Port forwarding not working as expected

Solved
rrehart01
Here to help

Port forwarding not working as expected

Ok - I'm stumpped. I have a camera inside my network that is using dynamic dns (no-ip) so it can be accessed from the internet - specifically on port 2263 (TCP/UDP).

 

My network looks like this: Internet router --> MX64 -->core Switch -->Access switch-->Camera.

 

The camera is accessible from inside the LAN by IP:2263, so I know the LAN is not an issue. Forwarding rules look like this (the other forwarding rules work just fine): 

Forwarding rulesjpg.jpg

When I try to ping the camera from external of the network via DNS, the packets stop after the internet router (I see the attempt to connect to the LAN). so the firewall has to be the issue. I only have one IP at this location (DSL), so 1:1 NAT is not an option.

 

Any help would be greatly appreciated.

1 Accepted Solution
rrehart01
Here to help

Got it! Factory reset and rebuild of the camera did it.

View solution in original post

5 Replies 5
MacuserJim
A model citizen

I have had some port forwarding issues in the past where simply restarting the MX resolved the issue. Maybe give that a shot? Also if you click into the device page for that camera are you able to verify that the MX is applying the forwarding rules for that device?

rrehart01
Here to help

Ok. I'll try to reboot after hours. Yes, I have verified the rules are being applied to the camera on the device page. Thanks.
rrehart01
Here to help

Additional information: I just did a port scan from outside the network to that port (2263) and got back a "closed" as opposed to a "Blocked". Any idea what that means?
rrehart01
Here to help

Figured that one out. Now it says the port is open to the "ECweb configuration service", but still not able to access the camera

rrehart01
Here to help

Got it! Factory reset and rebuild of the camera did it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels