I-Onyx Cameras Onvif Communication
- 80 HTTP / 443 HTTPS
- 554 RTSP (This handles session tracking etc… and will always user TCP)
- By default ViconNet will communicate in UDP with all I-Onyx/Onvif Devices.
- V92X, V-Cell, SN663, SN680 and all CE series cameras will use any UDP port between 30000 and 39999 this can be specified under System>network>RTSP. When using UDP the client will be auto-magically assigned a dynamic port which is usually in the 60,000> range. In the event that there is a firewall in place this traffic might be blocked and no video will be received by the client
- V96X We can specify which port we want to use and whether to communicate via TCP or UDP
- Note that all of these ports must be allowed in order to properly communicate with any Onvif device. Also, whenever TCP is used we will stream via RTSP (554).
- As mentioned above, ViconNet by default will use a UDP port to stream video from Third Party or ONVIF format cameras. If ViconNet appears to connect to the camera but brings up a black video, it is possible that the UDP ports are being blocked by a firewall. If possible open those ports on the router/firewall.
Otherwise if necessary ViconNet can be modified to view the video stream in TCP mode.
- Close ViconNet and go to C:\ViconNet\VnData\Settings\Config\
- Rename the ThirdParty.ini to UDP_ThirdParty.ini (this is to save it in case needed again)
- Install the new ThirdParty.ini attached in this knowledge base. Note that you will need correct the extension to .ini
- Start ViconNet and test.
There are several messages that must be exchanged before we establish a video session with an Onvif device. We first use RTSP to query the device for information such as resolution, FPS, PTZ, etc… The device will reply with a list of all its features over HTTP/HTTPS in XML format, this will in turn inform us of the capabilities of the device. We will then pull the desired video stream and start the streaming process. RTSP will keep track of our session while UDP will carry all of the video data (Unless we are using TCP.) There is a token exchange between the client and the server (Camera) which keeps track of authentication for security purposes; Onvif uses a Kerberos encrypted PKI Certificate (X.509) to keep track of authentication and will update this token about once per second. Kerberos will use both symmetric and asymmetric encryption and uses timestamps to keep track of sessions. Therefore, time and date play a major role in the streaming process. A time/date mismatch will cause authentication problems due to the use of timestamps by Kerberos this will in turn cause the server (camera) to tear down the connection. The normal margin for Kerberos is 5 minutes, any bigger time difference will potentially cause problems, and the margin will vary depending on the device. Once all of these requirements have been met we will start the video streaming process.