dahua VTNC3000A 2-Wire Network Controller User Manual
- June 4, 2024
- Dahua
Table of Contents
2-Wire Network Controller
User’s Manual
V1.0.0
Foreword
General
This manual introduces the structure, and installation of the 2-wire network controller VTNC3000A (hereinafter referred to as the “controller”).
Safety Instructions
The following categorized signal words with defined meaning might appear in the manual.
| Signal Words | Meaning |
|---|---|
| DANGER | Indicates a high potential hazard which, if not avoided, will |
result in death or serious injury.
WARNING| Indicates a medium or low potential hazard which, if not
avoided, could result in slight or moderate injury.
CAUTION| Indicates a potential risk which, if not avoided, could result
in property damage, data loss, lower performance, or unpredictable result.
TIPS| Provides methods to help you solve a problem or save you time.
NOTE| Provides additional information as the emphasis and supplement to
the text.
Revision History
| Version | Revision Content | Release Time |
|---|---|---|
| V1.0.0 | First release. | September 2015 |
About the Manual
- The manual is for reference only. If there is inconsistency between the manual and the actual product, the actual product should prevail.
- We are not liable for any loss caused by the operations that do not comply with the manual.
- The manual would be updated according to the latest laws and regulations of related jurisdictions. For detailed information, refer to the paper manual, CD-ROM, QR code or our official website. If there is inconsistency between paper manual and the electronic version, the electronic version should prevail.
- All the designs and software are subject to change without prior written notice. The product updates might cause some differences between the actual product and the manual. Please contact the customer service for the latest program and supplementary documentation.
- There still might be deviation in technical data, functions and operations description, or errors in print. If there is any doubt or dispute, we reserve the right of final explanation.
- Upgrade the reader software or try other mainstream reader software if the manual (in PDF format) cannot be opened.
- All trademarks, registered trademarks and the company names in the manual are the properties of their respective owners.
- Please visit our website, contact the supplier or customer service if there is any problem occurring when using the device.
- If there is any uncertainty or controversy, we reserve the right of final explanation.
Important Safeguards and Warnings
Please read the following safeguards and warnings carefully before using the product in order to avoid damages and losses.
- Do not expose the device to lampblack, steam or dust. Otherwise it may cause fire or electric shock.
- Do not install the device at position exposed to sunlight or in high temperature. Temperature rise in device may cause fire.
- Do not expose the device to humid environment. Otherwise it may cause fire.
- The device must be installed on solid and flat surface in order to guarantee safety under load and earthquake. Otherwise, it may cause device to fall off or turnover.
- Do not place the device on carpet or quilt.
- Do not block air vent of the device or ventilation around the device. Otherwise, temperature in device will rise and may cause fire.
- Do not place any object on the device.
- Do not disassemble the device without professional instruction.
- Please use battery properly to avoid fire, explosion and other dangers.
- Please replace used battery with battery of the same type.
- Do not use power line other than the one specified. Please use it properly. Otherwise, it may cause fire or electric shock.
1 Product Overview
1.1 Features
2-wire network controller supports connecting four 2-wire devices to the
network.
Figure 1-1 Application scene
1.2 Device Structure
Figure 1-2 Front panel
Table 1-1 Front panel description
| No. | Component | Note |
|---|---|---|
| 1 | Power Port | DC24V ± 10% input |
| 2 | Power Indicator | Normally power on, indicator turns on |
| 3 | Network Port | RJ45 port, connect LAN |
| 4 | Reset | Reboot device |
| 5 | 2-wire port | 4 groups of 2-wire port, connect to other 2-wire devices |
2 Installation
2.1 DIN-Rail Mount
Hang the controller on the installation bracket with a hook. Press the 2-wire network controller, and then fix the buckle into the installation bracket.
Figure 2-1 Hang the controller on the bracket
Before installation, make sure that the lower buckle is open.
Figure 2-2 Open the lower buckle
2.2 Wall Mount
2.2.1 Screw
Table 2-1 Screw decryption
| Component | Illustration | Quantity |
|---|---|---|
| ST3×18 Cross recessed pan head self-tapping screws-nickel silver | 4 | |
| White expansion pipe¢6 × 30mm | 4 |
2.2.2 Installation Steps
Step 1 Place the device against the wall, mark four holes with a pencil, and
dig hole with an electric drill.
Step 2 Insert white expansion pipe into the holes.
Step 3 Fix the device on the wall with screws.
Figure 2-3 Fix the controller on the wall with screws
Appendix 1 Cybersecurity Recommendations
Cybersecurity is more than just a buzzword: it’s something that pertains to every device that is connected to the internet. IP video surveillance is not immune to cyber risks, but taking basic steps toward protecting and strengthening networks and networked appliances will make them less susceptible to attacks. Below are some tips and recommendations on how to create a more secured security system.
Mandatory actions to be taken for basic device network security:
1. Use Strong Passwords
Please refer to the following suggestions to set passwords:
- The length should not be less than 8 characters;
- Include at least two types of characters; character types include upper and lower case letters, numbers and symbols;
- Do not contain the account name or the account name in reverse order;
- Do not use continuous characters, such as 123, abc, etc.;
- Do not use overlapped characters, such as 111, aaa, etc.;
2. Update Firmware and Client Software in Time
- According to the standard procedure in Tech-industry, we recommend to keep your device (such as NVR, DVR, IP camera, etc.) firmware up-to-date to ensure the system is equipped with the latest security patches and fixes. When the device is connected to the public network, it is recommended to enable the “auto-check for updates” function to obtain timely information of firmware updates released by the manufacturer.
- We suggest that you download and use the latest version of client software.
“Nice to have” recommendations to improve your device network security:
1. Physical Protection
We suggest that you perform physical protection to device, especially storage devices. For example, place the device in a special computer room and cabinet, and implement well-done access control permission and key management to prevent unauthorized personnel from carrying out physical contacts such as damaging hardware, unauthorized connection of removable device (such as USB flash disk, serial port), etc.
2. Change Passwords Regularly
We suggest that you change passwords regularly to reduce the risk of being guessed or cracked.
3. Set and Update Passwords Reset Information Timely
The device supports password reset function. Please set up related information for password reset in time, including the end user’s mailbox and password protection questions. If the information changes, please modify it in time. When setting password protection questions, it is suggested not to use those that can be easily guessed.
4. Enable Account Lock
The account lock feature is enabled by default, and we recommend you to keep it on to guarantee the account security. If an attacker attempts to log in with the wrong password several times, the corresponding account and the source IP address will be locked.
5. Change Default HTTP and Other Service Ports
We suggest you to change default HTTP and other service ports into any set of numbers between 1024~65535, reducing the risk of outsiders being able to guess which ports you are using.
6. Enable HTTPS
We suggest you to enable HTTPS, so that you visit Web service through a secure communication channel.
7. MAC Address Binding
We recommend you to bind the IP and MAC address of the gateway to the device, thus reducing the risk of ARP spoofing.
8. Assign Accounts and Privileges Reasonably
According to business and management requirements, reasonably add users and assign a minimum set of permissions to them.
9. Disable Unnecessary Services and Choose Secure Modes
If not needed, it is recommended to turn off some services such as SNMP, SMTP, UPnP, etc., to reduce risks.
If necessary, it is highly recommended that you use safe modes, including but not limited to the following services:
- SNMP: Choose SNMP v3, and set up strong encryption passwords and authentication passwords.
- SMTP: Choose TLS to access mailbox server.
- FTP: Choose SFTP, and set up strong passwords.
- AP hotspot: Choose WPA2-PSK encryption mode, and set up strong passwords.
10. Audio and Video Encrypted Transmission
If your audio and video data contents are very important or sensitive, we recommend that you use encrypted transmission function, to reduce the risk of audio and video data being stolen during transmission.
Reminder: encrypted transmission will cause some loss in transmission efficiency.
11. Secure Auditing
- Check online users: we suggest that you check online users regularly to see if the device is logged in without authorization.
- Check device log: By viewing the logs, you can know the IP addresses that were used to log in to your devices and their key operations.
12. Network Log
Due to the limited storage capacity of the device, the stored log is limited. If you need to save the log for a long time, it is recommended that you enable the network log function to ensure that the critical logs are synchronized to the network log server for tracing.
13. Construct a Safe Network Environment
In order to better ensure the safety of device and reduce potential cyber risks, we recommend:
- Disable the port mapping function of the router to avoid direct access to the intranet devices from external network.
- The network should be partitioned and isolated according to the actual network needs. If there are no communication requirements between two sub networks, it is suggested to use VLAN, network GAP and other technologies to partition the network, so as to achieve the network isolation effect.
- Establish the 802.1x access authentication system to reduce the risk of unauthorized access to private networks.
- Enable IP/MAC address filtering function to limit the range of hosts allowed to access the device.