VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    836

cybermech

Getting the hang of it
Joined
Jan 24, 2017
Messages
144
Reaction score
79
Same router here, but mine would not let me enable VPN unless I enabled DDNS first (and setup an account etc...).
I have a static IP, so I didn't need to enable DDNS. Didn't think to mention it
 

map

n3wb
Joined
Dec 15, 2015
Messages
4
Reaction score
0
I live in a rural area and my only option for internet access is a wireless ISP. The ISP itself uses NAT and DHCP to hand out a non-routable private IP address to my router, so I'm permanently stuck in double NAT hell. A DDNS service doesn't help because I have a private IP, not a dynamic public IP. I can't forward a port on the ISP's router, so I'm left without even one open public port to access a VPN server on my LAN. And I have no other ISP choice.

As far as I can tell, my best option is a subscription VPN service that will tunnel one of their open ports back to my LAN. AirVPN seems to offer this service and call it "remote port forwarding," but it is relatively expensive and not well documented. You provide Remote Port Forwarding, what is it? - Technical

My question is: does anyone have experience with a "remote port forwarding" VPN service they can recommend?

Thanks,
map
 

neverever

Young grasshopper
Joined
Dec 27, 2016
Messages
36
Reaction score
7
I've read this thread but I'm still not sure if or how I can use VPN.
The router I have to use from my ISP doesn't seem to have a VPN-client built in, the Technicolor TG799vac.

I also have my own router, a Dovado Pro that I'm using, the Technicolor TG799vac is in DMZ bridge mode.
On the Dovado router I have a PPTP VPN Client, which I understand is not a very secure VPN protocol.
pptp.PNG

Is it worth installing the PPTP VPN protocol on the Dovado router or what can I do to implement open VPN in my system

I don't have an NVR nor a computer/server running all the time, this is my set up.
schema.jpg

I kind of understand that the Technicolor TG799vac is partly locked by my ISP so I guess all features are not available for me.
I have of course no problems watch my cameras at home using my wifi but how can I securely connect to them when I'm not at home?
Do I have to buy a new router with an open VPN client or what is my choices?
 

Chase

Getting the hang of it
Joined
Feb 12, 2017
Messages
144
Reaction score
28
Location
Ohio
Edited.

Starting my own thread so I don't hijack this thread with silly questions.
 
Last edited:

Arjun

Known around here
Joined
Feb 26, 2017
Messages
9,015
Reaction score
11,032
Location
USA
ASUS or Netgear should work well for the basic user. Remember to update your router's firmware. A serious vulnerability was discovered in Netgear Routers, fortunately, Netgear has addressed this in recent official firmware updates :)

@neverever Looks like your router only has a VPN Client built in; not a VPN Server.. looks like you need a better router.
 

neverever

Young grasshopper
Joined
Dec 27, 2016
Messages
36
Reaction score
7
I think I'll go for a new Asus router.
I also read that that for security reason, try to block all internet traffic from the cameras.
I get a alot of email with ivs triggered sent to me by email and what I understand that will be blocked.
I still want to get this email when I am away is it possible in some easy configuring way with a new router with open vpn and blocking internet access for the cameras?
 

nayr

IPCT Contributor
Joined
Jul 16, 2014
Messages
9,329
Reaction score
5,325
Location
Denver, CO
its all about rule order, you can setup a rule to allow all devices to reach your mail/time server and put that above the rule to block all your cameras.. most should stop processing rules when it first finds one it encounters.
 

PSPCommOp

Getting the hang of it
Joined
Jun 17, 2016
Messages
694
Reaction score
91
Location
Northeastern PA
its all about rule order, you can setup a rule to allow all devices to reach your mail/time server and put that above the rule to block all your cameras.. most should stop processing rules when it first finds one it encounters.
If anyone finds a good informative website for setting rules and such with ASUS routers, please share lol I'm an idiot with this stuff and there's so much info out there I get discouraged when I start looking.


Sent from my iPhone using Tapatalk
 

neverever

Young grasshopper
Joined
Dec 27, 2016
Messages
36
Reaction score
7
@nayr ,I understand that intruders can, with port forwarding to your cameras, take over the cameras and then use your computer to attack other on the internet.
How do they do that? Just very curious and trying to understand the risks.
 

nayr

IPCT Contributor
Joined
Jul 16, 2014
Messages
9,329
Reaction score
5,325
Location
Denver, CO
your camera is a full blown computer running Linux; they just have to load there own malware onto it and off they go..
 

neverever

Young grasshopper
Joined
Dec 27, 2016
Messages
36
Reaction score
7
I am now thinking of buying the ASUS RT-N18U, to be able to use OpenVpn.
But I read in another thread, which I don't find, that somebody recently occurred problems with OpenVpn on android.
It had stopped working or if it was problems after an upgrade, some kind of issue anyway.
So I just want to be sure, that before I buy the router, it won't be any problems to use it with OpenVpn on an android phone?
 

spencnor

Getting the hang of it
Joined
May 25, 2015
Messages
127
Reaction score
56
I am now thinking of buying the ASUS RT-N18U, to be able to use OpenVpn.
But I read in another thread, which I don't find, that somebody recently occurred problems with OpenVpn on android.
It had stopped working or if it was problems after an upgrade, some kind of issue anyway.
So I just want to be sure, that before I buy the router, it won't be any problems to use it with OpenVpn on an android phone?
Don't know about the RT-N18U, but I have an Asus RT-N66U and have no problems with OpenVPN on my Android phone and iPad.
 

SamSpade

n3wb
Joined
Feb 13, 2017
Messages
29
Reaction score
19
I was wondering if someone could offer some assistance...

I got a new router, netgear nighthawk R7800 that has a built in OpenVPN server (?). Anyway, I have it setup and it works great with my Android Phone.

The router generates an *.ovpn file that I copied to my Android phone. I imported that file into the OpenVPN client on my phone and everything works fine. Without connecting via VPN, I can kill my phones WiFi, while still connected to the cell network, and my BlueIris for Android will NOT connect to my BlueIris system. After opening OpenVPN on Andriod and "Connecting" (OpenVPN Client to OpenVPN Server) I CAN THEN connect to the BlueIris system and see my cameras.

The problem comes when I try to get that same "smart_phone.ovpn" file to work with my Wife's iPhone 6S. I found some instructions online that talked about getting that *.ovpn file to my Wife's phone via itunes. My wife does not have itunes installed on her PC - so that was out. I found another instruction that said email the *.ovpn file to her email. I did that and opened the email from her iphone. When I double clicked that attachment from within the email client on her iphone, it asked what app do you want to open the attachment with. I pointed to OpenVPN. It looks like the file imported into OpenVPN for iPhone correctly (it shows up similarly to as it does in the Android OpenVPN client), but when I try to "connect" it always times out.

In Android, I copied the *.ovpn file to my phone. I just dropped the file into my downloads folder. In the OpenVPN client, I tapped on import from SD card and I pointed to that folder/file... the file imported. Every time I've tried to connect, the OpenVPN client has connected to the OpenVPN Server. Every single time, no delay whatsoever, not timeout etc... it just works. The way software should work.

I'm not at all familiar with the iPhone ecosystem. If anyone could offer some suggestions (point to some web sites) for getting the iPhone OpenVPN client to work with the Netgear R7800 OpenVPN Server, that would be awesome.

Thanks in advance.
 
Last edited:

MrRalphMan

Getting the hang of it
Joined
Jan 20, 2016
Messages
309
Reaction score
72
I was wondering if someone could offer some assistance...

I got a new router, netgear nighthawk R7800 that has a built in OpenVPN server (?). Anyway, I have it setup and it works great with my Android Phone.

The router generates an *.ovpn file that I copied to my Android phone. I imported that file into the OpenVPN client on my phone and everything works find. Without connecting via VPN, I can kill my phones WiFi, while still connected to the cell network, and my BlueIris for Android will not connect to my BlueIris system. After opening OpenVPN on Andriod and "connecting" (OpenVPN Client to OpenVPN Server) I can then connect to the BlueIris system and see my cameras.

The problem comes when I try to get that same "smart_phone.ovpn" file to work with my Wife's iPhone 6S. I found some instructions online that talked about getting that *.ovpn file to my Wife's phone via itunes. My wife does not have itunes installed on her PC so that was out. I found another instruction that said email the *.ovpn file to her email. I did that and opened the email from her phone. When I double clicked that attachment from within the email client on her phone, it asked what app do you want to open the attachment with. I pointed to OpenVPN. It looks like the file imported into OpenVPN for iPhone correctly (it shows up similarly to as it does in the Android OpenVPN client), but when I try to "connect" it always times out.

In Android, I copied the *.ovpn file to my phone. I just dropped the file into my downloads folder. In the OpenVPN client, I tapped on import from SD card and I pointed to that folder... the file imported. Every time I've tried to connect, the OpenVPN client has connected to the OpenVPN Server. Everytime, no delay, it just works. The way software should work.

I'm not at all familiar with the iPhone ecosystem. If anyone could offer some suggestions for getting the iPhone OpenVPN client to work with the Netgear R7800 OpenVPN Server, that would be awesome.

Thanks in advance.
Open the file with notepad on a computer, does it have the certificate embedded in it? That will look like a bloke of random text.
Also check the server address within the file.
With my Synology NAS, I had two files, the cert and the config file, which worked on Android but not on iOS.

Sent from my OnePlus 3T
 

spencnor

Getting the hang of it
Joined
May 25, 2015
Messages
127
Reaction score
56
When I double clicked that attachment from within the email client on her iphone, it asked what app do you want to open the attachment with. I pointed to OpenVPN.
This worked on my iPad with the OpenVPN Connect app. Maybe it'll work with your iPhone 6s. In the email attachment file do a long press on the file until a sub menu pops up, then select <Copy to OpenVPN>
 

SamSpade

n3wb
Joined
Feb 13, 2017
Messages
29
Reaction score
19
Open the file with notepad on a computer, does it have the certificate embedded in it? That will look like a bloke of random text.
Also check the server address within the file.
With my Synology NAS, I had two files, the cert and the config file, which worked on Android but not on iOS.

Sent from my OnePlus 3T

Thanks for the quick response.

Yeah, I can open the *.ovpn file with notepad. I can see the "Certificate". There's some text: ------BEGIN CERTIFICATE----- and then there's lines and lines of (not) random characters.... later there's a -----END CERTIFICATE----- followed by ------BEGIN PRIVATE KEY----- followed by more (not) random characters, and finally an -----END PRIVATE KEY-----


I can also see the server address. It's not an IP address, but a pointer to my DDNS address.

The same file works in Android, but not on the iPhone.



Thanks again.
 

SamSpade

n3wb
Joined
Feb 13, 2017
Messages
29
Reaction score
19
This worked on my iPad with the OpenVPN Connect app. Maybe it'll work with your iPhone 6s. In the email attachment file do a long press on the file until a sub menu pops up, then select <Copy to OpenVPN>

Thank you. I will give that a try.
 

cybermech

Getting the hang of it
Joined
Jan 24, 2017
Messages
144
Reaction score
79
Had no issues with the OpenVPN import on a iPhone 5S or an iPad Air 2. Same router, R7800.
 
Top