iCanTek Co.,Ltd.

Common Question


QUESTION	32	Installation behind a firewall : Can I use One click installation if my iCanTek Network Camera or Video Server is behind a firewall?

Answer
Yes, provided that no username or password is required for Internet access through the firewall and that port 80 is open for outgoing traffic.
Note that manual installation works behind firewalls.
Firewall is a device designed to protect connection for certain applications between internal and external networks.
Depending on the construction of firewall, all connections crossing firewall can be blocked or chosen applications or
IP can be blocked or not. To enable streaming data traffic from network camera/server to client PC’s, it is needed to
modify protection condition of the firewall and network parameters of camera/server. In many cases, the firewall
bypasses most of internal to external connection, while bypasses only specific application connections.
1. Overview
If firewall is installed on either Client PC or Network Camera (or Video Server) side, it is necessary to open specific ports for communication.
Network cameras and Video Servers (VS/NC) support TCP.
UDP assures low delay and higher quality for good network environment compared with TCP, but there is no way of recovering error caused by packet loss under poor network condition. Although TCP has a way of recovering error, it introduces delay caused by handshaking data exchange and retransmission of lost packets. In many cases, TCP connection causes lower frame rate.
2. Network connection for Audio/Video Streaming from VS/NC
Initial connection is setup by the client PC (Viewer) to camera/server using RTSP over TCP.
And then web connection (HTTP connection) is setup from client PC to VS/NC to confirm ID and password.
Audio/Video streaming data is transmitted from the VS/NC to client PC using TCP packets.

Connection Sequence, Direction, and port number are :
1. Cleint PC(Viewer) VS/NC
- Client PC(Viewer) : Port number is automatically assigned by the OS.
- VS/NC : RTSP over TCP. Default TCP port is 554
(If port number other than 554 is needed for RTSP over TCP, you can change the port number using IP installer program or using administrative mode.)
2. Web connection from Cleint PC(Viewer) VS/NC
- Default HTTP port is 80.
(If port number other than 80 is needed for HTTP, you can change the port number using IP installer program or using administrative mode)
3. VS/NC Client PC(Viewer)
- VS/NC send streaming data over TCP RTSP port (default is 554)
- Client PC(Viewer) : : Port number is automatically assigned by the OS in 1 is used.

3. How to configure ports for various situation of firewall installation
1)No firewall : No additional setup is required.
2)Firewall on the Client PC Network

TCP connection from Firewall_PC to external network should be enabled by the firewall.
(Default ports - RTSP(TCP 554), HTTP(TCP 80). Assign new RTSP and HTTP ports if default ports are not available.)

3)Firewall on VS/NC Network

TCP connection from external network to Firewall_VS/NC should be enabled.
(Default ports - RTSP(TCP 554), HTTP(TCP 80). Assign new RTSP and HTTP ports if default ports are not available.)
4) Firewall on both Client PC and Network Camera/Server Networks

TCP connection from Firewall PC to external network should be enabled.
(Default ports - RTSP(TCP 554), HTTP(TCP 80). Assign new RTSP and HTTP ports if default ports are not available.)
TCP connection from external network to Firewall_VS/NC should be enabled.
(Default ports - RTSP(TCP 554), HTTP(TCP 80). Assign new RTSP and HTTP ports if default ports are not available.)