BI, VPN and Unifi USG
- Thread starter DLONG2
- Start date
I didn't say this, but I am now attempting this via Wifi, through a Unifi AP. So my laptop is:
Laptop -> Unifi AP -> unifi Switch -> USG
Laptop -> Unifi AP -> unifi Switch -> USG
- May 17, 2017
- 772
- 461
In the switch, I would configure any port using BI or cameras to the seprate VLAN, rather than using the default 'All' networks. Then use firewall rules to allow or deny traffic. Please take a look at my post #13 in this thread regarding VPN access to BI.
- May 17, 2017
- 772
- 461
As long as the WiFi is on the same corporate LAN then it ought not matter. If you choose to use WiFi cameras then I would suggest building a wireless network using the same IPCAM VLAN number for those.
I got this working, thanks for your help. I can now access across VLANs is all set. Blocking internet all set.
Do I need to block IP cameras from seeing my LAN now? I want to RDP blue Iris for configuration. I'd also like to be able to view blue Iris streams on wifi devices. How do I accomplish both without breaking the blue Iris part which is working currently?
Do I need to block IP cameras from seeing my LAN now? I want to RDP blue Iris for configuration. I'd also like to be able to view blue Iris streams on wifi devices. How do I accomplish both without breaking the blue Iris part which is working currently?
- May 17, 2017
- 772
- 461
For RDC, I created a group of IPs for the PCs, and then added a rule to allow all PCs to reach each other across the VLANs.
Likewise, you can allow any WiFi device to view, say, the UI3.htm from BI by the use of the same rules. With that rule, I can watch the cameras from any smart TV in the home which has a built-in browser.
For IP cameras, they should only be able to reach the BI machine. Build two new groups; one group is the camera/BI VLAN, the other group is all other VLANs you might have. Then in the LAN IN rules, add a new rule to block all traffic from the camera VLAN to the other VLANs, and set it lower in priority to any rule which allows specific devices to cross the VLAN divide.
NickTheGreat
Pulling my weight
So I posted in another thread here about it, but i updated my phone a month or so ago and found out that Android no longer supports the type of VPN that Unifi uses, L2TP. Sounds like this change happened a while ago, but things were grandfathered in.
I can't believe Unifi/Blue Iris would no longer work for half of us out there, so I'm guessing I'm operator error on my end.
Any Android 8.0, Unifi VPN users out there with a quick and easy fix for me?
I can't believe Unifi/Blue Iris would no longer work for half of us out there, so I'm guessing I'm operator error on my end.
Any Android 8.0, Unifi VPN users out there with a quick and easy fix for me?
NickTheGreat
Pulling my weight
- May 17, 2017
- 772
- 461
Hi Nick,
I noticed that my Android (via T-Mobile) had started to warn me a while ago that the VPN connection I use from UniFi is not secure. It is an annoying message, but in my case I can still connect okay.
NickTheGreat
Pulling my weight
Yeah I had that too, but now with my new phone it just simply doesn't allow that type of connection.
NickTheGreat
Pulling my weight
Just a follow up, nearly a year later . . .
I was never able to get anywhere with the Unifi and Android disagreement over VPN's. I ended up going the Tailscale route, by following this video
I am having to use the Blueiris app, and I can't do anything else VPN-wise on my network. But I am able to see my cameras remotely, which was my real goal.
I was never able to get anywhere with the Unifi and Android disagreement over VPN's. I ended up going the Tailscale route, by following this video
I am having to use the Blueiris app, and I can't do anything else VPN-wise on my network. But I am able to see my cameras remotely, which was my real goal.