blue iris / network setup

[fixxxer0]

Hey guys... just got around to wiring everything and received my dedicated BI PC in the mail today.

Wanted to run this setup by anyone who might know better than me (most everyone im sure), and see what my options are.

I attached a sketch of my setup. the 2 POE switches are on opposite ends of the house, and all switches are unmanaged 1 Gbit.

My concern with the BI setup is more security based. everything is connected to the same 24 port switch at some point, but I would like to keep the cameras and BI machine off the internet.

am i correct in assuming that i can just configure the BI machine, and all the IP cameras to a different subnet than the rest of my network? right now everything is on 255.255.255.0 / 192.168.1.x for testing purposes and all works well and sees each other, but everything also has internet access.

if i put the BI machine on a seperate subnet to see the cameras, but need to update the software or remote in to it, do i need a dual NIC with connection to the main network?

 

[SouthernYankee]

It can be simpler than that.
1) You have an ASUS router use the parental controls in the router to block the cameras for the internet, using there MAC address.
2) set up a openVPN, again using the ASUS router to allow secure access to the BI machine, there is no real need to block the BI machine from the internet.
3) set up on the BI machine as an NTP time server, to provide time to the cameras, use nettime NetTime - Network Time Synchronization Tool

 

[fixxxer0]

Oh that sounds so much easier, glad I posted the question.

 

[bp2008]

Make sure UPnP is off in the Asus router, otherwise new cameras you install will open ports to themselves and if you are very unlucky they will get hacked before you get their internet access blocked.

 

[fixxxer0]

Make sure UPnP is off in the Asus router, otherwise new cameras you install will open ports to themselves and if you are very unlucky they will get hacked before you get their internet access blocked.

thanks thats a good tip for all. i always disable upnp when setting up a router.

 

[58chev]

Make sure UPnP is off in the Asus router, otherwise new cameras you install will open ports to themselves and if you are very unlucky they will get hacked before you get their internet access blocked.

Also make sure UPnP is turned off on your cameras.

 

[fixxxer0]

I set everything up it was extremely easy works great

I remember now the reason why I had all these options turned off in the first place on the ASUS router... When you enable the settings like parental control and VPN they collect and mine all your data. I'm really not a fan of that.

Going to look at some other options that involve not using these built in settings on the router.

 

[samplenhold]

When you enable the settings like parental control and VPN they collect and mine all your data

What exactly do you mean by that? "...mine all your data"? Please explain what happens. Is ASUS copying your hard drives and sending the data somewhere?

 

[SouthernYankee]

What do you mean mine all data... Never seen a report on this.

 

[fixxxer0]

What do you mean mine all data... Never seen a report on this.

Read the privacy statement you have to agree to when you enable it. They also share with trendmicro.

Discussed here.

384.6 Now sharing data to Trend Micro?

 

[fixxxer0]

What exactly do you mean by that? "...mine all your data"? Please explain what happens. Is ASUS copying your hard drives and sending the data somewhere?

Haha no no nothing that crazy.

But they are gathering sites you are connecting to, configs, Mac addresses, ect...

 

[SouthernYankee]

How are they doing that. I do not see data Being sent the Asus. Please provided detailed proof of you comment or delete your false post.

 

[fixxxer0]

"Certain features available in Trend Micro products collect and send feedback regarding product usage and detection information to Trend Micro. Some of this data is considered personal in certain jurisdictions and under certain regulations. If you do not want Trend Micro to collect personal data, you must ensure that you disable the related features."


You can read about the items shared in that thread I linked, and the whole EULA and privacy discolisures, and see if it's of any concern to you personally.

I don't have any "proof" of how they collect data, aside from their admission that they do when you enable the settings in the newer firmwares.