Dual NIC setup on your Blue Iris Machine

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,108
Reaction score
353
In making your system more secure this is a great option to eliminate your cameras calling home / connecting to the internet

This is a great place to start to setup a bit more secure network and learn more about IP/Subnets etc. before adding dual NICs:
Router Security - Subnets and IP addresses

You will need:
-2 NIC
-Blue Iris on a suitable computer - choose here:
Choosing Hardware for Blue Iris | IP Cam Talk
-POE switch

This setup is easy to setup once you know what you are doing.

Connect your POE into the second NIC on your computer.

Then go to:
-Control Panel:
->Network and sharing center -> Normally on left side menu you want to click 'change adapter settings'

RIGHT click on the NIC where the POE switch is connected:
->click properties

It will look like this on Windows 10:



->double click on the "Internet Protocol Version 4 (TCP/IPv4)" or click 'Properties' box AFTER you highlight "Internet Protocol Version 4 (TCP/IPv4)"

It will look like this:



------------------------------------------------
------------------------------------------------

After double clicking "Internet Protocol Version 4 (TCP/IPv4)"
:
Click the "Use the following IP address"

-enter the IP you want to use for your cams. Choose one that will not conflict with anything else like
"192.168.55.10"

Now you can make the cam IPs 192.168.55.xxx - the only number you cannot use is .10. Example of 4 cams would be:
"192.168.55.20"
"192.168.55.21"
"192.168.55.22"
"192.168.55.23"

Default gateway will be blank.

It will look like this:


------------------------------------------------
------------------------------------------------


My cameras are Dahua and I was able to access them through IE.

Follow steps below to get this to work so you can simply type 192.168.1.108 in IE.

-Add a similar IP to Dahua so it can log into IE. For example: '192.168.1.55' (you can use any number between 1-254 and not only .55 - just do not use .108 so it doesn't conflict with the Dahua IP).

It will look like this:

------------------------------------------------
------------------------------------------------


Now you are set - plug in each Dahua IP Cam and type 192.168.1.108 into IE - setup the password and change the IP to "192.168.55.20 / .21 / .22 / .23" and so on.

After you setup your password you will see the Dahua GUI - go to:
'settings' tab -> then go to Network -> TCP/IP

The gateway will be 'made-up' so it cannot connect to the internet on your Dahua. Please make sure your Default Gateway is the same IP as your cameras but use .254 so it doesn't conflict with any futures cameras you will add.

It will look like this:



------------------------------------------------
------------------------------------------------


Auto-detect in your cams on Blue Iris by using the 192.168.55.20/21/22 IP

This at first looks more intimidating than it is. Being a newbie and never seeing or knowing how this worked it was a bit confusing. Member @Mr_D remote connected and set this up in 5 minutes so I would like to give a thank you to his patience in helping me with this setup!

I hope this little DIY helps other newbies looking for a more security. I hope to get vlans, pfsense, vpn through router setup and I will try my best to explain my setup with steps in the future.

Setup will look like this:


-----For Wireless Cam Dual NIC setup-----

@SouthernYankee Quick Guide to Dual NIC with a wireless camera / Doorbell Camera.
Using a second NIC with a wireless camera is straight forward.
1) Get an access point, wire it to the switch that is on the second NIC, give it an IP address that is in the second NIC sub net range.
2) Set the access point to have a different SSID then your home WiFi, make sure that it is on a different channel than your home WiFi.
3) Configure the wireless camera to have an IP address in the second NIC sub net range.
4) Configure the wireless camera to have the same SSID and channel as the access point.

-----For Wireless Cam Dual NIC setup-----

There is a lot of questions after setting up a dual NIC - please refer to this thread to see more setup info on VPNs:
 
Last edited:

Mike46052

n3wb
Joined
Mar 29, 2018
Messages
14
Reaction score
4
This is very much appreciated. I was actually looking thru post trying to figure how to do this and trying to search google for a write up! Awesome!


Sent from my iPhone using Tapatalk
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,108
Reaction score
353
This is very much appreciated. I was actually looking thru post trying to figure how to do this and trying to search google for a write up! Awesome!


Sent from my iPhone using Tapatalk
I am happy you found this useful.

I hope to share more in the future.

Nice write up. Good screen shots. Well done. I have been using dual NIC for over a year. It is a simple security measure.
Maybe add the write up to the wiki, if it is not already there.
It means a lot coming from a Pro-IPCT Member so I appreciate it.
 

Cupofschmoe

Young grasshopper
Joined
Apr 13, 2017
Messages
82
Reaction score
17
I honestly, think this an easier alternative for those who are not network savvy like myself.
I've been trying to wrapmy head around subnetting and vlan's but dual NICs just seem easier to comprehend ATM.
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,108
Reaction score
353
I honestly, think this an easier alternative for those who are not network savvy like myself.
I've been trying to wrapmy head around subnetting and vlan's but dual NICs just seem easier to comprehend ATM.
Thanks. I appreciate it. This is better than nothing.

@catcamstaris very good at creating a more secure setup and when I have time I will be trying some of his suggestions and sharing them.
 

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
2,944
Reaction score
1,900
Location
Houston Tx
To use wireless on a second NIC setup

Using a second NIC with a wireless camera is straight forward.
1) Get an access point, wire it to the switch that is on the second NIC, give it an IP address that is in the second nic sub net range.
2) set the access point to have a different SSID then your home wifi, make sure that it is on a different channel than your than your home wifi.
3) configure the wireless camera to have an IP address in the second nic sub net range.
4) configure the wireless camera to have the same SSID and channel as the access point.

Note: I do not recommend wireless for security cameras, it is generally a bad idea
 

dean83

n3wb
Joined
Jan 14, 2020
Messages
1
Reaction score
0
Thank you for this detailed post. I was trying to do the same thing but IP work is fairly difficult for me to wrap my head around the thoery side. This worked like a charm and now my router is not handling all that data traffic and is now direct to my blue iris PC.
 

nowandthen

Getting comfortable
Joined
Oct 11, 2014
Messages
158
Reaction score
29
Last edited:

mikeynags

Getting comfortable
Joined
Mar 14, 2017
Messages
481
Reaction score
287
Location
CT
either would be fine - you just need 2 ethernet ports
 

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
2,944
Reaction score
1,900
Location
Houston Tx
I added a $14.00 PCIe x1 nic card for the second network. Very easy to set up on a PC. Nothing special about the card.
 
Joined
Jan 25, 2020
Messages
1
Reaction score
1
Location
USA
Great write-up. Been using the dual NIC implementation for quite a while now with homes and small businesses whose network hardware isn't capable of creating non-routed VLANs. Another nice feature to have on your BI computer in this scenario is an NTP server so all the camera dates/times remain accurate. You can enable the NTP server in Windows but it takes a bit of poking around. Instead, I use software called Net Time over at timesycntool dot-com. It's free and open source. I set the software up to run as a service on the BI computer and it serves date and time info to the non-internet connected cameras. Use your BI computer's camera NIC IP as the NTP server IP in your camera's config. Especially handy if your cameras don't easily support daylight savings time - some of the cheaper IP cameras miss a few of the DST settings.
 

mikeynags

Getting comfortable
Joined
Mar 14, 2017
Messages
481
Reaction score
287
Location
CT
You can find it under Settings/Startup - there is a checkbox to select run as a windows service.
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,108
Reaction score
353
Great write-up. Been using the dual NIC implementation for quite a while now with homes and small businesses whose network hardware isn't capable of creating non-routed VLANs. Another nice feature to have on your BI computer in this scenario is an NTP server so all the camera dates/times remain accurate. You can enable the NTP server in Windows but it takes a bit of poking around. Instead, I use software called Net Time over at timesycntool dot-com. It's free and open source. I set the software up to run as a service on the BI computer and it serves date and time info to the non-internet connected cameras. Use your BI computer's camera NIC IP as the NTP server IP in your camera's config. Especially handy if your cameras don't easily support daylight savings time - some of the cheaper IP cameras miss a few of the DST settings.
Thank You! Yes, I also made a NTP write-up here:
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,108
Reaction score
353
Hi CH,
I'm a bit of a noob at this but can you elaborate on how you do "run as a service" is this in BI or windows?
thanks.
For NetTime - go to Settings... Then check "Start NetTime service at bootup"
 

nowandthen

Getting comfortable
Joined
Oct 11, 2014
Messages
158
Reaction score
29
Why would someone want to go through the hassle and expense (NIC card, switch, ?) to do this? If someone is able to see my cameras, then I have bigger problems because they have already penetrated my firewall. What am I missing?:idk:
 

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
2,944
Reaction score
1,900
Location
Houston Tx
As second nic is $15.00 . The problem is not someone contacting the cameras. It is the cameras calling home after it has collected you network data. It also keeps your camera traffic off of your home network.
 

nowandthen

Getting comfortable
Joined
Oct 11, 2014
Messages
158
Reaction score
29
Thanks!
Once I put my cameras on their own network, behind my Blue Iris PC, I won't be able to log into the cameras from any other computer on my network, right? I'll have log into them using the Blue Iris PC. Not that it's a big deal, or that I do that often. I thought I read where there was a way to log into them from other PCs (not on that network), but maybe not. I've been reading so much lately I can't keep track of it all. :)
 
Top