Blue Iris and double NIC setup

Switchgear

n3wb
Joined
Jan 7, 2020
Messages
18
Reaction score
0
Location
Ky
Hello all, I’ve been scoping out this place after I bought the Speco NVR that’s on sale at B&H and some discountinued Dahua 1.3MP cameras. I couldn’t power those cameras up from the POE switch included on the NVR. The only way I got the cameras to actually work was using a separate power supply and an old mono price switch I had laying around. I wasn’t fond of this setup so I shipped it all back and started reading here.

I’ve contacted Andy about a NVR and some cameras. If I did that setup I would have to buy a POE switch and put that setup on a VLAN to keep my network safe and keep the cameras isolated correct? I’ve never set up a VLAN before but it doesn’t scare me to dive into it if I have to.

My other option that I’ve been thinking about more and more is going with Blue Iris. I probably will only order one or two cameras to get me started so it sounds like blue iris is setup to handle just about any camera I would want in the future when I’m ready to order more.

I also like the idea of two NIC cards in the blue iris PC but I want to be clear on how it works. If my POE switch with the cameras are on the second NIC card does that keep the cameras from “phoning home.”

My thinking here is that the cameras can only can talk to the pc, and the pc of course has its own firewall to keep attacks and security at bay. Will the double NIC card setup still keep my network secure and keep the cameras from using network resources? If I want to use the blue iris app to veiw remotely and get alerts does it still work in this setup and securely?

Also can I set blue iris to only send notifications when someone gets into a trip wire zone. I’m assuming everyone’s camera records 24/7 but they only get alerts and notifications on a designated area that has been crossed? Thanks for your time.
 
Last edited:

mlapaglia

Getting comfortable
Joined
Apr 6, 2016
Messages
849
Reaction score
506
Can you put some carriage returns in your wall of text, you'll get more replies. If you keep your PoE switch disconnected from the internet and have a server with access to both the PoE switch and your regular switch that will isolate the cameras from the internet.
 

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
5,170
Reaction score
5,320
Location
Houston Tx
:welcome:
--------------------------------------
I run two NICs on my BI PC. One nic connects to to home network which connects to the Router, modem and internet. The other nic connects to a switch with connects to the cameras. The cameras do not have access to the internet. The only device that has access to the cameras is the BI PC.The BI PC will not route traffic.

The home network uses 192.168.1.x
The camera network uses 192. 168.2.x all address on this network are static.
The BI PC has two static network addresses as it is on two different networks.

Go slow setting you your system.
read,study,plan before spending money.

-----------------------------------
My standard welcome to the forum message.

Please read the IP Cam Talk Cliff Notes and other items in the IP Cam Talk Wiki. The wiki is in the blue bar at the top of the page.

Read How to Secure Your Network (Don't Get Hacked!) in the wiki also.

Quick start
1) If you do not have a wired monitored alarm system, get that first
2) Use Dahua starlight cameras or Hikvision darkfighter cameras if you need good low light cameras.
3) use a VPN to access home network (openVPN)
4) Do not use wifi cameras.
5) Do not use cloud storage
6) Do Not use uPNP, P2P, QR, do not open ports,
7) More megapixel is not necessarily better.
8) Avoid chinese hacked cameras (most ebay, amazon, aliexpress cameras(not all, but most))
9) Do not use reolink, ring, nest, Arlo cameras (they are junk), no cloud cameras
10) If possible use a turret camera , bullet collect spiders, dome collect dirt and reflect light (IR)
11) Use only solid copper, AWG 23 or 24 ethernet wire. , no CCA (Copper Clad Aluminum)
12) use a test mount to verify the camera mount location. My test rig: rev.2
13) (Looney2ns)If you want to be able to ID faces, don't mount cams higher than 8ft. You want to know who did it, not just what happened.
14) Use a router that has openVPN built in (Most ASUS, Some NetGear....)
15) camera placement use the calculator... IPVM Camera Calculator V3
16) POE list PoE Switch Suggestion List


Cameras to look at
IPC-T5442TM-AS-LED Review IPC-T5442TM-AS-LED (Full Color, Starlight+) - 4MP starlight
IPC-T5442TM-AS Review-OEM 4mp AI Cam IPC-T5442TM-AS Starlight+ - 4MP starlight+
IPC-T2347G-LU Review of the Hikvision OEM model IPC-T2347G-LU 'ColorVu' IP CCTV camera. (DS-2CD2347G1-LU)
IPC-HDW2231R-ZS Review-Dahua IPC-HDW2231RP-ZS Starlight Camera-Varifocal
IPC-HDW2231T-ZS-S2 Review-OEM IPC-T2231T-ZS 2mp Varifocal Starlight Camera
IPC-HDW5231R-ZE Review-Dahua Starlight IPC-HDW5231R-ZE 800 meter capable ePOE
IPC-HFW4239T-ASE IPC-HFW4239T-ASE
IPCT-HDW5431RE-I Review - IP Cam Talk 4 MP IR Fixed Turret Network Camera
DS-2CD2325FWD-I
N22AL12 New Dahua N22AL12 Budget Cam w/Starlight -- low cost entry

Other dahua 4MP starlight Dahua 4MP Starlight Lineup

My preferred indoor cameras
DS-2CD2442FWD-IW
IPC-K35A Review-Dahua IPC-K35A 3mp Cube Camera

If interested in Blue Iris and other setup items see the following post

Camera Sensor size info Sensor Size Chart Generally bigger is better

Before asking a question search the forum first...
The best way to search the forum is to use Google Advance search
set site or domain to ipcamtalk.com

Read,study,plan before spending money ..... plan plan plan
Test do not guess
 

Switchgear

n3wb
Joined
Jan 7, 2020
Messages
18
Reaction score
0
Location
Ky
Can you put some carriage returns in your wall of text, you'll get more replies. If you keep your PoE switch disconnected from the internet and have a server with access to both the PoE switch and your regular switch that will isolate the cameras from the internet.
Sorry about that. I quickly posted that on my phone on the way out of the door.
 

Switchgear

n3wb
Joined
Jan 7, 2020
Messages
18
Reaction score
0
Location
Ky
:welcome:
--------------------------------------
I run two NICs on my BI PC. One nic connects to to home network which connects to the Router, modem and internet. The other nic connects to a switch with connects to the cameras. The cameras do not have access to the internet. The only device that has access to the cameras is the BI PC.The BI PC will not route traffic.

The home network uses 192.168.1.x
The camera network uses 192. 168.2.x all address on this network are static.
The BI PC has two static network addresses as it is on two different networks.

Go slow setting you your system.
read,study,plan before spending money.

-----------------------------------
My standard welcome to the forum message.

Please read the IP Cam Talk Cliff Notes and other items in the IP Cam Talk Wiki. The wiki is in the blue bar at the top of the page.

Read How to Secure Your Network (Don't Get Hacked!) in the wiki also.

Quick start
1) If you do not have a wired monitored alarm system, get that first
2) Use Dahua starlight cameras or Hikvision darkfighter cameras if you need good low light cameras.
3) use a VPN to access home network (openVPN)
4) Do not use wifi cameras.
5) Do not use cloud storage
6) Do Not use uPNP, P2P, QR, do not open ports,
7) More megapixel is not necessarily better.
8) Avoid chinese hacked cameras (most ebay, amazon, aliexpress cameras(not all, but most))
9) Do not use reolink, ring, nest, Arlo cameras (they are junk), no cloud cameras
10) If possible use a turret camera , bullet collect spiders, dome collect dirt and reflect light (IR)
11) Use only solid copper, AWG 23 or 24 ethernet wire. , no CCA (Copper Clad Aluminum)
12) use a test mount to verify the camera mount location. My test rig: rev.2
13) (Looney2ns)If you want to be able to ID faces, don't mount cams higher than 8ft. You want to know who did it, not just what happened.
14) Use a router that has openVPN built in (Most ASUS, Some NetGear....)
15) camera placement use the calculator... IPVM Camera Calculator V3
16) POE list PoE Switch Suggestion List


Cameras to look at
IPC-T5442TM-AS-LED Review IPC-T5442TM-AS-LED (Full Color, Starlight+) - 4MP starlight
IPC-T5442TM-AS Review-OEM 4mp AI Cam IPC-T5442TM-AS Starlight+ - 4MP starlight+
IPC-T2347G-LU Review of the Hikvision OEM model IPC-T2347G-LU 'ColorVu' IP CCTV camera. (DS-2CD2347G1-LU)
IPC-HDW2231R-ZS Review-Dahua IPC-HDW2231RP-ZS Starlight Camera-Varifocal
IPC-HDW2231T-ZS-S2 Review-OEM IPC-T2231T-ZS 2mp Varifocal Starlight Camera
IPC-HDW5231R-ZE Review-Dahua Starlight IPC-HDW5231R-ZE 800 meter capable ePOE
IPC-HFW4239T-ASE IPC-HFW4239T-ASE
IPCT-HDW5431RE-I Review - IP Cam Talk 4 MP IR Fixed Turret Network Camera
DS-2CD2325FWD-I
N22AL12 New Dahua N22AL12 Budget Cam w/Starlight -- low cost entry

Other dahua 4MP starlight Dahua 4MP Starlight Lineup

My preferred indoor cameras
DS-2CD2442FWD-IW
IPC-K35A Review-Dahua IPC-K35A 3mp Cube Camera

If interested in Blue Iris and other setup items see the following post

Camera Sensor size info Sensor Size Chart Generally bigger is better

Before asking a question search the forum first...
The best way to search the forum is to use Google Advance search
set site or domain to ipcamtalk.com

Read,study,plan before spending money ..... plan plan plan
Test do not guess
Thanks for all of the info. I did skim those posts back when I first started on this site, but I’ll probably have a better understanding if I go back though it now that I’ve done more research the last few weeks.

My main concern is a secure network and ease of use for the wife. I think push alerts and notifications to her phone, is what she rather have then logging into a VPN. Especially if I can setup an area that triggers the alerts and notifications.

I think I like the dual NIC setup from what I’ve read, but I’ll keep reading to make sure. The one post I did find on here was kind of a VLAN vs dual NIC that was helpful. I just never saw much about the remote viewing and notification aspect of comparing those setups.
 
Last edited:

Hammerhead786

Pulling my weight
Joined
Apr 23, 2018
Messages
248
Reaction score
165
Just my 2 cents. I use a HP Procurve 2620 POE switch which has been segregated into 3 vlans. My home network plugs into one vlan, the BI pc resides on one vlan and the cameras reside on their own vlan. I have inter-vlan routing set up on the switch so that the cameras and BI pc can talk to each other. There is an access list set up that prevents the cameras from sending traffic to anywhere other than the BI pc.

The BI pc has internet connectivity for BI updates and firmware updates for the cameras. I have OpenVPN server set up on my router. I have push notifications sent to my phone and when I'm not at home, I launch OpenVPN and then launch the BI mobile app. If I need to connect to the BI pc, I can do so using a remote desktop app. This allows me to access the cameras via the BI pc, should that be necessary. You can pick up the same POE switch for around $40 and up on eBay.

Connecting to the VPN only requires launching the app and sliding the toggle to connect. Easy peasy.
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,223
Reaction score
465
it sounds like you will benefit from following this:

a lot of what you are asking can be found there.

Dual NIC:
 

Switchgear

n3wb
Joined
Jan 7, 2020
Messages
18
Reaction score
0
Location
Ky
Just my 2 cents. I use a HP Procurve 2620 POE switch which has been segregated into 3 vlans. My home network plugs into one vlan, the BI pc resides on one vlan and the cameras reside on their own vlan. I have inter-vlan routing set up on the switch so that the cameras and BI pc can talk to each other. There is an access list set up that prevents the cameras from sending traffic to anywhere other than the BI pc.

The BI pc has internet connectivity for BI updates and firmware updates for the cameras. I have OpenVPN server set up on my router. I have push notifications sent to my phone and when I'm not at home, I launch OpenVPN and then launch the BI mobile app. If I need to connect to the BI pc, I can do so using a remote desktop app. This allows me to access the cameras via the BI pc, should that be necessary. You can pick up the same POE switch for around $40 and up on eBay.

Connecting to the VPN only requires launching the app and sliding the toggle to connect. Easy peasy.
I've looked at those, I've never managed a switch before but I can't image being much more difficult than a router. Is it a web log in or do I have to get software from HP?

The biggest drawback I might see is the noise. I built a network/media closet next to my living room when I remodeled my basement. It would be a tight squeeze to fit in there, but I didn't know how loud the fans would be.
 
Last edited:

Switchgear

n3wb
Joined
Jan 7, 2020
Messages
18
Reaction score
0
Location
Ky
it sounds like you will benefit from following this:

a lot of what you are asking can be found there.

Dual NIC:
Very nice, thank you. At first I was pretty close to buying a really cheap 4th gen I5 Optiplex, now I've been looking into the 6th gen used HPs and Dells because I want to be futureproof.

I'm sure that is overkill for the setup I'm going for. Ill probably start with one or two cameras, and I don't ever see having more than five. With all this research and browsing ebay I think I accidentally got my self into another hobby.
 
Last edited:

Hammerhead786

Pulling my weight
Joined
Apr 23, 2018
Messages
248
Reaction score
165
I've looked at those, I've never managed a switch before but I can't image being much more difficult than a router. Is it a web log in or do I have to get software from HP?

The biggest drawback I might see is the noise. I built a network/media closet next to my living room when I remodeled my basement. It would be a tight squeeze to fit in there, but I didn't know how loud the fans would be.
The switch does have a limited web interface, it also has a menu that runs from the command line. The greatest control comes from using the command line interface. If you're willing to learn, it's not overly difficult. My switch lives in the laundry room and I can only hear it when the laundry room door is open and even then it's not really that loud. so noise is not an issue for my overly sensitive ears.
 

Seyitan

n3wb
Joined
Jan 17, 2020
Messages
2
Reaction score
0
Location
Ile-ife
Hello all, I’ve been scoping out this place after I bought the Speco NVR that’s on sale at B&H and some discountinued Dahua 1.3MP cameras. I couldn’t power those cameras up from the POE switch included on the NVR. The only way I got the cameras to actually work was using a separate power supply and an old mono price switch I had laying around. I wasn’t fond of this setup so I shipped it all back and started reading here.

I’ve contacted Andy about a NVR and some cameras. If I did that setup I would have to buy a POE switch and put that setup on a VLAN to keep my network safe and keep the cameras isolated correct? I’ve never set up a VLAN before but it doesn’t scare me to dive into it if I have to.

My other option that I’ve been thinking about more and more is going with Blue Iris. I probably will only order one or two cameras to get me started so it sounds like blue iris is setup to handle just about any camera I would want in the future when I’m ready to order more.

I also like the idea of two NIC cards in the blue iris PC but I want to be clear on how it works. If my POE switch with the cameras are on the second NIC card does that keep the cameras from “phoning home.”

My thinking here is that the cameras can only can talk to the pc, and the pc of course has its own firewall to keep attacks and security at bay. Will the double NIC card setup still keep my network secure and keep the cameras from using network resources? If I want to use the blue iris app to veiw remotely and get alerts does it still work in this setup and securely?

Also can I set blue iris to only send notifications when someone gets into a trip wire zone. I’m assuming everyone’s camera records 24/7 but they only get alerts and notifications on a designated area that has been crossed? Thanks for your time.
Yes, you can do that, read it all on Plate recognizer
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,432
Reaction score
47,556
Location
USA
I continue to be amazed at all the wonderful information on this site! I have spent a ton of time on this site learning all I can.

Trying to decide on the VLAN or dual NIC route. It seems pretty consistent on the VLAN side of the debate that if you do that, you will then be able to use the phone apps after OpenVPN into system, the dual NIC seems to be different and maybe that comes down to personal preference - I have read where some say after they OpenVPN into their network they then remote in to the BI machine and others say the app works simply by OpenVPN into the network?
 
Last edited:

Hammerhead786

Pulling my weight
Joined
Apr 23, 2018
Messages
248
Reaction score
165
If you're using the app then you don't need to remote into the BI machine, however, if you're not using the app then you would need to remote into it. Using vlans, I have both options available to me as my cameras reside on one vlan and my BI machine on another. The cameras are only permitted to talk to the BI machine. If I need to access a camera directly via the web interface, I connect to the VPN and remote into the BI machine else I just use the app.
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,223
Reaction score
465
How I set it up:
->setup openvpn with asus router
-->download the openvpn file through asus router and upload it to your phone
--->load the openvpn file you just sent to your phone with the openvpn app on your phone
---->open the openvpn app and connect and then open your BI app or ui3 in browser on phone and it is like you are connected to your home network

This is very easy and secure so far.

I highlight it here and can really help:

IF I ever go the vlan route and get more experience I hope to create an easy to follow thread about it also. I find specific details are lacking sometimes and can be confusing. My threads are meant for the people looking at all of this for the first time.
 
Top