Strange Issue When Accessing Netcam Studio Remotely


#1

Hi all,

Although I’ve been working with support, they seemed just as stumped. Here’s what’s going on. I have Netcam Studio running at my parents house. When I access it via the mobile app on my iPhone over Sprint’s 4G LTE network, I have no issues accessing the server so I know port forwarding, DDNS, account access, etc. is setup correctly. If I activate my VPN which takes me to my own home network and out via my Verizon FIOS pipe, the app hangs. Also, if I try to access my parent’s server from my home network either via my iPhone or laptop connected to WiFi, I still get nothing. Has anyone encountered this or have any ideas? Appreciate any help. Thanks


#2

Hi Robert,
This is a challenge I can´t resist :slight_smile: .
I will probably ask stupid questions, misunderstand and ask for more information so please beware ;). So here it goes.
This has nothing to do with Netcam Studio (NCS) per se, but it has everything to do with how the computer is accessed running NCS. I need to structure this into 3 cases and also trying to visualize in this text based forum.

Case 1: NCS_app/iPhone to NCS at parents house. This is working.
NCS_app/iPhone --> DDNS_parents/WAN_public_IP --> parents_house --> router/port_forwarding/LAN_IP:8100 --> computer/NCS:8100

Case 2: using VPN to your house and continue to the computer at your parents house running NCS. This is not working.
NCS_app/iPhone/VPN --> DDNS_home/WAN_public_IP --> your_home --> router/VPN_server --> change LAN to your parents house --> computer/NCS:8100.

-I assume that you can access the devices on your home LAN from the iPhone so you know that the VPN works?
-is the VPN server in the router or is the VPN server on a computer on the LAN so the VPN traffic tunnels through the router first?
-a correct configured VPN server (in router or local computer) do not allow you to continue to another LAN. For example, if your set up the VPN in the iPhone to connect to the LAN with IP 192.168.2.x then the VPN server block you from connecting to for example 192.168.4.x. This is purely for security… If you want to connect to the LAN with 192.168.4.x you must set up a new VPN connection to that LAN.
-stupid question, but why don´t you do it like in case 1?

Case 3. connecting the home computer to parents computer. Use the NCS web client on the laptop.
You don´t say anything how you do it today so it is difficult for me to say what is the problem. However, you can do this connection in two ways:
1.setting up a VPN between the two locations,
2.using port forwarding in the router at your parents house.

If you want to have access to everything on the parents LAN then use (1) with VPN. If you need access only to NCS it is easier to use port forwarding in the router at your parents house as (2).

Just a reminder; you need everything to be on Static IP on the LANs and of cause DDNS_home and DDNS_parents on the public IP side.

That´s all for the moment ;).
-Henrik


#3

Hi Henrik,

Thanks for replying and no worries as at this point there are no stupid questions! Your understanding of which arrangement is working and which doesn’t is correct. Here are answers to your specific questions:

-Yes, I have no issues access devices on my LAN via OpenVPN so know it works properly.
-The VPN server at my home lives on a NAS.
-I suppose I could try to setup a VPN between my network and my parents and only route traffic on port 8100 at the client level if possible. I don’t want all my traffic going through their network. I could also VPN into their network, but I would then lose access to my network and IOS to my knowledge does not allow routing application-specific VPN traffic.
-Case 1 works, but when I’m home, I can’t access my parents network because of these issues so have to disable my VPN which isn’t really doing anything when I’m on my home network, but still a step and then disable my Wifi connection requiring me to use my cellular data which is limited.
-All addresses of devices involved at both locations are set to static IP already.
-I have a MacBook Pro at home so was trying to access my parents NCS by going to DDNS_parents:8100. I have even tried using their current external IP address rather than going through the DDNS and still doesn’t work :frowning:
-I wonder if I punching a hole through my NAS’ firewall or lowering it entirely may help so will try it, but this still wouldn’t explain why I can’t access my parents network when I’m just connected via Wifi on my home network and no VPN.

Thanks for your help! This one really has me stumped.


#4

Hi again,
Thanks, excellent. For now I focus on how to get the connection between your house and your parents house to work. This should really be very easy with port forwarding in the router at your parents house. In the browser on the MBP you should only write the http://DDNS:8100 and in the router at your parents house port forward to the NCS computer. However, it has happened before that the ISP block ports and this can be the reason that port 8100 is blocked. Test this by doing the following:
-if possible in the parents router use NAT (port forwarding) and PAT (port address translation). Not all routers have PAT so check that.
-instead of using port 8100 use port 80 that always pass the network.
-in the router set NAT and also set PAT from 80 to 8100.
-in the browser use http://DDNS:80 and see how it goes. You should get the blue login panel in return.
-if PAT is not possible in the router then you can change port 8100 to something else like port 80 in the configuration file of NCS. However, make sure that port 80 is not used by some other application in the computer.

  • Config files is here C:\Program Files\Netcam Studio - 64-bit
  • config file is here. There are 2 config files; one for NCS service and one for NCS X. Pick the one that you use.

Change here from 8100 to 80.

Test NCS on your parents computer with http:loclaip:80 or http:ddns:80 or http://localhost:80

-Henrik


#5

Thanks. I will give this a try next time I’m down there and report back what I find.


#6

A suggestion. Install TeamViewer and you can do all this from your home.
Also, set up NCS on your home compoter and access that from you parents house and iPhone.
Is the firewall in the router or on the NAS?


#7

I tried changing the port and it still didn’t work, but finally figured this out! I went through very methodically and enabled and disabled firewalls until I found access worked. Turns out, it was my dad’s Xfinity router was blocking access despite the port being forwarded. Here’s what I did in case anyone else runs into this issue:

  1. Login to the Xfinity Router
  2. Go to the Firewall
  3. Change it from “Medium” to “Custom”
  4. Check all boxes except HTTP, Peer-to-Peer, and of course Disable Entire Firewall
  5. Ensure port 8100 TCP is forwarded under Advanced

Now there’s no issue accessing via any network even through my VPN. Thanks for the help!


#8

Excellent! Happy you found the problem and thanks for reporting back.
-Henrik