Troubleshooting Network Diagnostics
Diagnostic Details
To view Diagnostic Details, view the Network Configuration > Diagnostics menu in recorder Setup .
- Network Connection (This pings the gateway setup on the recorder)
- Can fail if internal ICMP is disabled on the gateway/router. There are cases where this can fail, but network is functioning.
- Internet Connection (This attempts to ping 8.8.8.8 – Google DNS server)
- Can fail if behind a firewall that does not allow ICMP traffic to 8.8.8.8. In this case, OWS may still work if proper allowlisting has been done.
- DNS Resolution (Attempts to resolve www.openeye.net)
- DNS resolution is required for many aspects of the OWS connection. This should NOT be in a failed state at any time.
- 80 Outbound (HTTP connection to port 80 of 'cloudApiUrl' branded host: Default is restapi.gp4f.com.)
- URL may change due to branding within OWS
- Check is required for OWS communication and is covered in the URL allowlist document.
- 443 Outbound (HTTPS connection to port 443 of 'cloudApiUrl' branded host: Default is restapi.gp4f.com.)
- URL may change due to branding within OWS
- Check is required for OWS communication and is covered in the URL allowlist document.
Diagnostic Scenarios
Below you'll find several Diagnostic Scenarios based on the status of various connections, ports, and relays for the recorder as shown on the Diagnostics tab under Network Configuration. A green checkmark means that the respective connection, port, or relay is functioning correctly.
Network connection is RED, everything else is GREEN
Local router/firewall has internal ICMP disabled so ping responses are not coming back.
- Symptoms: Everything works fine except the RED failed Network Connection Check.
- Resolution: If all other checks are GREEN, you can safely ignore RED check. Most likely the router/firewall has internal ICMP disabled.
Everything comes back RED
Start with basic troubleshooting, cables, and local IP setup.
- Symptoms: No internet, unable to add recorder to OWS.
- Resolution: Check cables and basic network setup (IP, Gateway, DNS, and Subnet) settings. Ensure the system can talk to the local router and have a valid IP on the network.
Network Connection, Internet Connection, and DNS Resolution are GREEN, everything else including DNS Resolution is RED
- Symptoms: System can ping internet IPs but cannot ping or talk to domain names. Unable to join system to OWS cloud.
- Resolution: Verify that the DNS server is valid and can resolve DNS. Try using a manual server of 8.8.8.8 (Google DNS).
Network Connection, Internet Connection, and DNS Resolution are GREEN, 80 Outbound and 443 Outbound are RED
- Symptoms: Network works fine for most internet tasks; recorder is not accessible by cloud and will not register to the cloud.
- Resolution: Ensure there are no firewall or webfilters between the recorder and the internet that would block port 80 and 443 traffic. Add all OWS cloud-based URLs to the Approved List on the firewall/webfilter to allow the traffic. OpenEye’s OWS IT Network Pre-Deployment Requirements contains a complete list of URLs which must be included on the approved-list and can be found at OWS Network Requirements.
Port 443 Outbound and Relay are RED, everything else is GREEN
- Symptoms: Cannot connect to OWS cloud; issues connecting to an existing cloud system.
- Resolution: Fix issue with SSL traffic:
- Ensure that nothing is blocking or altering SSL data. This could be a firewall or webfilter causing this.
- Check the date on the recorder to ensure it is correct. Having the year set incorrectly can cause SSL certificate errors.
Relay Registration is RED, everything else is GREEN
- Symptoms: Issues adding or connecting to recorder over OWS cloud.
- Resolution: Firewall or Webfilter is blocking access to OWS servers located in the cloud. Ensure either the recorder is added to the approved list or that all required OWS URLS are on the approved list. OpenEye’s OWS IT Network Pre-Deployment Requirements contains a complete list of URLs which must be added to the approved list and can be found here: OWS Network Requirements.
All items are GREEN, but the system is not able to stream live video over relay
- Symptoms: The system is able to connect over OWS but is not able to get live or search video.
- Resolution: A firewall or webfilter is blocking HTTP (80) POST traffic. This is usually caused by Media Inspection on the firewall. This may need to be disabled or have the recorder added to the approved list.
- Details: Video is streamed using a POST command. Because security video is live streaming there is not END to the POST command, which many firewalls require. With no END to the POST command, the firewall will continue to cache the packets and never release them to the local client.