Discussion in 'Blue Iris' started by DLONG2, Aug 27, 2017.
Here is what I have:
Otherwise, your VPN allows you to connect to the home network, to other devices, and when you google your IP address from your mobile while in VPN, it will show the WAN address from your ISP?
In the Unifi controller, on the dashboard, you have the VPN widget running, and it will show 1 active tunnel when you VPN?
In the Unifi Services/Server, you've enabled the Radius Server. In the Services/Users, what did you enter for each user's VLAN?
In Blue Iris , in the Options/Web Server/Advanced, you 'require from all connections: Use a secure session keys and login page' and you don't limit IP addresses (left blank)?
I can connect to my LAN via VPN and I get an IP address of 192.168.60.1 - I am using my iPhone and haven’t tried or even know how to reach other devices on my LAN.
Widget shows 0 active tunnel. iPhone shows VPN.
VLAN box is blank in Services/Users.
I appreciate the help. This VPN configuration is difficult for me. Thanks.
When you navigate to this website while on VPN, the IP shown is the same as your ISP WAN IP, yes?
What Is My IP? Shows your real IP - IPv4 - IPv6 - WhatIsMyIP.com®
Or, go to bing.com, and in the search bar, enter in "what is my ip" and hit enter. If it shows the WAN address then you are in your own local network.
I don't have a cloud key, but only use software to run the Unifi controller, so I am unfamiliar with that aspect of the dashboard, or how an iPad would be any different than a webpage. But on my PC where the software controller is running, my dashboard looks different than yours. When I VPN in, I see a tunnel increment. Your dashboard is showing 0, so I am wondering whether your VPN is really connecting or not.
Look for the 'Network Analyzer' app in the iTunes store, by Techet. They have a free and a paid version, and will allow you to ping IPs, show network devices, etc. Might help out.
Also, it never hurts to reboot the iPhone, and maybe stop and restart the Unifi controller.
My IP when connecting VPN is NOT my WAN IP so this may be the problem. I will look into it tomorrow.
Again, thanks for your help.
In your BI-VPN group add your WAN address.
Also check the WAN LOCAL and make sure the rules 3003-3006 are there. They should have been added automatically when you created the Remote User VPN network.
Thanks, Bob. I had overlooked the need for the WAN IP in the BI-VPN group. Good catch.
Hey, everything I know came from you!
Making progress, just not there yet. Now getting a tunnel.
From your phone with the VPN turned on open your browser and try the “what’s my ip”. You should get the wan address of your system.
I’m getting the IP of T-Mobile, not my WAN.
The iPhone's VPN has?:
Server: (WAN address)
Account: (Name of user set up in the Services/User)
RSA SecurID: Off
Password: (User password as set up in the Services/User)
Secret: (Secret as set up in the Services/Server)
Send All Traffic: On
The Services/Server has?:
Secret: (filled in)
Authentication Port: 1812
Accounting Port: 1813
Account Interim Interval: 600
Tunnelled Reply: Off
Send all traffic was off. Success!
Thanks both of you for all your help!
Really do appreciate the help. I have no port forwarding enabled and all apps that need to “talk” to home work with the VPN.
Does anyone know how to start the VPN after the iPhone reboots?
Scroll down in settings and you will see VPN, just toggle it on or off.
Glad to hear you got it all to work.
With the help of @DLONG2 and @bob2701, I was able to create a working VPN to our home network using UniFi equipment. Using the native iOS VPN wasn’t working for us - it would disconnect at times and then stay disconnected until a manual reconnect. I wanted an always on VPN so it would be transparent to my wife. After all, WAF is important.
I went hunting on the UniFi forums and found a piece of software from here:
This allowed me to set an always on VPN connection to our home network. If it disconnects, it will immediately reconnect.
We’ve only been using it for a couple of days so I don’t yet know if there are any downsides. I can say that PHLocation and Blue Iris work as expected.
And, it is comforting to know we have no port forwarding.
@DLONG2, are you an HS3 user?
Separate names with a comma.