DW Cloud System is Unreachable or Offline
Affected Roles: All Users
Related Digital Watchdog VMS Apps: DW Spectrum IPVMS
Software Version: Version 5.0 and newer
Last Edit: September 21, 2022
DW Cloud is a major component of DW Spectrum IPVMS and extends the functionality of DW Spectrum Systems over the Internet. DW Cloud allows users to remotely access their DW Spectrum System from an external network without port forwarding. Users can connect with their DW Spectrum Systems using any of the DW Spectrum Client platforms (desktop, mobile, Web Admin, DW Cloud Web Portal).
A DW Cloud-connected System can be accessed using a direct IP address, STUN, or through the DW Cloud mediator. While a system is connected to DW Cloud, the DW Spectrum Client will show the connection status with the Server. However, when the Client shows that the System is “Offline” or “Unreachable” through DW Cloud, there is likely an explainable cause.
What does it mean when the Client shows that a DW Cloud System is “unreachable” or “offline”?
While DW Cloud does not require extra configuration to work in a general networking environment, other than Internet access, but sometimes a required service can become blocked by an enterprise/local network firewall.
This is likely to occur when a company is blocking outgoing and incoming connections to any URL that was not granted specific permission, preventing the necessary communication between the DW Cloud Mediator and DW Cloud Relay (see the DW Cloud Overview article for more details), leading to connection loss.
To guarantee connectivity to DW Cloud-based services, add DW Cloud and DW Spectrum related end-points to your Firewall Pass List.
Locations that have strict network policies may limit the incoming and outgoing traffic. In these cases, devices are typically required to remain within the enterprise network and to use a recognized SSL certificate to access the enterprise network.
By default, DW Spectrum IPVMS uses self-signed certificates. Sometimes this may lead to the System becoming unable to be accessed from outside of an enterprise network as a self-signed certificate, while securely encrypted, is not from a paid certified source.
Alternatively, if you have upgraded the System from an older version of DW Spectrum (v4.2 or older), the self-signed certificate may have expired and be preventing HTTPS connections from being successfully established.
If the issue is due to a self-signed certificate expiring, delete the old self-signed certificate and restart the DW Spectrum Server. This will allow the system to generate a new self-signed certificate as a replacement.
For more information, read the DW Spectrum IPVMS SSL Certificate Management article.
If you are using a Windows OS (e.g. Windows 10/11/server/IOT, etc.), there is a possibility that you may encounter an issue where the root CA certificate has expired. This may create issues with your System establishing connections with AWS correctly. While it does not affect daily Internet browsing, it can be an issue when trying to access services that force the use of secure connections (HTTPS).
If you update your System to DW Spectrum 5.0, and it unexpectedly becomes unreachable via DW Cloud connection, it is likely that the DW Spectrum Server is experiencing a certificate verification issue. The DW Spectrum Server program relies on the OS to provide a list of trusted root certificates. If you’re using an older Windows version without the latest updates, it is likely the OS could be missing the new root certificate (ISRG Root X1) and requires that it be added to the System.
For more information, read the DW Cloud and Server Connection Issues After Upgrading to 5.0 article.