Dual NIC setup on your Blue Iris Machine

[wittaj]

I think it is congrats on getting the dual NIC set-up LOL. I am struggling to figure out what could be wrong on that end that is causing this.

I plugged a computer in on the camera switch side NIC and could not access the internet. I then take that computer and plug it into a switch on the internet side NIC and it has internet, so I am assuming the dual NIC is working properly since I cannot get to the internet on the CAM side?

As far as the OpenVPN - it has all been with my mobile device - I open up UI3 while on home network and it works, so I bookmarked it. Then I go off the home wifi with the mobile, connect to another wifi, connect to OpenVPN and open the UI3 bookmark and nothing, but I open the router bookmark and I can get into that?

I will go ahead and start or find an appropriate OpenVPN thread - thanks for helping me troubleshoot!

 

[Sybertiger]

I don't know what going on with your VPN but I think your methodology isn't helping....quit doing the "guest network" thing...we don't know how you have that setup including privileges. Simply turn off the WiFi and use your cell network...DO NOT use airplane mode. Simply turn off WiFi directly on the cell phone as that forces all communication to go through the cell phone network which is outside your home network.

 

[wittaj]

OK so it isn't congrats on dual NIC LOL.

I went back to the BI Machine to see if I could find anything there. For some reason the internet NIC lost the internet and when I hit diagnose, it says the fix is to auto DHCP, so I said ok, then went into the router and forced that machine to the IP address I want and now I can see it on cellular service or guest wifi thru OpenVPN - so is that correct now, or do I still have something messed up in dual NIC?

So my setup is now I force the IP address in the router to 192.168.2.100 and then on the BI Machine the internet properties is to let it auto assign an IP, which then picked the xx.100 because that is what the router was providing. For kicks and grins I then went into the internet setup and changed from auto assign to manually put in xx.100 and then after a few minutes it loses the internet connection again - it might be resetting for lack of a better term because the screen turns off, so maybe I need to set to always on even if it is headless?

So I am missing something here or should it be on the BI machine to auto assign an IP if the router has made that machine a static address?

 

[concord]

Your router is set to DHCP, so each device requests an IP address from the router. On most routers, you can assign a specific IP address based on the MAC address, so that it won't be given out to any other device and when the device boots up and asks for an IP address, it will get the same IP address. Here is a video showing how to do it on a ASUS router.

 

[crw030]

You won't want your Blue Iris computer IP moving around on you, so follow @concord video so that for that specific hardware MAC the ASUS router will just always assign a specific IP address. If you want to have DHCP network (easiest), but you need some devices to have predictable IP address (like Blue Iris machine), then that's the best method. To avoid IP conflicts, set the assigned IP to something below or above the DHCP range however. I assume this works the same on ASUS router, but don't want to tinker with mine since it's 1000 miles away atm. But it isn't covered in the video.

example (at about 1:48 mark in video) : LAN >> DHCP Server
IP Pool Starting Address: 192.168.100.2 >> I would try changing this to 192.168.100.32 or something
IP Pool Ending Address: 192.168.100.254 >> this would still be fine.
then assign the Blue Iris MAC Address a fixed IP in the range: 192.168.100.2 to 192.168.100.31

 

[wittaj]

@concord and @crw030 - thanks I just finished watching the video and didn't think about setting the BI out of the range, so I will do that now and hopefully not have to report back any more issues! What I thought was going to be the easiest part has turned into the hardest so far LOL!

 

[crw030]

@wittaj everything seems harder the first time you do it, but in networking terms this is more straightforward than tackling VLANs (imo) !

 

[petere10]

I'm not sure whether this bit was answered in previous posts, but I'll put my 2c worth here.

In this image posted

soon as you hit OK, you have opened up port 81 to the ENTIRE UNIVERSE. The whole point of security is to prevent this, SO, DELETE THIS ENTRY COMPLETELY and double check it after you save. With your VPN up and running, you APPEAR to be on your local network, so to access ui3.htm, just type in 192.168.0.100:81 from anywhere in the world and it works.
I made the mistake of using the WAN access for a single day and had 2 attempts to hack my system. Others may have a different opinion, so respect them as well

Pete

 

[Sybertiger]

I'm not sure whether this bit was answered in previous posts, but I'll put my 2c worth here.

soon as you hit OK, you have opened up port 81 to the ENTIRE UNIVERSE. The whole point of security is to prevent this, SO, DELETE THIS ENTRY COMPLETELY and double check it after you save. With your VPN up and running, you APPEAR to be on your local network, so to access ui3.htm, just type in 192.168.0.100:81 from anywhere in the world and it works.
I made the mistake of using the WAN access for a single day and had 2 attempts to hack my system. Others may have a different opinion, so respect them as well

Pete

What????

 

[SouthernYankee]

Peter10
Total not true.
It sits behind a router with a fire wall. If port 81 is not open in the router it goes no where.
Try testing and not guessing.

 

[petere10]

If you follow the wizard, and it utilises uPNP, you will open 81 to the world, otherwise you would not be able to access BI form outside your home network. I respect your opinion, but we will have to agree to disagree

 

[mikeynags]

That only works if the app supports uPnP - I agree with @SouthernYankee - with the VPN, it's not open unless the router has the specified port listed as an open port.

 

[Sybertiger]

If you follow the wizard, and it utilises uPNP, you will open 81 to the world, otherwise you would not be able to access BI form outside your home network. I respect your opinion, but we will have to agree to disagree

How's it going to utlilize UPnP when it's turned off on the router?

 

[wittaj]

If you follow the wizard, and it utilises uPNP, you will open 81 to the world, otherwise you would not be able to access BI form outside your home network. I respect your opinion, but we will have to agree to disagree

After my experiences today setting it up and with the help from @Sybertiger and @SouthernYankee and other contributors on this forum, I can assure you that as long as you don't go thru the Remote Access Wizard, you do not open port 81 to the Internet. That WAN address on that menu is meaningless unless you open the port on the router and/or do that wizard. I tried - it isn't open. Have to VPN to the local IP. If you can get it by using the WAN address:81 then you have a port open...

 

[petere10]

After my experiences today setting it up and with the help from @Sybertiger and @SouthernYankee and other contributors on this forum, I can assure you that as long as you don't go thru the Remote Access Wizard, you do not open port 81 to the Internet. That WAN address on that menu is meaningless unless you open the port on the router and/or do that wizard. I tried - it isn't open. Have to VPN to the local IP. If you can get it by using the WAN address:81 then you have a port open...

I agree with your statement 100%. That's all I was getting at in the first place. If you leave the WAN address empty and just access through a VPN, you have the best solution. If you're not an expert (and I'm not) the VPN local IP path IS the best solution

 

[petere10]

An excellent site to give you peace of mind is grc.com and click on Shields Up. Spend a half hour there and you will learn a lot about vulnerability. I forgot who pointed me there in the first place, but it was someone on this site (thanks forever!).

 

[mikeynags]

it was me

 

[nowandthen]

Been messing with this for hours.
Perhaps a problem with the NIC card, TP-Link Gigabit PCI Express Network Adapter TG-3468.

Problem, TP-Link NIC refuses to accept a static IP. Asus RT-AC88U router. I assign it by selecting the MAC address (and/or the name of my BI PC) in the LAN menu, DHCP. It shows it in the DHCP static list page as .13 but on the Network Map, Clients list, it still shows as 91. MAC addresses for both are the same. I have assigned this BI PC and many other devices with static IPs without issue. But when it comes to this card, it refuses to change to 13, it insists on being 91. Blue Iris sees itself as on 91and I can connect the computer to the internet (Firefox). As a test, I plugged the netwok cable back into the mother board NIC and was able to set it to a static address of 13.
If I manually enter the IP address in the IPv4 section when editing the network adapter, Blue Iris then sees it as 13 and I can log in from my phone via LAN and via WAN (Blue Iris iPhone app is set to look for .13) but I can no longer get to the internet.

I've read that it's preferred to use the PCI NIC to connect to the LAN and use the NIC on the motherboard for the cameras (camera POE switch). I'm about to give up and use the moterboard NIC for my LAN and use the add-on PCIE card for the POE switch (cameras) unless someone can help me figure out why this NIC will not change it's IP address.

Tried to find info on the web, but no luck. It's like the NIC is set to not accept HDCP, but the IPv4 shows it is set to accept it.

Bad card? Recommendations for a different card?

Thoughts? Thanks in advance.

 

[SouthernYankee]

The static IP address almost nothing to do with the router. Just set the value in windows and make sure not to use an existing address.

 

[Sybertiger]

On your router it would be helpful to provide a range of IP addresses that the DHCP server can use for auto assignment of devices that don't need a static address like you will have for your NIC. Sometimes they call it IP Pool Starting Address and IP Pool Ending Address. Assign your NIC an IP address outside of the DHCP Pool range as pointed out by @SouthernYankee. Also on your router's DHCP server settings you can "Manually Assigned IP around the DHCP list" which is where you can add that IP address you intend to use for your NIC....but you need to set the IP address of the NIC first as described above.