run webcam on hotspot mikrotik?

RouterOS General
1

I am trying to run a webcam plugged into ether1.

My backhaul link is on wlan1 and my hotspot is setup on interface wlan2

I am using NAT and have the public IP address of 64.74.213.78 coming to my mikrotik.

I cant seem to get it to go through my mikrotik to the webcam ion ether 1 with and IP of 192.168.251.10

Please help.. the webcam works great if connected locally to the mikrotik.. WE had a deadline of July first.. and that is now.. THe camera is working great, I just need outside connectivitiy

HELP please
javascript:emoticon(‘:oops:’)
Embarassed

2

here is my current setup

[admin@DeerCreek] > export

jan/01/2000 12:34:59 by RouterOS 2.8.27

software id = D0YE-9B0

/ interface ethernet
set ether1 name="ether1" mtu=1500 arp=enabled disable-running-check=yes
auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps
disabled=no
set ether2 name="ether2" mtu=1500 arp=enabled disable-running-check=yes
auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps
disabled=no
/ interface wireless
set wlan1 name="wlan1" mtu=1500 arp=enabled disable-running-check=no
prism-cardtype=200mW radio-name="00026F09A1E7" mode=station
ssid="SurfnetAP6" frequency=2457 band=2.4ghz-b scan-list=default-ism
rate-set=default supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps
supported-rates-a/g="" basic-rates-b=1Mbps basic-rates-a/g=""
max-station-count=2007 tx-power=default periodic-calibration=default
fast-frames=no dfs-mode=none antenna-mode=ant-a wds-mode=disabled
wds-default-bridge=none wds-ignore-ssid=no update-stats-interval=disabled
default-authentication=no default-forwarding=yes hide-ssid=no
802.1x-mode=none disconnect-timeout=3s on-fail-retry-time=100ms
disabled=no
set wlan2 name="wlan2" mtu=1500 arp=reply-only disable-running-check=no
prism-cardtype=200mW radio-name="00026F33AD65" mode=ap-bridge
ssid="Surfnet" frequency=2452 band=2.4ghz-b scan-list=default-ism
rate-set=default supported-rates-b=1Mbps,2Mbps,5.5Mbps,11Mbps
supported-rates-a/g="" basic-rates-b=1Mbps basic-rates-a/g=""
max-station-count=2007 tx-power=default periodic-calibration=default
fast-frames=no dfs-mode=none antenna-mode=ant-a wds-mode=disabled
wds-default-bridge=none wds-ignore-ssid=no update-stats-interval=disabled
default-authentication=yes default-forwarding=no hide-ssid=no
802.1x-mode=none disconnect-timeout=3s on-fail-retry-time=100ms
disabled=no
/ interface wireless nstreme
set (unknown) enable-nstreme=no enable-polling=yes framer-policy=none
framer-limit=3200
set (unknown) enable-nstreme=no enable-polling=yes framer-policy=none
framer-limit=3200
/ interface wireless security
set wlan1 security=none algo-0=none key-0="" algo-1=none key-1="" algo-2=none
key-2="" algo-3=none key-3="" transmit-key=key-0 sta-private-algo=none
sta-private-key="" radius-mac-authentication=no
set wlan2 security=none algo-0=none key-0="" algo-1=none key-1="" algo-2=none
key-2="" algo-3=none key-3="" transmit-key=key-0 sta-private-algo=none
sta-private-key="" radius-mac-authentication=no
/ interface wireless align
set frame-size=300 active-mode=yes receive-all=no
audio-monitor=00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 ssid-all=no
frames-per-second=25 audio-min=-100 audio-max=-20
/ interface wireless access-list
add mac-address=00:02:6F:33:AD:68 interface=wlan1 authentication=no
forwarding=no skip-802.1x=no private-algo=none private-key="" comment=""
disabled=no
add mac-address=00:02:6F:35:30:41 interface=wlan1 authentication=yes
forwarding=yes skip-802.1x=no private-algo=none private-key="" comment=""
disabled=no
/ interface bridge port
set ether1 bridge=none priority=128 path-cost=10
set ether2 bridge=none priority=128 path-cost=10
set wlan1 bridge=none priority=128 path-cost=10
set wlan2 bridge=none priority=128 path-cost=10
/ interface l2tp-server server
set enabled=no mtu=1460 mru=1460 authentication=mschap2,mschap1,chap,pap
default-profile=default
/ interface pptp-server server
set enabled=no mtu=1460 mru=1460 authentication=mschap2,mschap1
keepalive-timeout=30 default-profile=default
/ ip pool
add name="wlan2-pool" ranges=192.168.230.100-192.168.230.254
add name="dhcp_pool1" ranges=192.168.254.100-192.168.254.254
add name="Basic" ranges=192.168.3.100-192.168.3.250
add name="Advanced" ranges=192.168.4.100-192.168.4.250
add name="Premium" ranges=192.168.5.100-192.168.5.250
add name="HotSpot" ranges=192.168.2.100-192.168.2.250
/ ip telephony region
/ ip telephony gatekeeper
set gatekeeper=none remote-id="" remote-address=0.0.0.0
/ ip telephony aaa
set use-radius-accounting=no interim-update=0s
/ ip telephony codec
move G.711-uLaw-64k/sw
move G.711-ALaw-64k/sw
move G.729A-8k/sw
move G.729-8k/sw
move G.723.1-6.3k/sw
move GSM-06.10-13.2k/sw
move LPC-10-2.5k/sw
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=no
set ftp port=21 address=0.0.0.0/0 disabled=no
set www port=8081 address=0.0.0.0/0 disabled=no
set hotspot port=80 address=0.0.0.0/0 disabled=no
set ssh port=22 address=0.0.0.0/0 disabled=no
set hotspot-ssl port=443 address=0.0.0.0/0 certificate=none disabled=no
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip arp
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=66.151.140.2 secondary-dns=192.168.171.1
allow-remote-requests=no cache-size="2048 kB" cache-max-ttl=7d
/ ip address
add address=192.168.254.1/24 network=192.168.254.0 broadcast=192.168.254.255
interface=ether2 comment="" disabled=no
add address=192.168.230.1/24 network=192.168.230.0 broadcast=192.168.230.255
interface=wlan2 comment="" disabled=no
add address=192.168.3.1/24 network=192.168.3.0 broadcast=192.168.3.255
interface=wlan2 comment="" disabled=no
add address=192.168.4.1/24 network=192.168.4.0 broadcast=192.168.4.255
interface=wlan2 comment="" disabled=no
add address=192.168.5.1/24 network=192.168.5.0 broadcast=192.168.5.255
interface=wlan2 comment="" disabled=no
add address=192.168.2.1/24 network=192.168.2.0 broadcast=192.168.2.255
interface=wlan2 comment="" disabled=no
add address=192.168.251.1/24 network=192.168.251.0 broadcast=192.168.251.255
interface=ether1 comment="" disabled=no
add address=64.74.213.78/32 network=64.74.213.78 broadcast=64.74.213.78
interface=wlan1 comment="" disabled=yes
/ ip firewall
set input name="input" policy=accept comment=""
set forward name="forward" policy=accept comment=""
set output name="output" policy=accept comment=""
add name="hotspot-temp" policy=none comment="limit unauthorized hotspot
clients"
add name="hotspot" policy=none comment="account authorized hotspot clients"
/ ip firewall rule forward
add dst-address=192.168.251.10/32 action=accept comment="" disabled=no
add dst-address=192.168.242.242/32:80 protocol=tcp action=accept comment=""
disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add in-interface=wlan2 action=jump jump-target=hotspot-temp comment="limit
access for unauthorized hotspot clients" disabled=no
add action=jump jump-target=hotspot comment="account traffic for authorized
hotspot clients" disabled=no
/ ip firewall rule hotspot
add dst-address=192.168.251.10/32 action=accept comment="" disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept comment=""
disabled=no
/ ip firewall rule hotspot-temp
add flow=hs-auth action=return comment="return, if connection is authorized"
disabled=no
add protocol=icmp action=return comment="allow ping requests" disabled=no
add dst-address=:53 protocol=udp action=return comment="allow dns requests"
disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept comment=""
disabled=no
add action=reject comment="reject access for unauthorized hotspot clients"
disabled=no
/ ip firewall rule input
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept comment=""
disabled=no
add dst-address=192.168.251.10/32 action=accept comment="" disabled=no
add dst-address=64.74.213.78/32 action=accept comment="" disabled=no
add in-interface=wlan2 dst-address=:80 protocol=tcp action=jump
jump-target=hotspot comment="account traffic from hotspot clients to
hotspot servlet" disabled=no
add in-interface=wlan2 dst-address=:80 protocol=tcp action=accept
comment="accept requests for hotspot servlet" disabled=no
add in-interface=wlan2 dst-address=:67 protocol=udp action=accept
comment="accept requests for local DHCP server" disabled=no
add in-interface=wlan2 action=jump jump-target=hotspot-temp comment="limit
access for unauthorized hotspot clients" disabled=no
/ ip firewall rule output
add src-address=:80 out-interface=wlan2 protocol=tcp action=jump
jump-target=hotspot comment="account traffic from hotspot servlet to
hotspot clients" disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=no
set pptp disabled=yes
set gre disabled=yes
set h323 disabled=yes
set mms disabled=no
set irc ports=6667 disabled=no
set quake3 disabled=no
set tftp ports=69 disabled=no
/ ip firewall mangle
add dst-address=192.168.242.244/32:80 protocol=tcp action=accept
mark-flow=hs-auth comment="" disabled=no
add dst-address=64.74.213.78/32 action=accept mark-flow=hs-auth comment=""
disabled=no
add dst-address=192.168.251.10/32 action=accept mark-flow=hs-auth comment=""
disabled=no
/ ip firewall src-nat
add src-address=192.168.251.0/24 action=masquerade comment="" disabled=yes
add src-address=192.168.251.10/32 action=nat to-src-address=64.74.213.78
comment="" disabled=yes
add src-address=192.168.0.0/16 action=nat to-src-address=192.168.242.244
comment="" disabled=no
add src-address=192.168.2.0/24 action=masquerade comment="" disabled=no
/ ip firewall dst-nat
add src-address=192.168.251.10/32 action=nat to-dst-address=64.74.213.78
comment="" disabled=yes
add dst-address=64.74.213.78/32 action=nat to-dst-address=192.168.251.10
comment="" disabled=no
add dst-address=192.168.242.244/32:80 protocol=tcp action=nat
to-dst-address=192.168.251.10 to-dst-port=80 comment="" disabled=no
add in-interface=wlan2 protocol=tcp flow=!hs-auth action=redirect
to-dst-port=80 comment="redirect unauthorized hotspot clients to hotspot
service" disabled=no
add in-interface=wlan2 dst-address=:80 protocol=tcp action=redirect
to-dst-port=80 comment="transparent HTTP proxy for hotspot clients"
disabled=no
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2m tcp-syn-received-timeout=1m
tcp-established-timeout=5d tcp-fin-wait-timeout=2m
tcp-close-wait-timeout=1m tcp-last-ack-timeout=30s
tcp-time-wait-timeout=2m tcp-close-timeout=10s udp-timeout=30s
udp-stream-timeout=3m icmp-timeout=30s generic-timeout=10m
/ ip accounting
set enabled=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip policy-routing
/ ip policy-routing rule
add src-address=0.0.0.0/0 dst-address=0.0.0.0/0 flow="" interface=all
action=lookup table=main comment="" disabled=no
/ ip policy-routing table main
add dst-address=0.0.0.0/0 gateway=192.168.242.1 preferred-source=0.0.0.0
comment="" disabled=yes
/ ip neighbor discovery
set ether1 discover=yes
set ether2 discover=yes
set wlan1 discover=yes
set wlan2 discover=yes
/ ip route
add dst-address=0.0.0.0/0 preferred-source=0.0.0.0 gateway=192.168.242.1
distance=1 comment="" disabled=yes
/ ip dhcp-client
set enabled=yes interface=wlan1 host-name="" client-id=""
add-default-route=yes use-peer-dns=yes
/ ip dhcp-server
add name="HotSpot-DCHP" interface=wlan2 lease-time=14s address-pool=HotSpot
add-arp=yes authoritative=yes disabled=no
add name="dhcp1" interface=ether2 lease-time=3d address-pool=dhcp_pool1
add-arp=no authoritative=no disabled=no
/ ip dhcp-server lease
/ ip dhcp-server network
add address=192.168.2.0/24 gateway=192.168.2.1 netmask=24
dns-server=66.151.140.2 comment=""
add address=192.168.3.0/24 gateway=192.168.3.1 netmask=24
dns-server=66.151.140.2,66.151.140.3 comment=""
add address=192.168.4.0/24 gateway=192.168.4.1 netmask=24
dns-server=66.151.140.2,66.151.140.3 comment=""
add address=192.168.5.0/24 gateway=192.168.5.1 netmask=24
dns-server=66.151.140.2,66.151.140.3 comment=""
add address=192.168.230.0/24 gateway=192.168.230.1 dns-server=66.151.140.2
comment=""
add address=192.168.254.0/24 gateway=192.168.254.1 dns-server=66.151.140.2
comment=""
/ ip hotspot
set use-ssl=no hotspot-address=192.168.230.1 dns-name="66.151.140.1"
status-autorefresh=1m universal-proxy=yes parent-proxy=0.0.0.0:0
auth-requires-mac=no auth-mac=yes auth-mac-password=yes
auth-http-cookie=no http-cookie-lifetime=1d
allow-unencrypted-passwords=no login-mac-universal=no
split-user-domain=no
/ ip hotspot profile
set default name="default" shared-users=1 mark-flow="hs-auth"
login-method=dhcp-pool keepalive-timeout=2m
/ ip hotspot server
add name="HotSpot" dhcp-server=HotSpot-DCHP lease-time=1d login-delay=10s
address-pool=Basic
/ ip hotspot walled-garden
add dst-host="192.168.251.10" dst-port=80 action=allow comment="" disabled=no
add dst-host="64.74.213.78" dst-port=80 action=allow comment="" disabled=no
add dst-host="192.168.242.244" dst-port=80 action=allow comment=""
disabled=no
/ ip hotspot aaa
set use-radius=yes accounting=yes interim-update=1m
/ ip hotspot universal service-port
set ftp ports=21 disabled=no
/ ip ipsec proposal
add name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m
lifebytes=0 pfs-group=modp1024 disabled=no
/ ip web-proxy
set enabled=no src-address=0.0.0.0 port=3128 hostname="proxy"
transparent-proxy=no parent-proxy=0.0.0.0:0
cache-administrator="webmaster" max-object-size="4096 kB"
cache-drive=system max-cache-size=none
/ ip web-proxy access
add dst-port=!443,563 method=connect action=deny comment="allow CONNECT only
to SSL ports 443 [https] and 563 [snews]" disabled=no
/ ip web-proxy cache
add url="cgi-bin \?" action=deny comment="don't cache dynamic http pages"
disabled=no
/ system logging
set default-remote-address=0.0.0.0 default-remote-port=514
disk-buffer-lines=100 memory-buffer-lines=100
/ system logging facility
set Firewall-Log local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set PPP-Account local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set PPP-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set PPP-Error local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set System-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set System-Error local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set System-Warning local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set Telephony-Info local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set Telephony-Error local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set Web-Proxy-Access local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set ISDN-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set Hotspot-Account local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set Hotspot-Info local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set Hotspot-Error local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set IPsec-Event local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set IKE-Event local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set IPsec-Warning local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
set System-Echo local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=yes
set OSPF-Info local=memory remote=none remote-address=0.0.0.0 remote-port=0
prefix="" echo=no
set Wireless-Info local=memory remote=none remote-address=0.0.0.0
remote-port=0 prefix="" echo=no
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0
check-interval=1d user=""
/ system watchdog
set reboot-on-failure=no watch-address=none watchdog-timer=no
ping-start-after-boot=5m
/ system identity
set name="DeerCreek"
/ system serial-console
set enabled=yes port=serial0
/ system gps
set enabled=no set-system-time=no
/ system lcd
set enabled=no type=powertip
/ system lcd page
set time display-time=5s disabled=yes
set resources display-time=5s disabled=yes
set uptime display-time=5s disabled=yes
set packets display-time=5s disabled=yes
set bits display-time=5s disabled=yes
set version display-time=5s disabled=yes
set ether1 display-time=5s disabled=yes
set ether2 display-time=5s disabled=yes
set wlan1 display-time=5s disabled=yes
set wlan2 display-time=5s disabled=yes
/ system routerboard health
set state-after-reboot=enabled
/ system routerboard bios
set
/ system ups
set enabled=no off-line-time=5m min-run-time=5m alarm-setting=immediate
rtc-alarm-setting=none
/ system ntp server
set enabled=no broadcast=no multicast=no manycast=yes
/ system ntp client
set enabled=no mode=unicast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/ port
set serial0 name="serial0" baud-rate=9600 data-bits=8 parity=none stop-bits=1
flow-control=hardware
set serial1 name="serial1" baud-rate=9600 data-bits=8 parity=none stop-bits=1
flow-control=hardware
/ ppp profile
set default name="default" local-address=0.0.0.0 remote-address=0.0.0.0
session-timeout=0s idle-timeout=0s use-compression=no
use-vj-compression=no use-encryption=no require-encryption=no only-one=no
change-tcp-mss=yes tx-bit-rate=0 rx-bit-rate=0 incoming-filter=""
outgoing-filter="" dns-server="" wins-server="" comment=""
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no
redistribute-static=no redistribute-rip=no redistribute-bgp=no
metric-default=1 metric-connected=20 metric-static=20 metric-rip=20
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 authentication=none disabled=no
/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no
redistribute-connected=no redistribute-rip=no redistribute-ospf=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no
redistribute-bgp=no metric-static=1 metric-connected=1 metric-ospf=1
metric-bgp=1 update-timer=30s timeout-timer=3m garbage-timer=2m
/ queue type
set default name="default" kind=pfifo bfifo-limit=15000 pfifo-limit=50
red-limit=60 red-min-threshold=10 red-max-threshold=50 red-burst=20
sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50 pcq-classifier=""
set ethernet-default name="ethernet-default" kind=pfifo bfifo-limit=15000
pfifo-limit=50 red-limit=60 red-min-threshold=10 red-max-threshold=50
red-burst=20 sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50
pcq-classifier=""
set wireless-default name="wireless-default" kind=sfq bfifo-limit=15000
pfifo-limit=50 red-limit=60 red-min-threshold=10 red-max-threshold=50
red-burst=20 sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50
pcq-classifier=""
set synchronous-default name="synchronous-default" kind=red bfifo-limit=15000
pfifo-limit=50 red-limit=60 red-min-threshold=10 red-max-threshold=50
red-burst=20 sfq-perturb=5 sfq-allot=1514 pcq-rate=0 pcq-limit=50
pcq-classifier=""
/ user
add name="admin" group=full address=0.0.0.0/0 comment="system default user"
disabled=no
/ user group
add name="read" policy=local,telnet,ssh,!ftp,reboot,read,!write,!policy,test,w
eb
add name="write" policy=local,telnet,ssh,!ftp,reboot,read,write,!policy,test,w
eb
add name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read

3

I could not tell form your question… what is the ip address of wan2 that has hotspot? Note that wan2 and eithernet port can’t be on same ip subnet/range.

4

Turns out the camera was mis-configured.. I didnt configure it, so it took me awahile to look at the camera.. and sure enough no default gateway was set.. now it is working great!

5

What is the web page for your web cam?

we have a few running as test runs, nothing exciting, but working on them slowly :slight_smile:

http://www.yobbo.co.nz/webcams.htm

6

Live cam offline??? :smiley:

7

we just set up the webcam for the customer that got us a great Access Point location
Soon the webcam will be on hiwy17.com, but first shes working out some camera issues with the camera manufacture.

8

The live camera is for when we do live shows from around CHCH.