Jay Roman doesn't seem to understand what you are trying to accomplish here.
Side note, I can remote into my server with full tunnel but I lose the ability to access other webpages. Weird double NAT thing I haven't figured out yet. If I do split tunnel, I can still remote in and have full access to webpages.
That would have nothing to do with double NAT. I'm guessing maybe your VPN server configuration includes a line like
push "redirect-gateway def1"
but also is not actually configured to route traffic to VPN clients. See if that line is in your openvpn configuration and if it is there, remove it. Alternatively you could
instruct your client configuration to ignore it.
As for getting your VPN clients to talk to each other, I am not sure exactly what to do, but likely it does require specific VPN configuration. It may be helpful if you learn how to view and understand the routing table on your Windows machine and on your phone. I can point you in the right direction for Windows: Open a command prompt and enter the command
route print
. It will show you the routing table. You'll want to see your VPN subnet in the routing table, pointing at the correct interface.
As an example, this routing table, the line reading
10.8.0.0 255.255.255.0 On-link 10.8.0.2 259
says to access anything on the
10.8.0.0/24
subnet, the traffic must use the interface with IP address
10.8.0.2
which in this case is a VPN connection. So if I had
Blue Iris running on
10.8.0.3
and I tried to connect to it, this line would be matched in the routing table and the traffic would go out the VPN interface.
Your phone and Blue Iris server PC should have similar routes defined for the VPN. They probably already have this actually.
Your VPN server will also need to be configured to allow clients to communicate with each other. I haven't tried this before but it looks
pretty straightforward.