Firewall Configuration for Secure Networks
Firewall Configuration for Secure Networks
The Eagle Eye Cloud VMS and its bridge hardware is specifically designed to be highly secure and only uses utilizes TCP and UDP connections to transmit data to the cloud. If you restrict outbound connections on your local firewall, here is the IPv4 and port information you will need.
There can be no proxies or similar application-layer filtration devices between the Eagle Eye Bridge and the Internet, and multicast must be enabled so the bridge can detect cameras (if the bridge and cameras are on the same subnet, generally this isn’t a problem). UPNP is NOT required (the bridge won’t use it if enabled).
For further information on the ONVIF camera discovery protocol we use, see this article on WS-Discovery. Web Service Discovery is an OASIS industry standard and generally works without much effort on most internal networks. You should not need to adjust your firewall to get it to work unless there are additional firewalls between your bridge and cameras
Outbound Ports for the Eagle Eye Bridge
The following TCP and UDP ports are used by the Eagle Eye Bridge. All connections are outbound-only, meaning that the bridge connects outbound and never accepts inbound connections (generally, you do NOT need to set up NAT rules).
80/TCP # Used to discover video termination endpoints in the cloud
443/TCP # Used to transfer video to the cloud (TLS 1.2+)
773/TCP # Used to transfer video to the cloud (TLS 1.2+)
8081/TCP # Used occasionally to test video transfer to the cloud
8082/UDP # Used to transfer video metadata to the cloud
50000-60000/TCP # Used occasionally to provide remote troubleshooting and maintenance
(Secured via SSL)
Ports 80 and 443 are utilized for firmware management. If these ports are filtered or blocked it can cause failed updates for our systems.
Ports 8081 and 8082 are utilized for the preview stream. If this port is filtered or blocked it will impact the preview stream stability and quality.
Outbound IPs for the Eagle Eye Bridge
Should you need to restrict the Eagle Eye Bridge to a specific set of IP addresses, the following is the list of Eagle Eye IP addresses you should allow, in CIDR format:
| 192.40.4.0/23 |
| 199.45.160.0/22 |
Also ensure that your Firewall has our DNS sites whitelisted as well. Those sites are as follows:
*.eagleeyenetworks.com
*.plumv.com
*.eencloud.com
Outbound Ports for the Eagle Eye Web and Mobile Applications
Independent of the bridge, the Eagle Eye Web and Mobile Applications for PCs, tablets, and phones also need to connect to the cloud to retrieve video, set settings, and so on. The ports required for this are:
80/TCP # HTTP -> SSL Redirect Only
443/TCP # Web user interface
50000-60000/TCP # Secure video transfer
The IP addresses are generally the same as for the bridge.
Outbound Ports for CameraDirect
Camera Direct uses the following TCP ports. All connections are outbound-only, meaning that connections are outbound and never accept inbound connections (so you do NOT need to set up e.g. NAT rules as a general rule).
80/TCP # Used to discover video termination endpoints in the cloud
443/TCP # Used to discover video termination endpoints in the cloud
8181/TCP # Used to transfer video to the cloud
Eagle Eye Camera Direct Subnets |
Apart from these, the IP’s which are used by “Outbound IPs for the Eagle Eye Bridge”, also need to be allowed.
Eagle Eye utilized the 2.centos.pool.ntp.org server for NTP. Usually through port 223 as is the standard.
For support please email: support@een.com
or give us a call at: 512-473-0501
US: +1-512-473-0501
EU: 31 (0) 20 26 10 460
ASIA PACIFIC: 81-3-686-5527
#1 In Cloud Media Video Surveillance Worldwide
Copyright Eagle Eye Networks. All rights reserved.
Related Articles
Adjusting Network Settings on an Eagle Eye Bridge
Adjusting Network Settings on Eagle Eye Networks Bridge By default, all of our devices are configured fully DHCP (for WAN and CamLAN). In order to reconfigure these settings you will need a keyboard and monitor. If you see cameras displayed on the ...Hikvision Camera Configuration Guide
Hikvision Camera Configuration Guide This guide illustrates how to configure Hikvision cameras for integration with the Eagle Eye Security Camera System. Hikvision's SADP Tool and Camera Activation Download Hikvision's SADP Tool Navigate to ...ファイアウォールの設定
イーグルアイクラウドVMSとブリッジは、安全性が高くなるように設計されており、アウトバウンドのTCPおよびUDPでの接続のみ使用してクラウドと通信します。 ローカルファイアウォールでアウトバウンド接続を制限する場合、必要なIPv4およびポート情報を以下に示します。 イーグルアイブリッジとインターネットの間にプロキシまたは同様のアプリケーションレイヤーフィルターデバイスを配置することはできません。 ...Hikvision DVR/Encoder Configuration Guide
Hikvision DVR/Encoder Configuration Guide Requirements: A Windows computer with the ability to be set statically Internet Explorer An Ethernet cable A supported Hikvision Encoder/DVR Check here to check if your Hikvision DVR/Encoder is supported. In ...Amcrest Camera Configuration Guide
Amcrest Camera Configuration Guide The guide provides detailed steps on the configuration of Amcrest cameras for use with an Eagle Eye bridge/CMVR. Step 1: VPN or log directly into the Amcrest camera. Click the button next to the camera in Available ...