I got endless "feedback" from the rest of the family who use BI remotely about how much of a PITA it is to start the VPN first, so I'm also currently using DDNS and port-forwarding.
Hm, that's not a bad idea. My router (Ubiquiti EdgeRouter X) supports most of the VPN protocols, so I was thinking about trying to get L2TP going at some point. My biggest sticking point was the hassle of logging in/out of the vpn from my phone, but Tasker might make that less of a headache. It also means I won't be able to view the cameras on my workstation since they restrict access to VPNs.Hmm. I use OpenVPN on my Android which has a shortcut button on my home screen. One touch and it connects and then closes itself. About as simple as it can get.
But.... That was too much for me even so i have Tasker automatically connect to my VPN when i leave the house and disconnect when i get home. Have Tasker automatically connect/disconnect your VPN connection
You could also have Tasker connect to the VPN when you open the blue iris app and close it again when you close the app if you don't want to be connected all the time.
I've considered buying a cheap wifi tablet to have at work that constantly shows my cameras... But for me that's going a little too far. If i want to quick check on something I pull up the app on my phone. And I have my NVR push motion notifications to my phone too.It also means I won't be able to view the cameras on my workstation since they restrict access to VPNs.
I am using an EdgeRouter X also. I have it configured to run the cameras and Blue Iris on a separate sub network to the private Lan and have setup firewall rules to prevent any access from the camera network to either the private Lan or router. I have a L2TP VPN setup also but at the moment for similar reasons to above I'm happy to have direct access to the BlueIris Webserver through an open port rather than through the VPN. I certainly keep an eye on the system log page though.My router (Ubiquiti EdgeRouter X) supports most of the VPN protocols
Yea, I was thinking about a subnet (I am network-dumb beyond the basics), but my BI instance is running on a home server that also manages file storage/backups, home automation, media streaming, etc; so all that stuff needs to stay connected. I'd have to either build a new dedicated box to run only BI or add another NIC to the server box and spin up a dedicated VM for BI that is only connected to the new NIC, and subnet just that. While I can explain that with relative knowledge, I am not sure how to actually do it in practice.I am using an EdgeRouter X also. I have it configured to run the cameras and Blue Iris on a separate sub network to the private Lan and have setup firewall rules to prevent any access from the camera network to either the private Lan or router. I have a L2TP VPN setup also but at the moment for similar reasons to above I'm happy to have direct access to the BlueIris Webserver through an open port rather than through the VPN. I certainly keep an eye on the system log page though.
In that case I would definitely setup a VPN. Good videos on EdgeRouter setup here. Quick Configs - Ubiquiti - YouTubeYea, I was thinking about a subnet (I am network-dumb beyond the basics), but my BI instance is running on a home server that also manages file storage/backups, home automation, media streaming.
Actually you can set up a vlan for the cams and make the BI machine a member of that vlan as well as the vlan that has internet access. Requires a managed switch. The cams would be isolated on their own vlan. I think this is fairly trivial to do, but perhaps others with more networking knowledge will chime in.Yea, I was thinking about a subnet (I am network-dumb beyond the basics), but my BI instance is running on a home server that also manages file storage/backups, home automation, media streaming, etc; so all that stuff needs to stay connected. I'd have to either build a new dedicated box to run only BI or add another NIC to the server box and spin up a dedicated VM for BI that is only connected to the new NIC, and subnet just that. While I can explain that with relative knowledge, I am not sure how to actually do it in practice.
Blue Iris is not the best thing to run in a virtual machine because Intel Quick Sync hardware acceleration does not work in them. You don't actually need a VM to isolate your cameras from the other network items. You just need a second network interface in the Blue Iris computer. One network interface for the isolated camera network, and the other for your normal LAN/internet.I heard that with the use of one PC, a person can set up a virtual machine connected to a separate VLAN, which would then allow separating the BI server and cameras from the other network items. If anyone can offer any pointers on VM and VLAN, I would appreciate it.
I more than likely did it wrong (but it was less complicated than VLANs). I went with dual-network cards in this configuration, after someone recommended it on these forums because VLANing the whole network was too new to me. In my case it was a laptop so I grabbed a USB-to-1G Ethernet (good for about 550MB), plenty for even a dozen camera streams.I heard that with the use of one PC, a person can set up a virtual machine connected to a separate VLAN, which would then allow separating the BI server and cameras from the other network items. If anyone can offer any pointers on VM and VLAN, I would appreciate it.