Can't access cameras behind Private Internet Access VPN

[105437]

Tonight, I configured Private Internet Access VPN as a test and now I cannot access my IP cameras from the WAN. However, I still can access via my LAN.

I'm running PIA configured on my DD-WRT firmware-based router so all traffic leaving my LAN goes through the VPN. Is there anything I can do within the BlueIris config or VPN Client config to remedy this?


Thanks!

 

[fenderman]

Tonight, I configured Private Internet Access VPN as a test and now I cannot access my IP cameras from the WAN. However, I still can access via my LAN.

I'm running PIA configured on my DD-WRT firmware-based router so all traffic leaving my LAN goes through the VPN. Is there anything I can do within the BlueIris config or VPN Client config to remedy this?


Thanks!

Services like pia, is not the type of vpn you want. PIA is designed to keep your browsing anonymous. You may be able to let your phone connection if they let you adjust the firewall.
All you need is a secure vpn that connects your mobile device to your network.

 

[nayr]

Yeah your doing it wrong... you need to setup a VPN Server on your DD-WRT Router, then connect to that.. that will drop your remote device onto your LAN with a nice secure connection.

Private VPN only exists to hide your IP address, for example so you can watch Netflix from a country that it does not cover well.. it does not provide you remote access to your LAN, your using it to get remote access to someone else's network.

 

[105437]

Thanks for the replies! Actually my intent is to use PIA because I like the idea of encrypted traffic. I was able to see my cameras from any WAN connection before I enabled PIA so I'm really just hoping to get encrypted traffic while still being able to see my cameras. I'm currently investigating Policy Based Routing for the VPN config in DD-WRT. Seems there may be some possibilities there but I haven't gotten very far yet.

 

[fenderman]

Thanks for the replies! Actually my intent is to use PIA because I like the idea of encrypted traffic. I was able to see my cameras from any WAN connection before I enabled PIA so I'm really just hoping to get encrypted traffic while still being able to see my cameras. I'm currently investigating Policy Based Routing for the VPN config in DD-WRT. Seems there may be some possibilities there but I haven't gotten very far yet.

You dont need pia to encrypt your traffic...setting up a proper vpn as nayr suggested will do the trick.

 

[105437]

You dont need pia to encrypt your traffic...setting up a proper vpn as nayr suggested will do the trick.

Thanks @fenderman... I'm concerned with encrypting traffic from all devices in my home out to the internet so my assumption was that I needed VPN Client instead of Server for this.

 

[fenderman]

Thanks @fenderman... I'm concerned with encrypted traffic from all devices in my home out to the internet so my assumption was that I needed VPN Client instead of Server for this.

whats the concern?

 

[105437]

whats the concern?

A lot of e-commerce ordering inventory from all over the world from different vendors. We run a business from home.

 

[fenderman]

A lot of e-commerce ordering inventory from all over the world from different vendors. We run a business from home.

I dont see how pia will help you. Maybe im missing it.

 

[105437]

I dont see how pia will help you. Maybe im missing it.

Admittedly not a network guru... Did a small amount of research which led me to believe PIA would encrypt outbound traffic and that sounded a bit more secure. This could be a rabbit hole. Seeing my cameras is more important so this could be a moot point. Thanks!

 

[fenderman]

Admittedly not a network guru... Did a small amount of research which led me to believe PIA would encrypt outbound traffic and that sounded a bit more secure. This could be a rabbit hole. Seeing my cameras is more important so this could be a moot point. Thanks!

Your traffic still has to go from their servers to the ultimate destination. Its not helping you at all.

 

[105437]

Your traffic still has to go from their servers to the ultimate destination. Its not helping you at all.

And that makes a lot of sense... probably time to punt this idea!

 

[chabon]

Although not the same as what you are doing (running PIA from router), I am successfully running PIA on my blueiris computer as a service. All I needed to do was select the correct interface (local NIC) on the Options-Web Server setup page of blueiris. Can still run Private Internet Access from my computer and still access it remotely with Blueiris app. This may help someone trying to do it this way. Had me stumped for a while until I found the setting.

 

[z_zk_z]

CHABON, Can you access BlueIRIS from WAN when PIA is running? What do you mean "select correct interface"? Isn't that section for local access only? Thanks for any reply...

 

[chabon]

Yes, can access Blueiris from WAN when PIA is running on computer running Blueiris. I dont think this will work if running PIA on your router. You need to select your lan card from the drop down list found under Options-Webserver as circled here in red. Of course you need to have your router port forwarding setup to redirect to your local lan card

 

[z_zk_z]

Thanks CHABON for the reply. The 192.168.1.8 belongs to the PC running the BlueIRIS software (it is automatically selected). I am using 65081 port instead of 81 and that port is forwarded in my router. My BlueIRIS Options-Web server page is similar to yours.
I noticed your PIA is connected to France (108.61.x.x). Is that correct? PIA tech support told me to use one of these PIA Gateways for port forwarding (available Gateways for Port Forwarding are: Netherlands, Switzerland, CA North York, CA Toronto, Romania, Sweden, France, and Germany.). NOTE; you would also see a port number listed (next to PIA assigned IP) when you connect to one of those gateways.
I am using a Verizon FIOS (USA) router. What is the brand name of your router?
My problem is that the BlueIRIS client software running on my cell phone can access my BlueIRIS server from WAN with PIA running (after selecting one of those gateways) but if I close the client software on my cell phone and try to run it again, I get an error from client software saying “Unable to Connect, Reason: unable to reach Server.” (Or it only works once). Thanks again…

 

[chabon]

I use a netgear router, the PIA connection I use is called 'Midwest' and I use cox cable. But I think I basically BYPASS PIA the way I do it. I use my remote client to connect to my cox ip address and the router forwards to the correct local NIC and port. I guess what I was saying is that you can keep PIA running and use it for privacy during browsing etc while Blueiris is running in background, will not interfere. The screen on BI shows the PIA address, but it is really connecting to the local forwarded port in my case.

I just tried connecting remotely using my PIA assigned IP address and can not connect through PIA. Maybe there is a way, but not sure how to do it. I think fenderman explained it pretty good in post #2. If you want to VPN into Blueiris there may be a way to set up an OpenVPN server on your system or some sort of VPN tunnel thru your router.

 

[nayr]

yeah your not using VPN to access BI, sounds like you basically but BI in a DMZ thats all.. and a pretty bad idea to boot.

 

[z_zk_z]

Thanks CHABON, got it working. As you mentioned, my ISP (Verizon FIOS) assigned WAN IP address still works when running PIA. Therefore, I am now using my FIOS IP in the BlueIRIS client running on my cell phone and it is working. The only disadvantage is that my "xyz.no-ip.org" points to the PIA assigned IP (and not FIOS assigned IP) when PIA is running, so I have to use numeric FIOS IP and I am good, as long as FIOS doesn’t change my IP (which doesn’t happen very often unless there is a power failure). Thanks again for taking time and replying to my post.