ATT Uverse (Motorola NVG589) and getting IP Cams to work with Bridged Router

I just wanted to make a post to all of those sites out there where people are trying to get their Wireless IP Cams to work with their newer modeled Motorola NVG589 wireless router that gets installed when you have ATT Uverse.  I have been troubleshooting this issue for a few days, and finally got it working after doing much searching and much troubleshooting.  My kids were not as thrilled after all the reboots of modems/routers and cameras that I went through to get this working.

So here is what I was trying to setup and what I had to do:

Camera – Foscam 8910W
Foscam 8910W

Cable Modem – ATT Uverse Provided Motorola NVG589 Wireless Router/Modem
Motorola nvg589 ATT Uverse Cable Modem

Wireless Router – Netgear Nighthawk R7000
Netgear 7000

 

So here is the situation:

We recently moved into a new home, and at that time ATT provided us with their newer modeled wireless router to use with our cable tv’s and our DSL Internet.  Having a wireless camera I decided to set it up and get it to work for some basic home security measures… that’s when the fun started.  I was able to get it to work pretty easily on my wireless network that I had running through my Netgear Wireless router.  The reason I decided to get another router, instead of using the ATT provided one, is that the Motorola one provided is only B/G/N compatible.  The house we have is actually pretty long, not a square-type house, but actually more rectangular in design.  So the N range does not work for me.  So we purchased an AC router, which still wasn’t quite enough, so I even had to purchase the Netgear Extender Router, but that doesn’t come into play here.  So with all of my Internet connected devices using my Netgear, this leaves me with 2 wireless devices being broadcast from my home.  No big deal.  Just something I thought might come in handy some day.

Now we move to the camera and wanting it on the Internet to check on things when we are away.  So now that I had the camera setup on my Internal network, and I was able to use my laptop to browse the local Internal IP address of the camera to see it working, I decided lets make it viewable from the outside network.  So I used my IT background and setup port forwarding on my Netgear Router, nope, no worky.  I tried a few setting changes, nope, still no worky.  A co-worked of mine told me to download this app on the Android OS called IP Cam Viewer Basic (Love this app, and I actually purchased the full version for 3.99 after I got everything working).  This app was something quick and easy for me to use to see if things worked from the outside world, and was pretty self explanatory on configuring the camera from within the app.

Well after downloading the app, typing in my external IP, it still didn’t work.  That got me really thinking, and then it dawned on me… I bet it’s because I am using my Netgear router instead of my ATT (Motorola) one, and that somehow the Port Forwarding was working right (this was to be the thing that finally clicked for me and get it working in the end).  So I configured the Camera to work on the ATT (Motorola) wireless network, and then BAMMM the Internal IP camera was working from my laptop browser and the IP Cam Viewer App starting working from my external IP address I had programmed in the app.  So I thought I was all good!   Well that was not true.

I go to work to show my friends what I had setup, and nope… the camera would not show up.  I was using the Cell Phone network to try to connect to the External IP I had setup, but it didn’t work.  So back home for the next 3-4 days, I worked and worked on trying to get this working.  Many, many Google searches found many others having the same issue, where the camera would work internally, but not work outside their house or ISP.  So finally I found an article and one YouTube that brought it all home for me and this is what I did to get it finally working.

Article that got me thinking in the right direction – ATT Forums
This guy/gal got me thinking:

Jun 10, 2014 11:05:55 AM
Edited by tgcounts on Jun 10, 2014 at 6:16:07 PM

Yes, this is very frustrating.  I just had my NVG589 installed as an upgrade from the 2-Wire and now I’m having no luck w/ port forwarding.  This can’t just ‘not work’…at least it’s hard to imagine in 2014 that ATT would send out a router with these limitations.  There has to be a missed setting (I hope).  My installer just said plug in the 2-wire router with the NV589 and it would magically work…amazing.  Of course, he bolted as he was saying this. 

OK, hours later, after trying almost every combination and driving my kids nuts w/ rebooting, I caved and installed a passthrough router.  Since I have 6 cameras and several other items w/ static IPs with 192.168.1.x, I made a few adjustments different than what the others recommend.  I changed my NVG589 (apparently that means “Not Very Good”) to 192.168.2.254 so I could keep my 192.168.1.xxx in my original router.   I pass a WAN address of 192.168.2.253 to the router and have that as my static router WAN address.  Once I did that and did DefaultServer Passthrough to the same WAN address, everything just worked again.  What a pain.  How sad this couldn’t be anything normal.

Then I went to Youtube looking for some additional help, in case I was doing the Passthrough settings wrong – YouTube Video

The YouTube shows the model of Motorola version before the newest version, but the setup was pretty much the same.

So the big finale 🙂

What I was doing wrong, and what I think most people are doing is setting up their camera to use either the ATT Motorola or their wireless router and not configuring the routers to forward correctly.  From what I read, the new ATT Uverse modem/routers do not make it easy to Port Forward by default, and setting them up is left for their professionals, because I now see that ATT is in the home wireless security arena and that they really want you to purchase their service and pay them a monthly fee for the service.  But for those of us who want our own setups, or have existing cameras/DVRs, and have already paid for them and don’t want to pay a monthly service, are SOL, unless we figure it out ourselves.  Reading the many forums and from doing many searches, it seems that the support from ATT/Motorola peeps don’t really know what to do to get it working properly.

Here is what I did to get mine working:

  1. Go into your ATT Uverse Motorola Modem/Router and turn off the wireless feature.  (Watch the videos above to see the exact steps and screenshots)  Home Network – Wireless – Wireless Operation – Off
  2. Next make your ATT router only give out one IP address in the DHCP settings.  (Home Network – Subnets & DHCP – DHCPv4 Start Address and DHCPv4 End Address)  This makes it only a one device modem/router, and will make it so that you pass all the Internet traffic to your “other” router on your Internal Network.  I made the IP address one number less than the router’s IP, it was 192.168.1.254, so I made it .253.
  3. While in your ATT router go to the Firewall and then IP Passthrough screen and use that single IP you selected in the step above as the Manual Entry.  Make sure to select the Allocation Mode as Default Server.
  4. Once that is done and saved, go to your other router and make the changes so that it has the .253 (or whatever you numbered it) on the LAN settings on your “other wireless router”.  I have a Netgear Nighthawk R7000 so those settings are listed under the Internet area of the Netgear Genie window screen:
    Router Config R7000
  5. Now make your Port Forwarding rules on your “non-ATT” router (Netgear settings are here: )Click on the Advanced Tab – Advanced Setup – Port Forwarding/Port Triggering
  6. Click Add Custom Service – Under Service Name type in what you want to call it, then leave the Service Type – for the External Starting Port and External Ending Port type in a port ### – then select your IP Camera, which should be listed in the list of IP’s – Click Apply.
  7. Then I went to this site to see if the External facing IP along with the port number were working properly – Can You See Me
  8. You should see this message from the website : Success: I can see your service on XX.XX.XX.XX on port (XXX).

I then confirmed that it was working by going to my cell phone and using my IP Camera Viewer App and I could finally get to my IP Camera from the outside world!  After a week of playing with many settings and many reboots later I got it working and have been running without any issues for a whole 3 hours.  I noticed that with the IP Cam Viewer App, if I wanted to use my cell phone or tablet, I had to use my Internal or local IP address to see the camera if I was using it while at home.  So I just setup two camera settings in the app, one for when I am at home, and one for when I am outside of my local network.  But all in all it works as advertised, and I didn’t have to give up and get ATT to setup their “new security service” for my home needs.

Hopefully this write-up will assist others who have similar setups as I have, and will not have to work through the headaches I had to go through.

The Original BullGod

 

Windows 2008 IIS7 Self Signing Certs

Windows 2008 Self Signing Certs (IIS7)

Before binding SSL rules to our new site, we need to first import and setup a security certificate to use with the SSL binding.

  1.  Certificates are managed in IIS 7.0 by clicking the root machine node in the left-hand tree-view explorer, and then selecting the “Server Certificates” icon in the feature pane on the right:
  2. This will then list all certificates registered on the machine, and allow you to optionally import and/or create new ones.
  3. I could optionally go to a certificate authority like Verisign and purchase a certificate to import using this admin UI.  Alternatively, I can create a “self-signed certificate” which is a test certificate that I can use during the development and testing of my site.  To-do this, click the “Create Self-Signed Certificate” link on the right-hand side of the admin tool:
  4. Enter a name to use for the certificate (for example: “test”) and hit ok.  IIS7 will then automatically create a new self-signed crypto certificate for you and register it on the machine:

http://weblogs.asp.net/scottgu/archive/2007/04/06/tip-trick-enabling-ssl-on-iis7-using-self-signed-certificates.aspx

Self-signed SSL Certificates on IIS7 and Common Names

  1. Copy SelfSSL.exe to local computer.  (Download this file from the Internet.)
  2. Create the Self-Signed Certificate using the Wizard. (Done above)
  3. Run this command on the server to change the Site ID (Issued To, Issued By) SelfSSL /N:CN=somename.com /K:1024 /V:365 /S:1 /P:443
  4. Test new Cert and install the Cert when prompted.  (If needed, go to the SitesàSitename, and then click on Bindings and add the https: and associate it with the new Cert.)