About your device
AXIS S3008 Recorder is a compact network video recorder with a built-in PoE switch for easy installation. The device features a surveillance-grade hard drive. It also includes a USB port for easy export of video footage. The recorder comes in three models – including a 2 TB, 4 TB or 8 TB hard drive.
How many cameras can I connect to the recorder?
Up to eight devices can be connected to the PoE switch of the recorder.
How much power can the recorder supply to the cameras?
- These are the limitations for power over Ethernet (PoE):
The recorder can supply up to eight devices with PoE.
The total amount of power available:
2 TB and 4 TB: 65 W
8 TB: 60 W
Each network port supports up to 15.4 W (PoE Class 3) at the PoE port (PSE) and 12.95 W on the camera side (PD).
The switch allocates PoE power based on the PoE class of the connected device.
Browser support
Windows®
ChromeTM (recommended)
Firefox®
Edge®
OS X®
ChromeTM (recommended)
Safari®
Other
ChromeTM
Firefox®
To find out more about how to use the device, see the Manual available at Documentation | Axis Communications.
If you want more information about recommended browsers, go to Axis OS browser support | Axis Communications.
Get started
- Note
Internet access is required during the system setup.
When the installation is done:
All Axis devices in the system have the latest firmware.
All devices have a password.
Recording using the default settings is active.
You can use remote access.
Register a My Axis account
Register a My Axis account at axis.com/my-axis/login.
To make your My Axis account more secure, activate multi-factor authentication (MFA). MFA is a security system that adds another layer of verification to ensure the user’s identity.
- To activate MFA:
Go to axis.com/my-axis/login.
Log in with your My Axis credentials.
Go to and select Account settings.
Click Security settings
Click Handle your 2-factor authentication.
Enter your My Axis credentials.
Choose one of the authentication methods Authenticator App (TOTP) or Email and follow the on-screen instructions.
Install the hardware
Install your camera hardware.
Connect the recorder to your network via the LAN port.
Connect the cameras to the recorder’s integrated PoE switch or an external PoE switch.
Connect the computer to the same network as the recorder.
Connect the power supply to the recorder.
- Important
You must first connect the power cord to the recorder, and then connect the power cord to the power outlet.
Wait a few minutes for the recorder and cameras to boot up before proceeding.
Keep the recorder in a well ventilated environment and with plenty of empty space around the recorder to avoid overheating.
Install the desktop app
Go to axis.com/products/axis-camera-station-edge and click Download to download AXIS S3008 Recorder for Windows.
Open the setup file and follow the setup assistant.
Sign in with your My Axis account.
Create a site
A site is a single point of entry to a surveillance solution, for example all cameras in a store. You can keep track of several sites through a single My Axis account.
Start the AXIS S3008 Recorder desktop app.
Sign in with your My Axis account.
Click Create new site and give the site a name.
Click Next.
Select the devices you want to add to your site.
Click Next.
Select storage.
Click Next.
On the Ready to install page, Offline mode and Upgrade firmware are turned on by default. You can turn them off if you don’t want to access offline mode or upgrade your devices to the latest firmware version.
Click Install and wait while AXIS S3008 Recorder configures the devices.
The configuration can take several minutes.
Install the mobile app
With AXIS S3008 Recorder mobile app, you can access your devices and recordings from anywhere. You can also get notifications when events occur, or when someone calls from an intercom.
For Android
Click Download or scan the following QR Code®.
For iOS
Click Download or scan the following QR Code.
Open the AXIS S3008 Recorder mobile app and log in with your Axis credentials.
If you don’t have a My Axis account, you can go to axis.com/my-axis to register a new account.
QR Code is a registered trademark of Denso Wave Incorporated in Japan and other countries.
The web interface
To reach the device’s web interface, type the device’s IP address in a web browser.
Show or hide the main menu. Access the release notes. Access the product help. Change the language. Set light theme or dark theme. The user menu contains:
The context menu contains:
|
Status
Device info
Shows the device information, including AXIS OS version and serial number.
Upgrade AXIS OS: Upgrade the software on your device. Takes you to the Maintenance page where you can do the upgrade. |
Time sync status
Shows NTP synchronization information, including if the device is in sync with an NTP server and the time remaining until the next sync.
NTP settings: View and update the NTP settings. Takes you to the Time and location page where you can change the NTP settings. |
Security
Shows what kind of access to the device that is active, what encryption protocols are in use, and if unsigned apps are allowed. Recommendations to the settings are based on the AXIS OS Hardening Guide.
Hardening guide: Link to AXIS OS Hardening guide where you can learn more about cybersecurity on Axis devices and best practices. |
Connected clients
Shows the number of connections and connected clients.
View details: View and update the list of connected clients. The list shows IP address, protocol, port, state, and PID/process of each connection. |
Ongoing recordings
Shows ongoing recordings and their designated storage space.
Recordings: View ongoing and filtered recordings and their source. For more information, see Shows the storage space where the recording is saved. |
Apps
Add app: Install a new app. Find more apps: Find more apps to install. You will be taken to an overview page of Axis apps. Allow unsigned apps: Turn on to allow installation of unsigned apps. Allow root-privileged apps: Turn on to allow apps with root privileges full access to the device. View the security updates in AXIS OS and ACAP apps. Note The device’s performance might be affected if you run several apps at the same time. Use the switch next to the app name to start or stop the app. Open: Access the app’s settings. The available settings depend on the application. Some applications don’t have any settings. The context menu can contain one or more of the following options:
|
System
Time and location
Date and time
The time format depends on the web browser’s language settings.
We recommend you synchronize the device’s date and time with an NTP server.
Synchronization: Select an option for the device’s date and time synchronization.
Time zone: Select which time zone to use. Time will automatically adjust to daylight saving time and standard time.
Note The system uses the date and time settings in all recordings, logs, and system settings. |
Device location
Enter where the device is located. Your video management system can use this information to place the device on a map.
|
Network
IPv4
Assign IPv4 automatically: Select to let the network router assign an IP address to the device automatically. We recommend automatic IP (DHCP) for most networks. IP address: Enter a unique IP address for the device. Static IP addresses can be assigned at random within isolated networks, provided that each address is unique. To avoid conflicts, we recommend you contact your network administrator before you assign a static IP address. Subnet mask: Enter the subnet mask to define what addresses are inside the local area network. Any address outside the local area network goes through the router. Router: Enter the IP address of the default router (gateway) used to connect devices that are attached to different networks and network segments. Fallback to static IP address if DHCP isn’t available: Select if you want to add a static IP address to use as fallback if DHCP is unavailable and can’t assign an IP address automatically. Note If DHCP isn’t available and the device uses a static address fallback, the static address is configured with a limited scope. |
IPv6
Assign IPv6 automatically: Select to turn on IPv6 and to let the network router assign an IP address to the device automatically. |
Hostname
Assign hostname automatically: Select to let the network router assign a hostname to the device automatically. Hostname: Enter the hostname manually to use as an alternative way of accessing the device. The server report and system log use the hostname. Allowed characters are A–Z, a–z, 0–9 and -. |
DNS servers
Assign DNS automatically: Select to let the DHCP server assign search domains and DNS server addresses to the device automatically. We recommend automatic DNS (DHCP) for most networks. Search domains: When you use a hostname that is not fully qualified, click Add search domain and enter a domain in which to search for the hostname the device uses. DNS servers: Click Add DNS server and enter the IP address of the DNS server. This provides the translation of hostnames to IP addresses on your network. |
Network discovery protocols
Bonjour®: Turn on to allow automatic discovery on the network. Bonjour name: Enter a friendly name to be visible on the network. The default name is the device name and MAC address. UPnP®: Turn on to allow automatic discovery on the network. UPnP name: Enter a friendly name to be visible on the network. The default name is the device name and MAC address. WS-Discovery: Turn on to allow automatic discovery on the network. LLDP and CDP: Turn on to allow automatic discovery on the network. Turning LLDP and CDP off can impact the PoE power negotiation. To resolve any issues with the PoE power negotiation, configure the PoE switch for hardware PoE power negotiation only. |
Global proxies
Http proxy: Specify a global proxy host or IP address according to the allowed format. Https proxy: Specify a global proxy host or IP address according to the allowed format.
Note Restart the device to apply the global proxy settings.
|
One-click cloud connection
One-click cloud connection (O3C) together with an O3C service provides easy and secure internet access to live and recorded video from any location. For more information, see axis.com/end-to-end-solutions/hosted-services.
Allow O3C:
Proxy settings: If needed, enter the proxy settings to connect to the proxy server. Host: Enter the proxy server’s address. Port: Enter the port number used for access. Login and Password: If needed, enter username and password for the proxy server. Authentication method:
Owner authentication key (OAK): Click Get key to fetch the owner authentication key. This is only possible if the device is connected to the internet without a firewall or proxy. |
Power over Ethernet
Allocated power: Number of watts (W) that are currently allocated. Total PoE consumption: Number of watts (W) that are consumed. Keep PoE active during recorder restart: Turn on to supply power to connected devices during a restart of the recorder. Used space: Percentage of space used. Free space: Percentage of space available for recordings. Free space: Available disk space displayed in megabytes (MB), gigabytes (GB), or terabytes (TB). Disk status: Current status of the disk. Disk temperature: Current running temperature. PoE: Turn on or off PoE for each port. When a device is connected, you’ll see the following information:
|
Security
Certificates
Certificates are used to authenticate devices on a network. The device supports two types of certificates:
These formats are supported:
Important If you reset the device to factory default, all certificates are deleted. Any pre-installed CA certificates are reinstalled. Add certificate : Click to add a certificate.
The context menu contains:
Secure keystore:
|
Network access control and encryption
IEEE 802.1x IEEE 802.1x is an IEEE standard for port-based network admission control providing secure authentication of wired and wireless network devices. IEEE 802.1x is based on EAP (Extensible Authentication Protocol). To access a network protected by IEEE 802.1x, network devices must authenticate themselves. The authentication is performed by an authentication server, typically a RADIUS server (for example, FreeRADIUS and Microsoft Internet Authentication Server). IEEE 802.1AE MACsec IEEE 802.1AE MACsec is an IEEE standard for media access control (MAC) security that defines connectionless data confidentiality and integrity for media access independent protocols. Certificates When configured without a CA certificate, server certificate validation is disabled and the device tries to authenticate itself regardless of what network it is connected to. When using a certificate, in Axis' implementation, the device and the authentication server authenticate themselves with digital certificates using EAP-TLS (Extensible Authentication Protocol - Transport Layer Security). To allow the device to access a network protected through certificates, you must install a signed client certificate on the device. Authentication method: Select an EAP type used for authentication. Client certificate: Select a client certificate to use IEEE 802.1x. The authentication server uses the certificate to validate the client’s identity. CA certificates: Select CA certificates to validate the authentication server’s identity. When no certificate is selected, the device tries to authenticate itself regardless of what network it is connected to. EAP identity: Enter the user identity associated with the client certificate. EAPOL version: Select the EAPOL version that is used in the network switch. Use IEEE 802.1x: Select to use the IEEE 802.1x protocol. These settings are only available if you use IEEE 802.1x PEAP-MSCHAPv2 as the authentication method:
These settings are only available if you use IEEE 802.1ae MACsec (Static CAK/Pre-Shared Key) as the authentication method:
|
Firewall
Activate: Turn on the firewall.
To make exceptions to the default policy, you can create rules that allows or denies connections to the device from specific addresses, protocols, and ports.
: Click to create another rule.
Pending rules: An overview of the latest tested rules that you are yet to confirm. Note The rules that have a time limit appear under Active rules until the displayed timer runs out, or until you confirm them. If you don't confirm them, they will appear under Pending rules once the timer runs out, and the firewall will revert to the previously defined settings. If you confirm them, they will replace the current active rules. Confirm rules: Click to activate the pending rules. Active rules: An overview of the rules you are currently running on the device. : Click to delete an active rule. : Click to delete all rules, both pending and active. |
Custom signed AXIS OS certificate
To install test software or other custom software from Axis on the device, you need a custom signed AXIS OS certificate. The certificate verifies that the software is approved by both the device owner and Axis. The software can only run on a specific device which is identified by its unique serial number and chip ID. Only Axis can create custom signed AXIS OS certificates, since Axis holds the key to sign them. Install: Click to install the certificate. You need to install the certificate before you install the software. The context menu contains:
|
Accounts
Accounts
Add account: Click to add a new account. You can add up to 100 accounts. Account: Enter a unique account name. New password: Enter a password for the account. Passwords must be 1 to 64 characters long. Only ASCII printable characters (code 32 to 126) are allowed in the password, for example, letters, numbers, punctuation, and some symbols. Repeat password: Enter the same password again. Privileges:
The context menu contains: Update account: Edit the account properties. Delete account: Delete the account. You can’t delete the root account. |
SSH accounts
Add SSH account: Click to add a new SSH account.
Account: Enter a unique account name. New password: Enter a password for the account. Passwords must be 1 to 64 characters long. Only ASCII printable characters (code 32 to 126) are allowed in the password, for example, letters, numbers, punctuation, and some symbols. Repeat password: Enter the same password again. Comment: Enter a comment (optional). The context menu contains: Update SSH account: Edit the account properties. Delete SSH account: Delete the account. You can’t delete the root account. |
Virtual host
Add virtual host: Click to add a new virtual host. Enabled: Select to use this virtual host. Server name: Enter the name of the server. Only use numbers 0-9, letters A-Z, and hyphen (-). Port: Enter the port the server is connected to. Type: Select the type of authentication to use. Select between Basic, Digest, and Open ID. The context menu contains:
Disabled: The server is disabled. |
OpenID Configuration
If you can't use OpenID to sign in, use the Digest or Basic credentials you used when you configured OpenID to sign in.
Client ID: Enter the OpenID username. Outgoing Proxy: Enter the proxy address for the OpenID connection to use a proxy server. Admin claim: Enter a value for the admin role. Provider URL: Enter the web link for the API endpoint authentication. Format should be https://[insert URL]/.well-known/openid-configuration Operator claim: Enter a value for the operator role. Require claim: Enter the data that should be in the token. Viewer claim: Enter the value for the viewer role. Remote user: Enter a value to identify remote users. This assists to display the current user in the device’s web interface. Scopes: Optional scopes that could be part of the token. Client secret: Enter the OpenID password Save: Click to save the OpenID values. Enable OpenID: Turn on to close current connection and allow device authentication from the provider URL. |
Events
Rules
A rule defines the conditions that triggers the product to perform an action. The list shows all the currently configured rules in the product.
You can create up to 256 action rules.
Add a rule: Create a rule. Name: Enter a name for the rule. Wait between actions: Enter the minimum time (hh:mm:ss) that must pass between rule activations. It is useful if the rule is activated by, for example, day-night mode conditions, to avoid that small light changes during sunrise and sunset activate the rule repeatedly. Condition: Select a condition from the list. A condition must be met for the device to perform an action. If multiple conditions are defined, all of them must be met to trigger the action. For information about specific conditions, see Get started with rules for events. Use this condition as a trigger: Select to make this first condition function only as a starting trigger. It means that once the rule is activated, it remains active for as long as all the other conditions are met, no matter the state of the first condition. If you don’t select this option, the rule will simply be active whenever all the conditions are met. Invert this condition: Select if you want the condition to be the opposite of your selection. Add a condition: Click to add an additional condition. Action: Select an action from the list and enter its required information. For information about specific actions, see Get started with rules for events. |
Recipients
You can set up your device to notify recipients about events or send files.
If you set up your device to use FTP or SFTP, don’t change or remove the unique sequence number that’s added to the file names. If you do that, only one image per event can be sent.
The list shows all the recipients currently configured in the product, along with information about their configuration.
You can create up to 20 recipients.
Add a recipient: Click to add a recipient. Name: Enter a name for the recipient. Type: Select from the list:
Test: Click to test the setup. The context menu contains: View recipient: Click to view all the recipient details. Copy recipient: Click to copy a recipient. When you copy, you can make changes to the new recipient. Delete recipient: Click to delete the recipient permanently. |
Schedules
Schedules and pulses can be used as conditions in rules. The list shows all the schedules and pulses currently configured in the product, along with information about their configuration. Add schedule: Click to create a schedule or pulse. |
Manual triggers
You can use the manual trigger to manually trigger a rule. The manual trigger can, for example, be used to validate actions during product installation and configuration. |
Storage
Onboard storage
Unmount: Click before you disconnect the device from the system. This will stop all ongoing recordings. Write protect: Turn on to protect the storage device from being overwritten. Autoformat: The disk will automatically format using the ext4 file system. |
Logs
Reports and logs
Reports
Logs
|
Network trace
Important A network trace file might contain sensitive information, for example certificates or passwords. A network trace file can help you troubleshoot problems by recording activity on the network. Trace time: Select the duration of the trace in seconds or minutes, and click Download. |
Remote system log
Syslog is a standard for message logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, which indicates the software type generating the message, and assigned a severity level.
Server: Click to add a new server. Host: Enter the hostname or IP address of the server. Format: Select which syslog message format to use.
Protocol: Select the protocol to use:
Port: Edit the port number to use a different port. Severity: Select which messages to send when triggered. CA certificate set: See the current settings or add a certificate. |
Maintenance
Restart: Restart the device. This does not affect any of the current settings. Running applications restart automatically. Restore: Return most settings to the factory default values. Afterwards you must reconfigure the device and apps, reinstall any apps that didn’t come preinstalled, and recreate any events and presets. Important The only settings saved after restore are:
Factory default: Return all settings to the factory default values. Afterwards you must reset the IP address to make the device accessible. Note All Axis device software is digitally signed to ensure that you only install verified software on your device. This further increases the overall minimum cybersecurity level of Axis devices. For more information, see the white paper “Axis Edge Vault” at axis.com. AXIS OS upgrade: Upgrade to a new AXIS OS version. New releases can contain improved functionality, bug fixes, and completely new features. We recommend you to always use the latest AXIS OS release. To download the latest release, go to axis.com/support.
AXIS OS rollback: Revert to the previously installed AXIS OS version. |
Configure your device
Allocate power
The recorder reserves a certain amount of power for each port. The total reserved power cannot exceed the total power budget. A port will not be powered up if the recorder tries to reserve more power than what is available. This makes sure that all of the connected devices will be powered.
- PoE power can be allocated to the connected devices in the following ways:
PoE class — Each port automatically determines the amount of power to reserve according to the PoE class of the connected device.
LLDP — Each port determines the amount of power to reserve by exchanging PoE information using the LLDP protocol.
- Note
Power allocation with LLDP only works for supported devices with firmware 9.80 or later, and for AXIS S3008 Recorder with firmware 10.2 or later.
LLDP is always active in AXIS S3008 Recorder but must be activated on the connected device. If LLDP is turned off or not supported in the connected device, then PoE class reservation will be used instead.
- To turn on LLDP on your PoE device:
Open the device webpage.
Go to Settings > System > Plain config > Network.
Under LLDP POE, select the LLDP Send Max PoE checkbox.
Example
In this example, the AXIS S3008 Recorder has a total power budget of 65 W.
PoE class 2 device. Requests 7 W power but actually consumes 5 W power.
PoE class 3 device. Requests 15.5 W power but actually consumes 7.5 W power.
Reserved power.
Actual power consumption.
Allocate power by PoE class
Reserved power | Actual power consumption |
Each port reserves the amount of power according to the device’s PoE class.
The recorder can power 2 PoE class 3 devices and 4 PoE class 2 devices.
The total power reserved is (2 x 15.5) + (4 x 7) =59 W.
The actual power consumed is (2 x 7.5) + (4 x 5) = 35 W.
Allocate power by LLDP
The power allocation via LLDP will over-provision for a worst-case power loss that will happen over the network cable.
PoE Class | 1 | 2 | 3 |
Max power camera | 3.84 | 6.49 | 12.95 |
Worst case power loss cable | 0.14 | 0.41 | 1.92 |
Power needed at recorder | 3.98 | 6.90 | 14.87 |
Max power for class | 4.00 | 7.00 | 15.40 |
Power reserved at recorder | 4 W | 7 W | 15.5 W |
Reserved power | Actual power consumption |
Max power determined by the connected device.
Each port reserves the amount of power according to the device’s Max PoE power consumption.
The recorder can power up to 8 devices, if their max power requirements remain within the limits.
The total power reserved by 8 PoE class 3 devices with LLDP is (8 x 7.5) = 60 W.
The actual power consumed by 8 PoE class 3 devices with LLDP is (8 x 7) = 56 W.
In this way, a tighter PoE budget allocation allows for more connected devices.
Product overview
Power button
To shut down the recorder, long press the power button until the buzzer makes a brief sound.
To silence the buzzer, short press the power button.
Control button
- The control button is used for:
Resetting the product to factory default settings. See Hard reset a recorder.
Connecting to a one-click cloud connection (O3C) service over the internet. To connect, press and hold the button for about 3 seconds until the status LED flashes green.
Troubleshooting
The status LED gives you the following information:
Status LED | Indication |
Green | The recorder is on and the status is ok. |
Orange | The recorder is starting up, or the firmware is upgrading. Wait until the LED turns green. |
Red | This can mean that the PoE budget is exceeded. If you just connected a device to the recorder, try to remove it again. For more information about PoE limitations, see How much power can the recorder supply to the cameras?. |
The hard drive LED gives you the following information:
Hard drive LED | Indication |
Green | The LED is flashing green when data is written to the hard drive. |
Red | A recording disruption has occurred. Go to System > Storage for more information. |
The buzzer sounds for this reason:
The PoE budget is exceeded. If you just connected a device to the recorder, try removing it again. For more information about PoE limitations, see How much power can the recorder supply to the cameras?
- Note
You can stop the buzzer with a short press of the power button.
The recorder shuts down:
The recorder is severely overheated.
Technical issues, clues and solutions
Issue | Solution |
My recordings are not available. | Go to Fix common issues. |
I cannot connect to my cameras. | Go to Fix common issues. |
I receive error notification: “No contact”. | Go to Fix common issues. |
My sites do not appear in my mobile app. | Make sure you have version 4 of the AXIS Companion mobile app. |
Fix common issues
Before you restart, configure or reset your devices, we recommend that you to save a system report.
See Save a system report.
Check that your cameras and recorder have power.
Check that you are connected to the internet.
Check that the network is working.
Check that the cameras are connected to the same network as the computer, unless you are remote.
- Still not working?
Make sure that your cameras, recorder and AXIS Companion desktop app have the latest firmware and software updates.
See Upgrade firmware.
Restart the AXIS Companion desktop app.
Restart you cameras and recorder.
- Still not working?
Make a hard reset on the cameras and the recorder, to completely put them back to factory default settings.
Add the reset cameras to your site again.
- Still not working?
Update your graphics card with the latest drivers.
- Still not working?
Save a system report and contact Axis technical support.
See Save a system report.
Upgrade firmware
New firmware updates bring you to the latest and improved set of features, functions, and security enhancements.
Go to the leader device’s web interface.
Go to Maintenance > Firmware upgrade and click Upgrade.
Follow the instructions on the screen.
Hard reset a recorder
Move the recorder carefully while it’s switched on. Sudden moves or shocks may damage the hard drive.
- A hard reset will reset all the settings, including the IP address.
- A hard reset will not remove your recordings.
Switch off the recorder:
Press the power button on the front of the recorder for 4-5 seconds until you hear a beep.
Wait until the recorder is switched off, then turn it over to access the control button.
Press and hold the control button. Press and release the power button to start the recorder. Release the control button after 15-30 seconds when the LED indicator flashes amber.
Carefully put the recorder back in its place.
The process is complete when the status LED indicator turns green. The product has been reset to the factory default settings. If no DHCP server is available on the network, the default IP address is
192.168.0.90
Reset your devices connected to the recorder.
If your hard drive is encrypted, it must be mounted manually after the recorder is reset:
Go to the device’s web interface.
Go to System > Storage and click Mount.
Enter the encryption password used when encrypting the hard drive.
I can't log in to the product's web interface
If you set a password for the product during configuration, and later add that product to a site, you can no longer log in to the product's web interface with the password you've set. This is because AXIS Companion software changes the passwords of all devices in the site.
To log in to a device in your site, type the username root and your site password.
How to erase all recordings
In the device’s web interface, go to System > Storage.
Select Format and click Use tool.
- Note
This procedure erases all recordings from the hard drive, but the configuration of the recorder and the site doesn’t change.
Save a system report
In AXIS S3008 Recorder, go to > Save system report.
When you register a new case at Axis Helpdesk, attach the system report.
Need more help?
Useful links
Contact support
If you need more help, go to axis.com/support.