethernet (Airport Base station available, too but rarely until my dead PowerBook gets replaced). All working without problems. Each computer can see the network cameras via the SecuritySpy desktop widget or by directly entering their local IP addresses, so I'm confident that the cameras and overall network configuration is OK.


2. An old iMac G4 to be the dedicated video server, parked in a closet. Functioning internet connection, SecuritySpy loaded and working with the network cameras. The DynDNS updater is installed and working on that machine.


3. Registered with the DynDNS.org service - everything functional.


4. 'Remote Patrol' iPhone app being installed on the family phones.


5. Linksys router set to DCHP (the usual), DynDNS function enabled (needed?), port 8000 entered under the port forwarding section (as per S-Spy manual).


Questions:


1. Since I am using the DNS updater from DynDNS, should I also have the DynDNS function enabled on the router or is this redundant?


2. The router web-based "help" for port forwarding says that I should turn off the DCHP function for this feature, which seems to defeat the purpose of the DynDNS service and would also prevent other computers from internet access. Comments?


3. Should I assign a static IP address from within the router range to the dedicated video server? It looks like I could port forward the '8000' request to a specific machine if I assign a static IP address to it. Since I really only need one machine for remote viewing, would this be a good idea?



Any other advice gratefully accepted!


Kevin

Posted on Jun 16, 2011 8:52 PM

Reply
Question marked as Best reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Posted on Jun 16, 2011 9:08 PM

1. Since I am using the DNS updater from DynDNS, should I also have the DynDNS function enabled on the router or is this redundant?


It's redundant - only one system on your LAN (e.g. either the router or the server) needs to talk to DynDNS. There's unlikely to be a problem if multiple devices do, but there's no advantage.


2. The router web-based "help" for port forwarding says that I should turn off the DCHP function for this feature, which seems to defeat the purpose of the DynDNS service and would also prevent other computers from internet access. Comments?


I think you're being too literal in interpreting the manual.

I think it's talking about turning off DHCP for the server that you're port forwarding to, not for the entire network.

Let me explain that. Let's say your server is configured via DHCP and is using the LAN address 192.168.2.45 and you setup port forwarding on the router to relay port 8000 traffic through to your server. That's fine, and works.

However, imagine now that for some reason you reboot your server (software update, power outage, whatever). When it comes back up it requests a new IP address from the DHCP server. There's no guarantee that it's going to get the same 192.168.2.45 address. If it comes back up with any other address your port forwarding will fail because it's now trying to forward packets to a server that no longer exists.


For this reason it is recommended that internal servers are not configured via DHCP, but manually, so they have a consistent, persistent IP address, even after a reboot. In this way it will always have the same address, and the port forwarding will continue to work.

The only issue is that you need to select an IP address that is in your LAN subnet, but outside the range of your DHCP server settings - for example, if your network uses 192.168.2.x/255.255.255.0 then you could configure the router at .1 and configure the DHCP server to hand out .2 through .100 as DHCP addresses. Any address above .100 is still valid on your network, so you could manually configure your server at 192.168.2.101 and be happy.


3. Should I assign a static IP address from within the router range to the dedicated video server? It looks like I could port forward the '8000' request to a specific machine if I assign a static IP address to it. Since I really only need one machine for remote viewing, would this be a good idea?


I'm not sure I understand your question here. There are many possible interprettions of which addresses you're referring to. If the above explanation doesn't solve your problem please post back with more detail.

View in context
2 replies
Question marked as Best reply
User profile for user: Camelot
Camelot
User level: Level 9
54,333 points

Jun 16, 2011 9:08 PM in response to kwolson

1. Since I am using the DNS updater from DynDNS, should I also have the DynDNS function enabled on the router or is this redundant?


It's redundant - only one system on your LAN (e.g. either the router or the server) needs to talk to DynDNS. There's unlikely to be a problem if multiple devices do, but there's no advantage.


2. The router web-based "help" for port forwarding says that I should turn off the DCHP function for this feature, which seems to defeat the purpose of the DynDNS service and would also prevent other computers from internet access. Comments?


I think you're being too literal in interpreting the manual.

I think it's talking about turning off DHCP for the server that you're port forwarding to, not for the entire network.

Let me explain that. Let's say your server is configured via DHCP and is using the LAN address 192.168.2.45 and you setup port forwarding on the router to relay port 8000 traffic through to your server. That's fine, and works.

However, imagine now that for some reason you reboot your server (software update, power outage, whatever). When it comes back up it requests a new IP address from the DHCP server. There's no guarantee that it's going to get the same 192.168.2.45 address. If it comes back up with any other address your port forwarding will fail because it's now trying to forward packets to a server that no longer exists.


For this reason it is recommended that internal servers are not configured via DHCP, but manually, so they have a consistent, persistent IP address, even after a reboot. In this way it will always have the same address, and the port forwarding will continue to work.

The only issue is that you need to select an IP address that is in your LAN subnet, but outside the range of your DHCP server settings - for example, if your network uses 192.168.2.x/255.255.255.0 then you could configure the router at .1 and configure the DHCP server to hand out .2 through .100 as DHCP addresses. Any address above .100 is still valid on your network, so you could manually configure your server at 192.168.2.101 and be happy.


3. Should I assign a static IP address from within the router range to the dedicated video server? It looks like I could port forward the '8000' request to a specific machine if I assign a static IP address to it. Since I really only need one machine for remote viewing, would this be a good idea?


I'm not sure I understand your question here. There are many possible interprettions of which addresses you're referring to. If the above explanation doesn't solve your problem please post back with more detail.

Reply
User profile for user: kwolson
kwolson Author
User level: Level 1
23 points

Jun 17, 2011 12:02 PM in response to Camelot

Thanks for the prompt response, Camelot! Your replies to numbers 1 and 2 make sense to me now. Yes, after re-reading the notes on DCHP disabling, it seems that they mean to not have it enabled on the machine involved in port forwarding.


Regarding item #3:


In the Linksys port forwarding setup section (web page), there are entries for "Port start," "Port end," protocol and IP address.


I have entered 8000 start/end for SecuritySpy and selected TCP as the protocol. Since I have now set up a manual IP address (within the appropriate LAN range, as you described) on the iMac video server, do I also have to enter that address in the router settings? Or, will the iMac server just receive that data automatically because it is sent there from the router and S-Spy is "listening" for an "outside call"?


Kevin

Reply

SecuritySpy/remote surveillance

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up