• Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Foscam R2 with Lenovo Smart Tab [SOLVED]

    Foscam
    2
    95
    8543
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      skarragallagher last edited by

      Demo Proxy (Showed splash page, connecting to Demo Proxy, 5 seconds later, “Camera Doesn’t Support That”)

      Note, i performed the two full times in the capture because i was in the other room the first time so i wanted to be sure to capture the behavior

      From Firewall (USG)
      https://1drv.ms/u/s!AsWlCkfB-HIupU0PijjS-dPLjdT2?e=9goaH9

      From Access Point (UAP)
      https://1drv.ms/u/s!AsWlCkfB-HIupU45oMRbeFJetz7t?e=5MMG4U

      I do see the UDP port errors but i will take a closer look at the captures as it looks to have significantly more information than the previous console dumps.

      Thanks again

      1 Reply Last reply Reply Quote 0
      • S
        skarragallagher last edited by

        So in my analysis (its been a while since my CCNA has expired) comparing Demo Direct to Demo Proxy on the Access Point Capture:

        We see the handshake process appears to succeed in both demo proxy and demo direct however we see the previously noted UDP port unreachable error shortly after. The Direct one starts flowing video UDP frames where the proxy appears to get disconnected from the amazon server which appears to be proxying or tunneling everything.

        No direct connections anywhere. Very interesting.

        Monocle 1 Reply Last reply Reply Quote 0
        • Monocle
          Monocle @skarragallagher last edited by

          @skarragallagher said in Foscam R2 with Lenovo Smart Tab:

          Yes, that’s what I was starting to think as well. The Demo Direct stream is hosted on an Amazon EC2 server, but not using the IP address or EC2 hostname that you are getting in the capture log. Also, I’m certain that we are not exposing any UDP ports from this demo server, only TCP ports 443 and 554.

          So it “feels” like some middleware is connecting to the stream and then re-proxying the stream via UDP to your Alexa tablet. That seems far fetched to me, but would explain what we are seeing.

          In that light … as a test, you could try exposing your Monocle Gateway instance publicly over the Internet and then we can see if the tablet can then establish a connection to your gateway instance and access the camera streams. To do this you would need to be able to expose port 443 on your Internet gateway/router and point it internally to the gateway instance. Additionally, you would need to configure the Monocle Gateway with your custom public IP address instead of the auto-detected private/internal IP of the gateway server. Please see: https://monoclecam.com/monocle-gateway/custom-configuration#override-auto-detected-ip-address

          On restarting the gateway, it should display a config like this:

          -------------------------------------------------
          MONOCLE RTSP SERVICE - INITIALIZED
          -------------------------------------------------
          FQDN = 46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io
          HOST = X.X.X.X (YOUR PUBLIC IP ADDRESS)
          PORT = 443
          -------------------------------------------------
          

          And if you attempt to resolve 46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io it should resolve (DNS) to your public IP. Please note that it may take an hour or so for the DNS IP change to fully propagate.


          As for your offer to send along a Lenovo Smart Tab, I appreciate the offer but would certainly prefer if we can figure this out without all that hassle. So lets hold off on that and see if we can learn a bit more about what’s really going on with this EC2 server and UDP packets.

          Thanks, Robert

          Monocle: https://monoclecam.com
          Getting Started | Troubleshooting Guide | FAQ | Contact Support

          1 Reply Last reply Reply Quote 0
          • S
            skarragallagher last edited by skarragallagher

            @Monocle
            Thanks Robert,
            I have a dynamic IP address assigned to my public interface. I use a Dynamic DNS provider. Can I use a namespace instead of the public address since it will change when DHCP refreshes?

            1 Reply Last reply Reply Quote 0
            • S
              skarragallagher last edited by

              I opened up a port forwarding rule for port 443
              Edited the config and adjusted the host with my current public IP

               ******************************************************************
               *             __  __  ___  _  _  ___   ___ _    ___              *
               *            |  \/  |/ _ \| \| |/ _ \ / __| |  | __|             *
               *            | |\/| | (_) | .` | (_) | (__| |__| _|              *
               *            |_|  |_|\___/|_|\_|\___/ \___|____|___|             *
               *                                                                *
               ******************************************************************
              
              
              -------------------------------------------------
              MONOCLE RUNTIME ENVIRONMENT
              -------------------------------------------------
              VERSION   = 0.0.4-3
              OS/ARCH   = win32\x64
              PROCESS   = monocle-gateway (PID=31116)
              TIMESTAMP = 2020-01-24T18:33:24.579Z
              
              -------------------------------------------------
              MONOCLE GATEWAY SERVICE         (Version: 0.0.4-3)
              -------------------------------------------------
              [Monocle Starting]
              [Monocle Connecting]
              [Monocle Started]
              [RTSP Server Starting]
              [RTSP Server Listening] 0.0.0.0:8555 (RTSP)
              [RTSP Server Listening] 0.0.0.0:443 (RTSP-TLS)
              [RTSP Proxy Started] (PID=34472)
              [RTSP Server Listening] 0.0.0.0:8554 (PROXY)
              [RTSP Server Started]
              [Monocle Connected]
              [RTSP Server Registered]
              
              -------------------------------------------------
              MONOCLE RTSP SERVICE - INITIALIZED
              -------------------------------------------------
              FQDN = 46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io
              HOST = 108.231.61.93
              PORT = 443
              -------------------------------------------------
              

              DNS is showing correct for internal and external

              C:\>nslookup 46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io
              Server:  ubnt
              Address:  192.168.1.1
              
              Name:    46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io
              Address:  108.231.61.93
              
              
              C:\>nslookup 46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io 8.8.8.8
              Server:  dns.google
              Address:  8.8.8.8
              
              Non-authoritative answer:
              Name:    46224620-b4e1-424d-abce-1ddb866d01f8.mproxy.io
              Address:  108.231.61.93
              

              I will wait a couple hours to make sure DNS propagates before testing. I will produce some pcap files as well from the access point

              1 Reply Last reply Reply Quote 0
              • S
                skarragallagher last edited by

                Boooom! we have Demo Proxy working

                Monocle 1 Reply Last reply Reply Quote 0
                • Monocle
                  Monocle @skarragallagher last edited by Monocle

                  @skarragallagher

                  WOW. Just WOW. I can’t believe they are proxying the stream like this. This is not the case for any other Alexa devices that we have worked with. This of course adds latency and is potentially very undesirable from a security standpoint as your audio and video data is getting passed through some server. The packets are encrypted, but still.

                  Is it working now for your real Foscam camera stream? Make sure to use @tunnel and the camera has “Foscam” listed as the manufacturer in the Monocle web portal.

                  I have a dynamic IP address assigned to my public interface. I use a Dynamic DNS provider. Can I use a namespace instead of the public address since it will change when DHCP refreshes?

                  Not without some changes – but it should be possible. The Alexa system will only connect to DNS hostnames with valid SSL certificates. Do you want to setup a real SSL certificate for your domain? Apart from acquiring the SSL certificate, we would also need to provide some configuration method to allow your to include your own certificate and private key to the Monocle gateway on startup.

                  Thanks, Robert

                  Monocle: https://monoclecam.com
                  Getting Started | Troubleshooting Guide | FAQ | Contact Support

                  1 Reply Last reply Reply Quote 0
                  • S
                    skarragallagher last edited by

                    Very interesting indeed and ironically different than any other alexa device is even more boggling.

                    thank you for working with me on this, i really appreciate it.

                    I think a simpler solution would be to configure my IP with a static. I think direction i would go with this. I keep getting these nagging monthly mails to update my DNS record etc… so it would do away with that.

                    I expect more of these devices like this to come out though. Would be nice to see continued development on this. At least we have a workaround at this point.

                    1 Reply Last reply Reply Quote 0
                    • S
                      skarragallagher last edited by

                      Yes btw the foscam works!!!

                      Monocle 1 Reply Last reply Reply Quote 0
                      • Monocle
                        Monocle @skarragallagher last edited by

                        @skarragallagher

                        Glad to hear the Foscam is working.

                        If we are going to leave port 443 open to the Internet it would be prudent for us to add some form of authentication to the monocle service to prevent unauthorized access. The current exposure is pretty limited but security by obscurity is really not a good solution. At the moment any consumer would need to know the unique STREAM ID and SESSION ID to be able to get access to any camera streams but a proper authentication mechanism would be better.

                        Thanks, Robert

                        Monocle: https://monoclecam.com
                        Getting Started | Troubleshooting Guide | FAQ | Contact Support

                        S 1 Reply Last reply Reply Quote 0
                        • S
                          skarragallagher @Monocle last edited by

                          @Monocle

                          Yes i agree. I will work on adding the Static IP address to my internet plan. I am assuming that auth would be handled on the gateway which would mean the a new version would need to be developed by you?

                          If i can assist in any way by testing or whatever you need, i happy to do so. I really appreciate the help in getting this to work.

                          Many Thanks!
                          Ryan

                          Monocle 1 Reply Last reply Reply Quote 0
                          • Monocle
                            Monocle @skarragallagher last edited by

                            @skarragallagher

                            Yes we will need to add support for this in the software … let me look into this next week and maybe we can get a copy out to test with .

                            Thanks, Robert

                            Monocle: https://monoclecam.com
                            Getting Started | Troubleshooting Guide | FAQ | Contact Support

                            1 Reply Last reply Reply Quote 0
                            • S
                              skarragallagher last edited by

                              Thanks, i have most of cameras working now. My doorbird is not working and then a few combined views from BlueIris but i haven’t spent time investigating.

                              I created a couple other support threads in the lenovo forums
                              https://forums.lenovo.com/t5/Lenovo-Smart-Tablets-with-Amazon/Lenovo-smart-tab-m10-Camera-Streaming/m-p/4633642/highlight/false

                              We will see if the can escalate this and resolve this as well although we have a workaround.

                              No rush, but once you have a version you would like to test let me know here and i will give it a go.

                              Monocle 1 Reply Last reply Reply Quote 0
                              • Monocle
                                Monocle @skarragallagher last edited by

                                @skarragallagher

                                Just a small update … we have added support for a configuration property to automatically detect your public IP address instead of you having to manually define it.
                                Please see: https://forum.monoclecam.com/topic/485/access-cameras-from-2nd-site-solved/10

                                Plan on looking into the authentication improvement this week.

                                Thanks, Robert

                                Monocle: https://monoclecam.com
                                Getting Started | Troubleshooting Guide | FAQ | Contact Support

                                1 Reply Last reply Reply Quote 0
                                • S
                                  skarragallagher last edited by

                                  Thank you for tagging me here. I implemented this and it seems to be working with that new function.

                                  Looking forward to testing whenever you are ready. Thanks for following up

                                  1 Reply Last reply Reply Quote 0
                                  • S
                                    skarragallagher last edited by

                                    @Monocle

                                    Im not seeing a way to get the log file. I saw the article on this but the logfile is not created

                                    Monocle 1 Reply Last reply Reply Quote 0
                                    • Monocle
                                      Monocle @skarragallagher last edited by

                                      @skarragallagher

                                      Well … its should be creating a log file (monocle-gateway.log) adjacent to (in the same folder as) the monocle-gateway.exe when running on a Windows machine. That is if you are running it as a service. If you are just launching the executable directly, then there is no log file but the same contents should be printed on screen while the executable is running in a command shell.

                                      Thanks, Robert

                                      Monocle: https://monoclecam.com
                                      Getting Started | Troubleshooting Guide | FAQ | Contact Support

                                      1 Reply Last reply Reply Quote 0
                                      • S
                                        skarragallagher last edited by

                                        5e1cae32-f5c8-4552-8faa-e75939c1616d-image.png

                                        Monocle 1 Reply Last reply Reply Quote 0
                                        • Monocle
                                          Monocle @skarragallagher last edited by

                                          @skarragallagher

                                          Well, that is confusing :-)

                                          I wonder if it’s getting written to a working directory instead. Can you do a search for “monocle-gateway.log” and see if its getting written somewhere else?
                                          It’s possible it’s not getting written anywhere, but that is a function of the “nssm.exe” utility that turns this monocle-gatesway.exe into a service.

                                          PS, working on gateway authentication and security today.

                                          Thanks, Robert

                                          Monocle: https://monoclecam.com
                                          Getting Started | Troubleshooting Guide | FAQ | Contact Support

                                          1 Reply Last reply Reply Quote 0
                                          • S
                                            skarragallagher last edited by

                                            I will do a search, i was thinking it was being written somewhere else.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Privacy Policy  |  Terms & Conditions

                                            © 2018 shadeBlue, LLC.