Camera system messes with work computer VPN

[JacobBrooks]

I can't seem to figure this out. I've had my Dahua system set up since last July. I run BI on a Dell computer with an 8 port POE+ unmanaged Netgear switch. For some reason, having the switch connected to the internet will sometimes mess with my work computer's VPN. But only with internal company sites that I need to access with a VPN. I can use the internet on my work computer just fine, with no issues. And all that I have to do to get everything to work is unplug my switch from my router and re-connect to my Wifi. Then, I can access those internal sites on VPN.

Any thoughts on what I can do to troubleshoot? Do I need a new switch?

 

[crw030]

Please provide a simple network diagram, but based on the description I wonder if your work VPN and local network are possibly the same subnet? Also please share the model of the Netgear POE switch, it might help us identify the problem if (for example) there is a dedicated uplink port on it.

Connect your work computer via WiFi and VPN and execute an ”IPCONFIG /all” in a CMD window (Use windows search, type CMD, click the program it finds) to observe your VPN IP address & subnet. You may have to scan through the lis to find the work one, since you will probably have a couple different networks On each NIC at that point.
CMD Prompt:

Then do the same on your Blue Iris computer (since it should be on your local LAN subnet).

Just post these bits from the results of IPCONFIG /ALL for both your wifi-adapter, and whichever network matches your companies DNS suffix or if you recognize your VPN software.

 

[Vinci]

I can't seem to figure this out. I've had my Dahua system set up since last July. I run BI on a Dell computer with an 8 port POE+ unmanaged Netgear switch. For some reason, having the switch connected to the internet will sometimes mess with my work computer's VPN. But only with internal company sites that I need to access with a VPN. I can use the internet on my work computer just fine, with no issues. And all that I have to do to get everything to work is unplug my switch from my router and re-connect to my Wifi. Then, I can access those internal sites on VPN.

Any thoughts on what I can do to troubleshoot? Do I need a new switch?

I am guessing that your local network and remote company network (via VPN) overlap IP address spaces (192.168.x.x, 10.x.x.x, etc.).

 

[IAmATeaf]

It sounds like you’ve got a simple routing issue so need to tell the device which leg to take when it needs to talk to your corporate servers.

 

[JacobBrooks]

Ok, so I've finally been able to crack this nut. It took forever because I just assumed that it was a case of overlapping IP addresses as most everyone expected. But it looks to be much stranger than that! I had to use a scanning app on my phone to be certain. Here's what's going on.

Normally my internal IP addresses are all of the type 10.x.x.x. All of my cameras are assigned IP addresses in this range and all of my other connected devices are assigned in this range. When I don't have any issues with my work's VPN server, the VPN also assigns an internal IP address of 10.x.x.x.

HOWEVER! Sometimes, and only when my BI computer is connected via the POE switch, it will assign everything an address of 192.168.x.x. And then when I connect to my work's VPN, the VPN internal IP is still 10.x.x.x. And that's where things break down and I can't access internal websites.

If I disconnect my BI computer from the switch and re-connect my computer wi-fi, then it switches back over to 10.x.x.x and everything works perfectly again.

What would causes my router to switch from 10.x.x.x to 192.168.x.x that would be specific to my BI computer, and how do I stop it?

 

[reflection]

Is your BI machine running a DHCP server? By any chance does your unmanaged POE switch run a DHCP server?

 

[JacobBrooks]

I don't think so. At least, if they are, I wouldn't know that I did it on purpose. Is there a way to check?

Is your BI machine running a DHCP server? By any chance does your unmanaged POE switch run a DHCP server?

 

[reflection]

I don't think so. At least, if they are, I wouldn't know that I did it on purpose. Is there a way to check?

Sure. If you have BI and the switch disconnected from your internet router (BI still plugged into your switch), and your PC is plugged into the switch, does your PC get a dynamic IP address (in the 192.168.x.x range)?

 

[JacobBrooks]

Sure. If you have BI and the switch disconnected from your internet router (BI still plugged into your switch), and your PC is plugged into the switch, does your PC get a dynamic IP address (in the 192.168.x.x range)?

Ack, sorry about the delay. Here's what I did:
1. Unplugged POE switch from the internet router (Blue Iris PC still connected to switch)
2. Disabled wifi on work computer and plugged in ethernet cable to switch

Also, of note is that this is after I bought a new switch. I was suspicious so I just bought and installed a TP Link 8 port POE+ switch.

checked IPconfig on work computer, and this is what I got. So it would seem like, yes? This is an issue with my BI PC trying to run a DHCP server? How do I stop it?

 

[Mike A.]

Is that from your BI server (at 192.168.30.12)?

If so, then it's showing the DHCP server at 192.168.30.1. Which would not be itself.

It's the same IP/device as your gateway. Which likely is your router unless you have some more complicated network set up there.

 

[JacobBrooks]

Is that from your BI server (at 192.168.30.12)?

If so, then it's showing the DHCP server at 192.168.30.1. Which would not be itself.

It's the same IP/device as your gateway. Which likely is your router unless you have some more complicated network set up there.

Sorry, should have been clear. This screenshot was from my work computer, plugged into the same POE switch as my BI computer, but having the POE switch disconnected from my internet router.

 

[Mike A.]

What is at 192.168.30.1?

What is the IP of your BI server?

What is the IP of your router?

192.168.30.1 is where it's looking for a DHCP server. Unless you have a static 192.168.30.12 address assigned to your work computer or it grabbed that address before say you unplugged your router, then it appears to be finding a working DHCP server at the .1 address.

 

[JacobBrooks]

So, here's some more details.

When I have this problem, I used an app called "Fing" to do a network scan. This is the weird part, though. At first, it said that 192.168.30.1 was my HP printer. So I turned my printer off. Then it said that 192.168.30.1 was my FireTV stick. So I have no idea.

On my BI machine, it says that my router is located at 10.0.0.1 and my BI machine has an IP of 10.0.0.70.

The crazy thing is that I can get on the internet on both at the same time! Right now I'm typing this on my work computer with an IP address of 192.168.30.11 which is using a DHCP server of 192.168.30.1. I can move over to my other desk and connect to the internet on my BI machine with an IP address of 10.0.0.70 with a DHCP server of 10.0.0.1.

Another thing. On my BI machine, I can connect to 10.0.0.1 and it brings up my router's login page. When I login, I can see my work computer's MAC address. On my work computer, if I try to connect to 192.168.30.1, I get nothing but a timeout.

Now, I can fix all of this my simply disconnecting my BI machine/POE switch from the internet and forcing my work computer to reconnect to Wifi. Then I plug my BI machine/POE switch back into the internet. Now my work computer has IP address 10.0.0.202 and life is good.

 

[concord]

You don't give specifics on your router, in any case, I'd use a process of elimination...

First, log into your router. Check the IP address you have it set at (i.e. 10.0.0.1), then check the DHCP range you have on the router (i.e. 10.0.0.2/24 or 10.0.0.2 - 10.0.0.254).

Second, turn off your Desktop and laptop; plug your Desktop and laptop into the router, unplug switch from router (eliminate your switch), boot both systems, are your IP addresses in the same range? If not, check to see if your Desktop is running it's own DHCP server.

Third, if both have the same IP address range, then shut down computers, unplug AC from switch, remove cams from switch, plug switch into router, plug desktop and laptop into switch, plug AC into switch, turn on Desktop and laptop. Do you have the same IP address range?

If ok, then unplug ethernet cable from laptop and let it get an IP address from the wireless card, is it the same IP address range?

Good luck.

 

[JacobBrooks]

Ok, I'm convinced that it's my BI PC. Here's what I did:

1. Disconnected BI PC from POE switch
2. Turned off work laptop wifi - checked that it was also disconnected from POE switch
3. Plugged CAT6 cable directly from BI PC into work laptop ethernet port
4. On work laptop, ran cmd and ipconfig /all


My work laptop was assigned the IP 192.168.30.11 and using a DHCP server of 192.168.30.1, which is the same problem that I've been having.

So it seems that sometimes my work laptop is getting an IP address from my BI PC. How do I turn this off on my BI PC, in Windows 10?

 

[concord]

I was thinking in Windows Server terms, I don't think Win 10 has DHCP server, but you can check by bringing up the task manager and select Services. Look for DHCP Server in the list (DHCP Client should be there and running).

Check your network adapters on both computers (right-mouse button on the network icon in lower-right of screen, select Open network &..., Ethernet, Change adapter Settings. Right-mouse button on Ethernet adapter, check settings (should look something like below). Also look at the Wireless adapter too.





Advanced...

 

[c hris527]

If you are saying you had your laptop connected direct to the BI Computer and NO other network devices were connected, and your laptop pulled a IP address from your BI machine, then you are or might be running third party software that is doing this, I would check your services and see whats going on there. Can you confirm this with a second device, just your poe switch, laptop and BI Machine? If another device picks up a Ip in the 192.168.X.X range then its your BI machine running 3rd party software that is doing this. Check the partitions on that BI Machine and make sure some rogue OS is not operating in one of them. Check the network protocols that are enabled in the BI computer.
Also make sure you do not have Internet sharing enabled on that BI Machine, that one is a shot in the dark but you never know. If for some reason you were using it before on a 192.168.x.x network and never disabled it, you just might be getting the results you see now. Check your services and make sure its not running.

 

[JacobBrooks]

Yes, I had my laptop connected directly to BI computer and no other network devices were connected. I checked with another personal laptop and I confirmed that I get an IP address assisgment but it is in the range 169.254.x.x. So I'm not sure what's going on there.

How do I check my partitions for rogue OS or other nefarious things?

 

[concord]

169.254.xxx.xxx is a default private network range, basically if that shows up on a Windows machine, it means it didn't connect to any network.

EDIT: Found a link that explains it more: How to Fix 169.254.X.X - "Invalid IP Config" Issue on Windows - Appuals.com

 

[c hris527]

Concord is correct, the second client did NOT pick up a ip address from your windows machine, that is the IP address windows machine defaults to when no dhcp server is found on the network. Just make sure ICS (Internet Connection service) is NOT running in services on your B.I. server. If it is then disable it.


If you want to make sure no Malware is running, you could download Malwarebytes or Hitman pro and run the trial version, If you have something going on it will find it.