Our full technical support staff does not monitor this forum. If you need assistance from a member of our staff, please submit your question from the Ask a Question page.


Log in or register to post/reply in the forum.

CC5MPX and NAT

artmann Aug 22, 2011 12:02 PM

hi all,

i have some problems with the CC5MPX (firmware 1.03 from campbellsci.ca).
My setup is like this:

Hardware:
CR1000+NL115, GPRS/OpenVPN-Router and CC5MPX connected via a ethernet-switch.


Communication Link :
PC -> OpenVPN->Internet->OpenVPN->GPRS-Router(NAT)-> Device(cam or logger).

My problem is the following:

Local IP of Router : 192.168.1.1
Local IP of cam : 192.168.1.3
Remote IP of Router: 172.1.1.1 (e.g.)
Local addresses get assigned via DHCP+MAC-filter

I have forwarded the ports from router to cam like
remote_ip:8080 -> local_ip_cam:80
remote_ip:85 -> local_ip_cam:85

When connected locally to the camera(laptop@switch) everything works fine.
When connected through the OpenVPN tunnel i have some issues with the NAT-ing.

Camera accessed via remote_ip:8080:
The http-Interface is working, but when accessing SDCard via "Memory Card" -> "SD Card #1"a new window pops up showing the directory listing.
url : http://172.1.1.1:8080/sdcard1.htm

so i click on directory "ManualStill".
url : http://172.1.1.1:8080/sdcard1.htm?FLAG=DIR&DIR=/mnt/mmc&FILE=ManualStill

now i can see saved files, but a click on them won't work as the url of the shown links :
http://192.168.1.3/sdcard/ManualStill/still_640_480_2011_08_22_02_43_27.jpg
is referencing the local_ip_cam instead of of remote_ip!

if i manually change the url to
http://172.1.1.1:8080/sdcard/ManualStill/still_640_480_2011_08_22_02_43_27.jpg
it works.

i dont think this is intended behaviour.

I suspect a similar issue for FTP in passive mode.
Locally everything is working fine, but when it comes to remote-access its not.
Here a log from filezilla (note the local ip 192.168.1.3 popping up)

Status: Connecting to 172.1.1.1:85...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [privsep] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 10:51. Server port: 85.
Response: 220-This is a private system - No anonymous login
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: USER admin
Response: 331 User admin OK. Password required
Command: PASS ****
Response: 230-User admin has group access to: root
Response: 230 OK. Current restricted directory is /
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: TVFS
Response: ESTA
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTP
Response: 211 End.
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (192,168,1,3,33,155)
Command: MLSD
Error: Connection timed out
Error: Failed to retrieve directory listing

In active mode it works as expected.
As the system will get deployed this week i am wondering
how to resolve this issue after deployment.

I would suspect a new firmware will be needed.
If this is the case:
- when can this update be expected?
- will the remote firmware upload work (~14MB upload via tunneled http)

* Last updated by: artmann on 8/22/2011 @ 6:30 AM *

PaulB Aug 23, 2011 05:14 PM

Hi artmann,

Thank you for the feedback on the operation of the CC5MPX.

The first problem that you are seeing is a bug in the way the file links are generated, and it has been corrected in the upcoming 1.04 firmware release. We are in final testing so it should be available for download soon. The firmware can be updated in the field via tunneled http, it will only be limited by the speed of the GPRS modem.

The second problem is a well known issue with the FTP protocol and NAT routers. See this page for a good description of the problem: http://wiki.filezilla-project.org/Network_Configuration

The gist of it is that the CC5MPX doesn't know the external IP address of the router so it can only use its own NATed IP address to try to form a PASV connection. The best solution for this is to use ACTIVE mode file transfers.

moho Sep 8, 2011 10:47 AM

Hi PaulB,
any news about the upcoming 1.04 firmware release?

Log in or register to post/reply in the forum.