Remote access of BI best practices?

WannaTheater

Young grasshopper
Joined
Aug 18, 2018
Messages
48
Reaction score
19
Location
Florida
I have OpenVPN running on home router. Looking for some recommendations on the best way top access live feeds/Alerts, etc, while away from LAN. I am only using iOS devices. I've also purchased the BI mobile app.

Option 1:
1) Connect to OpenVPN from OpenVPN Connect client app. Then access Blue Iris server from browser (Safari). Seems to work fine. Using this method it seems like I perhaps didn't need to purchase the BI mobile app.

Option 2:
1) Connect to OpenVPN from OpenVPN Connect client app. Access through the BI mobile app. (haven't tested)

Option 3:
1) Allow BI mobile app to connect directly BI web server (option available on Web server tab, which autopopulates WAN with public IP address). I am assuming this will poke some holes in firewall (UPnP?)
In this case, I would be not making use of OpenVPN.

Any options preferable/more secure than the others?

Thanks!
 

aristobrat

IPCT Contributor
Joined
Dec 5, 2016
Messages
2,982
Reaction score
3,180
Both 1 and 2 are more secure than 3. I think once you really start getting a lot of alerts, you’re likely to be more proficient getting around the system with the BI mobile app (2).
 

th182

BIT Beta Team
Joined
Sep 11, 2018
Messages
689
Reaction score
1,204
Location
Minnesota
I use option 2. Works great! I'm starting to just leave the OpenVPN connection up even when not actively using BI. I connect to work and a few other WiFi points and it makes me feel better knowing my traffic is through the VPN.


Sent from my iPhone using Tapatalk
 

MrRouter

n3wb
Joined
Jan 21, 2019
Messages
10
Reaction score
0
Location
USA
Even tho its through VPN arent you visiting a Http web server? Wouldnt that make the traffic unencrypted and potentially viewable to others?
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
Even tho its through VPN arent you visiting a Http web server? Wouldnt that make the traffic unencrypted and potentially viewable to others?
No, a vpn creates an encrypted tunnel directly to your network. You are confusing this with paid vpn services that are worthless.
 

MrRouter

n3wb
Joined
Jan 21, 2019
Messages
10
Reaction score
0
Location
USA
No, a vpn creates an encrypted tunnel directly to your network. You are confusing this with paid vpn services that are worthless.
Ok so just to make sure I'm understanding because we are VPN into the home lan network securely via a VPN all traffic to and from my device is encrypted and because i am on my LAN anyone who is outside this network will not be able to see what I am doing. The reason I ask is because i heard some folks were routing blue iris web traffic through stunnel to ensure a https connection. In your opinion this wouldnt be needed to ensure my video streams are safe?

Thanks for your clarification
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
Ok so just to make sure I'm understanding because we are VPN into the home lan network securely via a VPN all traffic to and from my device is encrypted and because i am on my LAN anyone who is outside this network will not be able to see what I am doing. The reason I ask is because i heard some folks were routing blue iris web traffic through stunnel to ensure a https connection. In your opinion this wouldnt be needed to ensure my video streams are safe?

Thanks for your clarification
no, stunnel would be silly if you are already running a vpn.
 

dmiller

Young grasshopper
Joined
Jan 20, 2015
Messages
46
Reaction score
12
I have no performance problems using the Blue Iris iOS app through the VPN server on my netgear Orbi router. I do not let Blue Iris have access through the firewall to the internet. At far as it knows the iPhone app is a local LAN connection.

I have openVPN and the VPN server set up for UPD.

The "gotcha" for anyone trying to use router VPN is that it won't connect while your phone is on the local LAN. To test turn off wifi and try to connect with cellular data.

I wish there was a way to explicitly turn off WAN in blue iris.
 
Top