IP camera through vpn site-to-site dynamic client usg60
Options
MagnusBorgen
Posts: 6
hi, i am struggeling to get the buildt in camera discovery tools to find the cameraes. I can ping from both sides, find via ip scanner, access via web gui, but i cannot find cameraes through Milestone. OR the producers "discovery tool".. Any ideas?
0
All Replies
-
Usually, the discovery protocol is layer 2 (broadcast or multicast) protocol which cannot pass through layer 3 VPN.
0 -
Auch, ideas to solve this?
If i try to add camera manually in the SW it still doesnt fint it, can this be same reason?
0 -
Activating GRE might solve this?
0 -
Hi @MagnusBorgen,USG does not support multicast on GRE tunnel or site to site VPN tunnel.USG supports IGMP proxy over IPSec VTI.
You need to check what the discovery protocol for camera discovery tool is.0 -
Adding GRE might solve this?
0 -
Hi @MagnusBorgen,
USG supports IGMP proxy over IPSec VTI, so you can configure VTI instead of using GRE tunnel or site to site VPN tunnel.
Here is the FAQ for your reference.
How can I configure IPSec site-to-site VPN by using VTI on the USG ?
0 -
Hi Magnus, just a late post on VTI I saw here.
Should you be still looking for information, I'd suggest SEARCHING this forum. (no need to post them here)
I have added to several threads on VTI with USG's..
It works great.
The zyxel doco offered is a trite light me thinks... ... however you can apply your current USG knowledge on this.
Sadly bonjour and some discovery function don't seem to work as they are not implemented for general use like this ..
HOWEVER you can manipulate application ports with ssh to cause some discovery across your addition LANs on your VTI VPN network. (i.e iTunes & Apple TV, printers and so on across the VTI VPN tunnels)
You'll need to ensure VTI basics such as "identity", and NEXT HOP routes to correct VTIx's .. else it wont go so well.
Attention also to VPN Gateway (id, content , peer etc etc)...
Also for any L2TP VPN connections the once connected can also access hosts across you internal VTI)s) network (s) ..
Make sure that Security policies are set up to allow access to all the USGs you have to you can access them also through the VTI tunnels..
All our hosts / IP devices are accessible via DNS as well. This CAN operate within the VTI network...
works great!
Warwick
Hong Kong0
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight