Dual NIC setup on your Blue Iris Machine

You know, after been running win 7 forever, I just had to buy a new motherboard and cpu, cause of lightning. So, now I installed win 10 pro for the first time for personal use. It's not kind to my usual practices, and its driving me bonkers on adding the same intel addon nic card, that was working just fine before.
This new mobo has a second nic built in which I couldnt configure either.
Using all the settings here above I cant connect to my cameras through the switch I have. I get errors in the network adapter.
I'm using 192.168.70.10 as my nic ip address. all my cams are 192.168.70.21 and above.
in the network settings:
one of the problems is DHCP is not enabled.
auto config - yes-
ip 192.168.70.10
subnet mask 255.255.255.0
default gateway either i leave blank or set to 192.168.70.254
dns server - 192.168.70.254
dns servers click on Netbios over tcpip - enabled

advanced:
IP settings:
one entry 192.168.10 - sbmask 255.255.255.0
def gateways Gateway - Metric automatic metric
DNS
192.168.70.254
checked - Append prim and ...
WINS
no addresses entered
checked enable lmhosts
netbios setting default

any insight ?
i checked win10 for card driver update, win says - its generic driver is OK < probably should check with intel though.
Win 7 was a breeze to set up..
 
B. I. is not set up yet.
 
if its any manner - win10 is not activated yet -
 
I'm having the same problems with setting up the built in 2nd nic. realtec chipset.
 
I assume that all cams have static IP addresses in the range of 192.168.70.xxx and your PC cam NIC connection is set to a static IP address with 192.168.70.10, 255.255.255.0

If you currently have the extra NIC card as the cam network, disable the other two connections (using Settings / Network & Internet / Ethernet / Change Adapter settings) by right-mouse button on each connection and selecting disable.

Check to see if you can connect via browser to one of the cams (assuming your cams can be accessed via browser).

If that works, check your internet NIC connection IPv4 settings, I assume you are using DHCP, ensure that is connected and select Advanced to see that there is only DHCP Enabled. Save it and then enable the connection (leaving the second connection disabled).

Then check for internet access and then cam access via browser.
 
go to command prompt and do the ipconfig /all command

Screenshot 2021-08-29 140230.pngScreenshot 2021-08-29 140427.png
 
See what the actual values are. thats a good place to start.
 
  • Like
Reactions: sebastiantombs
scree shot
 

Attachments

  • ipconfig 1.png
    ipconfig 1.png
    134.6 KB · Views: 36
all my cams are untouched from before - in the same network switch - using 192.168.70.2x
seems like windows is placing this connection as public --- shouldnt it be private
 
Last edited:
I dont friggin' believe it..
Windows 10 has I.E. in it - and now I can see my cams
I was using firefox, then edge. they didnt work - W-T-F-
So, it is now working, but the network connections program is saying uh, no its not. UGH...
 
has anything changed
 

Attachments

  • ipconfig 2.png
    ipconfig 2.png
    104.1 KB · Views: 32
now I can install B.I.
 
  • Like
Reactions: Flintstone61
has anything changed
maybe dns servers? 8.8.8.8 8.8.4.4 you must have put those in? Google Fiber DNs or whatever it's called
 
yes, I put those in
and I.E. is the only browser that can get into the camera gui.
 
You check the windows firewall settings to verify the other browsers have rules configured to allow them network access? Or, you could try disabling the windows firewall altogether.


Sent from my iPhone using Tapatalk
 
Try disabling ipv6 on camera subnet
 
While I agree that the Dual NIC method is effective at isolating the cameras from being able to access the internet (and thus preventing them from "phoning home"), has anyone ever given serious consideration to the possibility that the camera firmware itself might contain code that could compromise the B.I. computer (and ultimately your whole network)?
I have seen this brought up occasionally (at least once in this thread), but have never seen a serious discussion about this attack vector. Anyone care to alleviate my perhaps paranoid fears here?
 
  • Like
Reactions: Arjun
While I agree that the Dual NIC method is effective at isolating the cameras from being able to access the internet (and thus preventing them from "phoning home"), has anyone ever given serious consideration to the possibility that the camera firmware itself might contain code that could compromise the B.I. computer (and ultimately your whole network)?
I have seen this brought up occasionally (at least once in this thread), but have never seen a serious discussion about this attack vector. Anyone care to alleviate my perhaps paranoid fears here?

The thought is seldom far away as my thought process works. But I lump it in with all the other "connected" devices on the LAN, "what are the chances my printer/TV/bluray/AP/IPcamera will compromise my LAN?"
 
While I agree that the Dual NIC method is effective at isolating the cameras from being able to access the internet (and thus preventing them from "phoning home"), has anyone ever given serious consideration to the possibility that the camera firmware itself might contain code that could compromise the B.I. computer (and ultimately your whole network)?
I have seen this brought up occasionally (at least once in this thread), but have never seen a serious discussion about this attack vector. Anyone care to alleviate my perhaps paranoid fears here?

I'm spitballing, but I feel like the requirements to pull off an attack like this, originating from an isolated network device - even one that's effectively a Linux/BSD machine - are too high to be worth it.

These devices are already under a decent amount of scrutiny in the security field. One caught behaving oddly, or causing potentially isolated hub systems to behave oddly, would strike up a lot of interest, I'm sure. You'd be looking at software with the capability of exploiting various systems, so anyone finding one and peeking into it would potentially find a lot of exploits. For it to be effective they'd have to be high level and unpatched on whatever hardware you're looking at. Could be effective against folks who don't keep their stuff up to date, but otherwise that's a lot of investment for... what?

Someone with more experience could certainly comment, but overall I feel like the risk is low here.