This FAQ is intended for professional installers and Do-It-Yourselfer's who are contemplating installing their own security system. The opinions expressed here-in belong solely to the author.

Introduction:

I recently finished a site with two Dedicated Micros Digital Sprite 2 DVRs. They wanted remote access to the video. We set these up in the past on several sites, but in this instance we were not able to get the degree of cooperation from the networking guys necessary to setup the connection. The customer is more than willing to lean on the appropriate parties to get results, but in the interest of making everybody comfortable first I wrote the following document to help all parties understand what is required to make it happen. After reading it I decided that it might be useful to many here. It's too bad we do not have a reliable FAQ for this group as I think it would be useful to keep a long term copy. This is written directly from my experiences with the units and the software. I admit that my primary business is not networking so my specifics may be less than precise to those who setup up networking everyday. I have setup several small office networks, and setup up some wide area networking using various media and medium. I have also setup several of the Dedicated Micros Digital Sprite 2 DVRs. I have never been the primary person setting up a VPN. In that area my comments are sparse as my expertise is limited. I hope this remote access document is useful to somebody else.

Remote Access Summary Overview:

Dedicated Micros provides software for interfacing over a LAN (local area network), WAN (wide area network), Internet Connection, or VPN (virtual private network). This can allow several options including camera viewing, basic system management, archiving snapshots from cameras, reviewing recorded video, and archiving both open and digitally signed video clips from archives to a computer.

Local LAN Usage:

Once the Netviewer software is installed on a computer on the network it can detect Dedicated Micros DVRs (digital video recorders) installed on the network and access them directly over the LAN. You simply need a valid user name and password supplied by the person administrating the digital recorder. The local IP address for the DVR can also be entered manually in the software. This will typically be in the following format 192.168.0.101 for example.

WAN Usage:

Wide Area Network or WAN is a generic term that encompasses all network connections dedicated to particular user or company. It can include VPN connections. Virtual Private Networking or VPN is simply using a public medium such as the Internet for private connections. This is done by using the public IP addresses of the different sites and sending data directly to and from those addresses in an encrypted format. This will use either special routers designed for VPN to continuously route certain types of traffic to the different LANs connected via VPN or it will use software on some or all of the computers to do the same thing. A WAN might also include dedicated connections such as T-1 lines leased fiber optic connections or satellite relays to connect one LAN to another. These often do not connect to the public Internet. This can be confusing because many of the same technologies can be used to connect to an ISP (internet service provider) and be used to provide VPN connections as part of a WAN as described in the first part of this section.

Remote Access to the DVR(s):

Connection Via Internet:

The simplest method to connect to a single DVR is on a site that uses a router to connect a LAN to a broadband Internet connection is as follows:

1. Program the router to forward port 8234,8235 to the local IP address for the DVR.

A. TCP and UDP must be allowed for these ports.

B. The administrator login name and password for the router are required to do this or it must be done by the person administering this portion of the network. In some cases it will be the ISP. In others it will be a network administrator on site, or a person with a third party company who manages network services and connections.

2. Install the DM Network Viewer software on a remote computer that has broadband internet access.

A. It can be downloaded from: http://www.dedicatedmicros.com/dedicatedmicros/product/digital/DMNetworkViewer.EXE

B. Enter the public IP address for the site router or broadband connection (not the LAN IP for the router). The router should automatically connect the viewing software to the DVR.

C. Enter the user name and password for the DVR.

Note: At this time the software is only designed to connect to port 8234,8235. For multiple DVRs on a single site this does not work. You can only connect to one of them using this method. It may be possible for a site to have multiple public IP addresses. In this case port 8234,8235 for each address may be routed to a different DVR. This will require a router capable of managing multiple public IP addresses.

Connection Via VPN:

1. This will only work with an always on VPN where all of the LAN IP addresses are managed to prevent conflicts. Assign each DVR with a unique IP address on the network.

2. Setup the VPN to allow connection with these IP s from other machines on the network.

3. Install the DM Network Viewer software on any computer needing access to the DVRs.

4. It should be able to connect to the DVRs in the same manner as it does when they are on the same LAN as the machine connecting with them.

Extra Notes:

If a remote site is setup where the DVR is the only device connected to a broadband Internet connection it may be possible to connect the DVR directly and assign the public IP for the connection directly to the DVR in its setup. If it does not work a very inexpensive router can be used for VPN or Internet access to the unit.

In general a static public IP address is required to make remote access connection practical. It may be possible to make the connection to leased or persistant IP address, but when the IP changes it may be inconvenient to find the new IP address and reset your software and/or equipment appropriately. For sites where it may be impossible to get a service with a static IP we might suggest writing a piece of software that retrieves the IP locally and then e-mails it to an address accessible from a remote site, or encrypts it and stores it as a file on a website where it can be downloaded quickly and easily.

Broadband connections are generally considered to be necessary for satisfactory remote access connections to Dedicated Micros DVRs. It may be possible to connect using a dialup connection, but the time to load a single frame of video even at the lowest resolution will be grossly unsatisfactory.

The Dedicated Micros DVRs make a 10mbps connection to a LAN. They use a maximum of approximately 1.2mbps or the equivalent of an old style T-1 for data transmission. They can be set to use a percentage of available bandwidth if they might cause slow downs in other critical networking operations when being accessed. This could be an issue when using slow connections such as medium range wireless or fiber translator with low bandwidth limitations to support part of a LAN. It may also be an issue during times when it is accessed remotely via an Internet connection while other users of the network are using the connection heavily. Activities like downloading files or maintaining an encrypted connection to a remote server or VPN connection might be affected. In general surfing would not be strongly affected. The DVR can be adjusted in its local setup menu to use only a portion of the available bandwidth. The DVR does not use the maximum bandwidth at all times when being accesses remotely or over the LAN. When viewing a single fixed camera the actual bandwidth usage will be much lower. When viewing a PTZ (pan tilt zoom) camera that is in motion or when first loading a multiple camera view the bandwidth usage will be near the maximum. We have had satisfactory connection to sites having as little as 384K available bandwidth.

 

The Security Consultant
DIY Components
Bob La Londe - Owner
849 S Ave C Yuma, Az 85364
Tel: (928)782-9765
Fax: (928)782-7873

---