Pelco GW5000 CONFIGURING THE WAN FIREWALL, TESTING WEB CLIENT CONNECTIVITY

C2694M (7/08) 21

CONFIGURING THE WAN FIREWALL

Each video stream that the gateway transmits to the Web client uses a unique destination port that is assigned sequentially. The WAN firewall

must be capable of passing each video stream that arrives from the gateway. Each port on the WAN firewall must be open so that video streams

can pass through to the Web client. These ports can be configured on the firewall to forward transmissions automatically. By default, the Web

client assumes the ports are not forwarded automatically, so the Web client continuously sends messages out through the designated port range

on port 80. On most WAN firewalls this will open the required ports automatically.

You must configure enough RTP ports to view the maximum number of video streams that the gateway will support at your site. Video streams

are transmitted on even ports beginning with the base port number defined on the Public Network Interface configuration page in the Endura

Web client. If a base port is not configured, the default port is 15000. If your site supports 32 streams, you mu st configure a range of 64 ports. In

this example you would configure ports 15000–15064. Ifyou configure a different port number, you must configure the correct port range. Refer

to TableC for the ports that can be configured.

NOTE: Always follow internal security policies when opening ports on a network firewall. Opening ports on a firewall exposes your site to

threats from external security across the Internet. Open only enough ports to provide access to users of the Endura Web client.

When configuring these ports on the firewall, it is important to determine whether or not you must forward only the UDP port numbers, only the

Transmission Control Protocol (TCP) port numbers, or both. Use TableA on page20 to determine when to configure each port type.

If users notice that video is not displaying correctly after the ports have been configured in the firewall, it might be necessary to reconfigure the

ports on the Public Network Interface configuration page in the Endura Web client.

TESTING WEB CLIENT CONNECTIVITY

You can verify whether or not the Web client can receive video streams from the gateway by testing the port range on the Public Network

Interface configuration page.

1. Open the Public Network Interface configuration page. The video base port number appears on this screen. By default this port number is

15000. Your system might use a different base port.

2. Click Start to test whether ports are being forwarded. If the ports are being forwarded, the Status light changes to green.

3. If the ports are not being forwarded, select “Enable Manual Port Forwarding,” and then click Apply. The Web client saves a cookie with the

port range on the local computer. You might need to repeat this step if your Internet browser deletes cookies periodically.

Figure 17. Testing the Web Client Connectivity

Table C. Port Configuration on the Public WAN

UDP Ports TCP Ports

15000 and beyond, or the

base RTP port

None