Ahh Just had a re-read. There may be a few ways you can do this. What I would do tho' is. 1 create internal dns entries for the 4 webcams. 2 Create public dns entries for each of the webcams. Use a dynamic dns hoster if you don't have your own DNS. 3 Publish each camera separately. 4 Create an outgoing TCP protocol definition for 20100 to 40100 5 Create an outgoing allow rule "ONLY " for the cameras using that protocol def. 6 Test 7 Let us know if that works. Steve -----Original Message----- From: Glenn [mailto:glenn.johnston@xxxxxxxxxxx] Sent: Saturday, February 18, 2006 8:39 AM To: ISA Mailing List Subject: [isalist] Web cam through ISA2004SP2 http://www.ISAserver.org Hi, A client has had some vandalism problems, in recent months and has had 4, $350 web cams fitted to the out side of the building, so he can watch from his PC at home, and hopeful ring the polic & get them there while the painting is still ocuring. The cameras are not Rolls Royce units, but are not entry level ones either, to me, they seem to be of reasonable quality, although this is my first dealing with web cams such as these, that are intended for remote monitoring. They connect to the internal LAN, via Cat5e, and get assigned an IP from the DHCP server. I've set the cameras MAC in the DHCP to assign a fixed IP for the each of the 4 cameras. These work through a remote web browser on port 80 connecting to the IP, an applet is downloaded from the camera, and then a random TCP port is set by the camera between 20100 and 40100, for the the applet to receive the image from the camera. From the internal LAN pointing at the IP's of the cameras, they work flawlessly. After a lot of fiddling, the publishing of the port 80 stuff through the ISA2004SP3 & IIS on an internal server is working fine, (by using /CAM1, /CAM2 etc & URL redirection), the applet down loads, starts, and the image viewer opens, but when the camera flicks to the random port it all falls apart. From whats in the manual and the web interface to the camera, there is no way to set it to a fixed port, or even a smaller range. To complicate maters, One of the cameras seems to have a different firmware version, as once this one is viewed, you need to clear the local PC browser cache, before you can view the other 3, and there does not seem to be away to update the firmware. Pitty this was only found after the electrician had installed the units. We can obviousy open all the ports in the range but would like a more secure approach. They don't have inbound VPN or L2TP setup, and don't want to set this up. Has anyone worked with these sort of cameras or have any suggestions on how to securly publish the random port through the ISA server / IIS. He only has a single public IP, my first thought was a router, with port forwarding & nat'ing, but this has issues getting at the cameras as the router needs to forward port 80 to the server for the company web site, and the cameras won't allow changing the port they listen on. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: isalist@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx