Jump to content
Security Installer Community

Dynamic DNS lookup fail on EE


Recommended Posts

Afternoon all,

 

I have a difficult (i think) issue that im hoping somone has had before and can answer.

 

I have installed a Hik Vision NVR in to a residential property and used a dynamic DNS domain to route the app through to the NVR.

 

The internet provider is one that blocks internal traffic entering via a dyndns (sky) so they have an internal IP login as well as an external dyndns one.

 

The internal login works perfectly as you would expect, its only using the internal IP address afterall.

 

The external dyndns throws up a connection failed error. Now i hear you say your a donut and you have not set it up properly but hear me out please.

 

On my phone (three is my provider) the system will log in via the app instantly via the dyndns name whether i am on a wifi network or 4g/3g. I can also use safari to go to the dyndns domain and log in to the NVR remotley.

 

The clients phone will not discover the domain via safari and their provider is EE. The Hik App will not connect to the nvr via the domain name, only th einternal IP.

 

I can sit in the office, ping the domain and it replies, i can log in to the domain via IE, Chrome or firefox no problem. I have checked and dyndns has updated the external IP.

 

Can anyone throw any suggestions at me, i feel like ive checked everything with no other thoughts left bar its an EE dns lookup issue

 

Hoping somene A understands my ramblings above and B has a suggestion or two bar calling EE and trying to explain the issue to them :(

 

Alex

 

Link to comment
Share on other sites

7 minutes ago, SFB Solutions said:

Afternoon all,

 

I have a difficult (i think) issue that im hoping somone has had before and can answer.

 

I have installed a Hik Vision NVR in to a residential property and used a dynamic DNS domain to route the app through to the NVR.

 

The internet provider is one that blocks internal traffic entering via a dyndns (sky) so they have an internal IP login as well as an external dyndns one.

 

The internal login works perfectly as you would expect, its only using the internal IP address afterall.

 

The external dyndns throws up a connection failed error. Now i hear you say your a donut and you have not set it up properly but hear me out please.

 

On my phone (three is my provider) the system will log in via the app instantly via the dyndns name whether i am on a wifi network or 4g/3g. I can also use safari to go to the dyndns domain and log in to the NVR remotley.

 

The clients phone will not discover the domain via safari and their provider is EE. The Hik App will not connect to the nvr via the domain name, only th einternal IP.

 

I can sit in the office, ping the domain and it replies, i can log in to the domain via IE, Chrome or firefox no problem. I have checked and dyndns has updated the external IP.

 

Can anyone throw any suggestions at me, i feel like ive checked everything with no other thoughts left bar its an EE dns lookup issue

 

Hoping somene A understands my ramblings above and B has a suggestion or two bar calling EE and trying to explain the issue to them :(

 

Alex

 

Does it connect via the hik P2P on his phone?

Link to comment
Share on other sites

25 minutes ago, SFB Solutions said:

The internet provider is one that blocks internal traffic entering via a dyndns (sky) so they have an internal IP login as well as an external dyndns one.

Sounds like a NAT loopback issue.

 

27 minutes ago, SFB Solutions said:

I can sit in the office, ping the domain and it replies, i can log in to the domain via IE, Chrome or firefox no problem. I have checked and dyndns has updated the external IP.

So you have proved the port forwarding and the DDNS/DNS from off site.

 

25 minutes ago, SFB Solutions said:

The clients phone will not discover the domain via safari and their provider is EE.

So it's just that device then? Have you tried a DNS check on the problem device?

 

40 minutes ago, SFB Solutions said:

The clients phone will not discover the domain via safari and their provider is EE. The Hik App will not connect to the nvr via the domain name, only th einternal IP.

DDNS was not up to date when this test was done?

 

12 minutes ago, SFB Solutions said:

I have inserted the ISP dns and the local router up address in to the secondary dns and this hasn’t worked.

Either switch the DNS service to something else or leave it default. The sites DNS must be working so changing these is unlikely to help.

Link to comment
Share on other sites

Hi All,

 

Quote

 

So you have proved the port forwarding and the DDNS/DNS from off site. Yes, works perfectly on all devices bar EE mobile data

 

So it's just that device then? Have you tried a DNS check on the problem device? No, not sure you can do this on an iphone?

 

DDNS was not up to date when this test was done? No it was up to date, the phone just cant find the url for some reason

 

Either switch the DNS service to something else or leave it default. The sites DNS must be working so changing these is unlikely to help. I have changed the DNS on the Hik unit to the Sky DNS and the secondary to the internal NVR IP

 

I have been in a chat all morning with the EE technical team who seem to think they block any sort of port forwarding over their network, this could be the issue, i have also left a message for a tech guy in their community forum and hoping he can come up with some ideas.

Today i will visit the customer and try and use the P2P QR code link rather than the port forward and see if this tricks the EE network in to allowing it through

Edited by SFB Solutions
Link to comment
Share on other sites

32 minutes ago, SFB Solutions said:

Hi All,

 

 

I have been in a chat all morning with the EE technical team who seem to think they block any sort of port forwarding over their network, this could be the issue, i have also left a message for a tech guy in their community forum and hoping he can come up with some ideas.

Today i will visit the customer and try and use the P2P QR code link rather than the port forward and see if this tricks the EE network in to allowing it through

So basically ee full of it and talking rubbish.....

Link to comment
Share on other sites

P2P should work, no tricks needed.

EE have been known for blocking ports but this would normally be outbound to stop you hosting services like port 80. If I understand correctly your EE side is the client?

Also if I follow correctly you seem to have no issues from the client using the WAN IP? This ruling out blocked ports.

Set the secondary DNS to itself? Just set NVR DNS1/2 to a trusted external DNS provider.

 

I recall a thread a while back of something similar with new Hik units?

I remember having a inkling it could be a Double NAT issue due to ISP (CGN) especially knowing the companies mentioned (EE, Sky VM etc)

You would need to traceroute your DNS to diagnose that. I think this is what the guy from EE is trying to explain in simple terms.

Link to comment
Share on other sites

Yes P2P has worked fine but it feels like ive cheated

 

Yes EE were saying they block port forwarding but it isnt the phone thats doing the port forwarding.

 

Yes the clients phone is on an EE contract

 

Yes RE DNS, this was on the suggestion of Hik Tech support, i thought it best to speak to them about the issue prior to EE. I normally set DNS to google or alike.

 

Thank you for your help

 

Ive had the same issue on another client on EE but with a Qvis unit now, goign to try P2P with them also.

Link to comment
Share on other sites

Small update for those that are interested.

 

I installed a Qvis system for a client yesterday and they had a phone on EE.

 

i created the dyndns domain and port forwarded as usual and it worked fine, however this was the older style Explorer app qvis kit not the newer Super Live Plus. 

 

So, i think EE are only blocking a particular port that the newer DVR/NVR's are using maybe port 554?

Link to comment
Share on other sites

1 hour ago, SFB Solutions said:

Small update for those that are interested.

 

I installed a Qvis system for a client yesterday and they had a phone on EE.

 

i created the dyndns domain and port forwarded as usual and it worked fine, however this was the older style Explorer app qvis kit not the newer Super Live Plus. 

 

So, i think EE are only blocking a particular port that the newer DVR/NVR's are using maybe port 554?

Qvis version dont use superliveplus? That's a tvt machine that qvis have started to supply called viper , unless your saying there explorer version has been modified to work on superliveplus

 

Explorer is there new app , forgot what the old one was called which can no longer be downloaded even though electricians still sell what's left confuses them as box has old app on it

Link to comment
Share on other sites

The quattro uses the Explorer and the Viper the Super Live Plus, both i buy through Qvis but not sure if it is actually theirs or just a rebrand.

 

Im phasing away from quattro and on to Viper now really but the Viper works over three ports where as the quattro just the one (34567)

Link to comment
Share on other sites

31 minutes ago, SFB Solutions said:

The quattro uses the Explorer and the Viper the Super Live Plus, both i buy through Qvis but not sure if it is actually theirs or just a rebrand.

 

Im phasing away from quattro and on to Viper now really but the Viper works over three ports where as the quattro just the one (34567)

Viper they is just the cheaper version that tvt make but better than there other brands imo , I don't buy it from them myself but know that versions they sell , all made by TVT including the domes bullets associated with the viper , all tvt products 

Link to comment
Share on other sites

  • 3 weeks later...

NAT loopback is provided or can be enabled on some routers to allow a LAN address to access a server/port that is forwarded to your WAN.

Some consumer end routers may have a firmware upgrade that will enable it, like some Netgears.

Higher end stuff it may work OOTB or need to be setup or switched on manually.

Basically avoid cheap ISP provided routers.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.