Blue Iris setup using Tailscale or similar

[nutshellml]

Hi All, running Windows 10 on dedicated PC for Blue Iris and have tailscale on my phone and PC. I'm wondering if someone can help explain or advise on what should set for the below on Blue Iris and also on my iPhone app for Blue iris.

LAN http:
WAN http:

When I set the LAN to the Tailscale IP (ie. 100.xx.xxx.xx:81) it works without issues. Do i need to worry about the WAN?

Also - is there a way to provide access to say the babysitter when she comes to view the cameras or say someone else that doesn't have tailscale to view the cameras temporarily? Does that make sense? I'm thinking probably not since tailscale provides VPN, but trying to figure out a solution for allowing temp access to someone without them having to download Tailscale.

Any advice is appreciated.

 

[samplenhold]

I access my BI setup remotely two different ways, using the iPhone BI app and using UI3 from a laptop in my RV. I was originally using Tailscale for both, but had issues not consistently connecting the iPhone app, so I ended up using ZeroTier for that. I still use Tailscale for the laptop access in my RV.

So I can't answer your LAN/WAN question. But as far as providing access for a babysitter, if you give her LAN access (like WIFI access), then she could use either the iPhone app or UI3 on her smartphone. No need to use Tailscale from your LAN.

 

[NoProblems]

Hi All, running Windows 10 on dedicated PC for Blue Iris and have tailscale on my phone and PC. I'm wondering if someone can help explain or advise on what should set for the below on Blue Iris and also on my iPhone app for Blue iris.

LAN http:
WAN http:

When I set the LAN to the Tailscale IP (ie. 100.xx.xxx.xx:81) it works without issues. Do i need to worry about the WAN?

Also - is there a way to provide access to say the babysitter when she comes to view the cameras or say someone else that doesn't have tailscale to view the cameras temporarily? Does that make sense? I'm thinking probably not since tailscale provides VPN, but trying to figure out a solution for allowing temp access to someone without them having to download Tailscale.

Any advice is appreciated.

Once you grant access via Tailscale, the person, like your babysitter, will have the same access to your local network as if they were on your LAN, even from outside your home. Tailscale simply provides full network access without the need to change anything in Blue Iris. All you need to do is use the Tailscale-provided IP (100.xx.x.x.x.1). on the app or browser without opening and ports just make sure make sure you have allow local network acess checked

 

[nutshellml]

Once you grant access via Tailscale, the person, like your babysitter, will have the same access to your local network as if they were on your LAN, even from outside your home. Tailscale simply provides full network access without the need to change anything in Blue Iris. All you need to do is use the Tailscale-provided IP (100.xx.x.x.x.1). on the app or browser without open and ports

that’s the thing. I don’t want to have babysitter or guest download Tailscale. Set it up etc. if Tailscale is constantly running on my BI PC, is it still possible for remote/temp access for babysittter? I’m assuming not?

 

[NoProblems]

that’s the thing. I don’t want to have babysitter or guest download Tailscale. Set it up etc. if Tailscale is constantly running on my BI PC, is it still possible for remote/temp access for babysittter? I’m assuming not?

I would forget tailscale . and just open port 81 and create a temp username and passwrd in BI and give it to the babysittertehn just change the password each time baby090524 (babydate)

 

[samplenhold]

Or give her access to a guest account WIFI. Only turn it on when she is there.

 

[nutshellml]

I would forget tailscale . and just open port 81 and create a temp username and passwrd in BI and give it to the babysittertehn just change the password each time baby090524 (babydate)

I was hoping to not open/forward Ports , hence using tailscale for more security. But i guess that will prohibit me giving temporary access to someone unless they use tailscale.

 

[samplenhold]

You don't need to 'open' ports. Just use UI3 from your LAN. Give her WIFI access from a guest WIFI account and a guest BI account. Turn off the guest WIFI account when she is not there. If you are really worried, turn off the guest BI account when she is not there.

 

[samplenhold]

Or set up a cheap tablet for UI3 that stays in your home. Many of us have them positioned around the home for viewing cam groups. Set it up in kiosk mode.

 

[nutshellml]

You don't need to 'open' ports. Just use UI3 from your LAN. Give her WIFI access from a guest WIFI account and a guest BI account. Turn off the guest WIFI account when she is not there. If you are really worried, turn off the guest BI account when she is not there.

AHH OKAY.. I was saying I didn't want to open/forward ports so I switched to Tailscale, if i didn't use tailscale or nothing, i would have to open/forward port for BI to work from the outside, correct?

And not using tailscale - home LAN/Network, she basically just connects the way you said but that won't work IF I use tailscale , correct?)

 

[samplenhold]

Tailscale is a VPN that runs on your home LAN and allows a secure connection (tunnel) to your home LAN from outside your LAN. Tailscale running will NOT stop a local connection. So while I have Taliscale running on my BI PC, it has no impact on any local connections. So my office PC (in my home office) can connect to BI using UI3 locally. My iPad that is on my home WIFI can connect to BI via UI3 also. Neither of these use Tailscale.

 

[samplenhold]

if i didn't use tailscale or nothing, i would have to open/forward port for BI to work from the outside, correct?

that is correct. Especially the part 'or nothing', like openvpn or some other VPN.

 

[wittaj]

You are mixing up two different things.

If she is on your wifi, with UI3 she can access the cameras and when she is away from your house, she will not be able to.

If you give her Tailscale, then she can see your house when not at your house, unless you limit the hours that username can be accessing.

Or as someone said, just get a cheap tablet to run UI3 on that they can use.

 

[Pentagano]

I use twingate - find it far easier than tailscale. Also openvpn so have 2 options.

 

[nutshellml]

Tailscale is a VPN that runs on your home LAN and allows a secure connection (tunnel) to your home LAN from outside your LAN. Tailscale running will NOT stop a local connection. So while I have Taliscale running on my BI PC, it has no impact on any local connections. So my office PC (in my home office) can connect to BI using UI3 locally. My iPad that is on my home WIFI can connect to BI via UI3 also. Neither of these use Tailscale.

Circling back on this - I think i'm missing something or this is wrong.. So I have Tailscale setup on my BLUEIRIS machine, the Web Server > Local LAN Address is 100.xx.xxx.xx:8081 (tailscale) the Remote is my external IP 72.XX.XX.XX. But it does affect local connections, so to my original question if i have a Guest (babysitter) and she does NOT have Tailscale but is on my my WiFi be in guest or not, she's not able to access BI via the UI. Since I believe BI is listening on the 100.xx.xxx.xx IP for local connection...

So if i try to change the "Remote external IP" it doesn't save. I was thinking to set the Local/LAN IP to my regular 192.168.1.xxx and the Remote External IP to the Tailscale, but it doesn't work either. I think i'm messing something up...

I have a feeling I can't do it the way I was thinking (above). If I want to enable local LAN/wifi access to someone that DOES NOT have Tailscale, I'll have to go into Blue Iris and change the Local LAN IP to 192.168.x.XXX, correct? No easy way to give user access.. Except as mentioned above - cheap tablet that just has TailScale and would give that to babysitter when at house...

 

[Pentagano]

I highly recommend twingate. Tried the others pain to set up.
Twingate is awesome imho
No ports open. Easy to add new resources on your lan etc

 

[Flintstone61]

if all else fails let her view the console view of BI PC? that's in the house.

 

[nutshellml]

if all else fails let her view the console view of BI PC? that's in the house.

That won't work, the PC is in the basement... I think cheap tablet would be best option...

 

[Cam-man28]

Hi All, running Windows 10 on dedicated PC for Blue Iris and have tailscale on my phone and PC. I'm wondering if someone can help explain or advise on what should set for the below on Blue Iris and also on my iPhone app for Blue iris.

LAN http:
WAN http:

When I set the LAN to the Tailscale IP (ie. 100.xx.xxx.xx:81) it works without issues. Do i need to worry about the WAN?

Also - is there a way to provide access to say the babysitter when she comes to view the cameras or say someone else that doesn't have tailscale to view the cameras temporarily? Does that make sense? I'm thinking probably not since tailscale provides VPN, but trying to figure out a solution for allowing temp access to someone without them having to download Tailscale.

Any advice is appreciated.

I've recently setup BI with tailscale. Unless I'm mistaken, this is my understanding:

1. Unless you setup port forwarding or you don't have a firewall on your router, accessing BI from outside (WAN) will not work.
2. Unless you select "bind exclusively" under LAN, you should be able to access BI from your LAN/Wifi IP and your 10.x.x.x tailscale address

Make sure you turn off "bind exclusively" if you want to be able to access BI from both tailscale and local LAN IP's.