Home Network with 4 Dahua Cameras

Blue65

Getting the hang of it
Joined
May 19, 2018
Messages
106
Reaction score
11
Location
77008
I am bowing down and looking for some help from more experienced people than myself. I had a vehicle stolen a while back, and at that time I bought into 4 dahua security cameras with one NVR 5216-4kS2
This is how I currently have the network setup. I am under no illusion that this is optimal, b/c I was just trying to get this system up and running, but now I am willing to take the time to set it up correctly.

I have a Edge Router X:
Eth 0/POE In - POE brick 110V to POE
Eth 1 – WAN Cable Modem
Eth 2 – 8 port D-Link Switch (I have this daisy chained to another POE Switch in the garage that I have all the cameras hooked up to.
Eth 3 – NVR 5216-4kS2 LAN 192.168.2.45
Eth 4/POE Out – Ubiquiti AP/LR
Here is a picture of my routing table (I think....)


I thought I have my cameras on a separate LAN outside of my other network devices. However, as I type this on my laptop and do an Ipconfig the computer is on the 192.168.2.X subnet.
I am looking for advice on the best way to do a camera setup that I can access from my mobile phone and then also manage the system while I am not on the local LAN. I know there probably still is not enough information for help, but I am really looking for some nice souls to help me along on this one.

Thank you in advance, and if there is any other information that you guys/gals need please just ask.
 

Brendon06

Young grasshopper
Joined
Jan 20, 2019
Messages
33
Reaction score
16
Location
New Zealand
just a few notes on what I have seen hopefully it will point you in the right directioin
If you are are wanting your cameras on a separate lan and blocked from the internet (yes this is definitely the recommended way of doing this) then on your edgerouter you will need to set so that the cameras and nvr are on one network and home lan on another seeing what you have connected i would do the following (assuming your dlink switch is not vlan capable and not purchasing any more switches)
eth2 on lan 1 with its own dhcp server and connect dlink switch to this with the uap connected to this using a poe injector
eth 3 and 4 on switch0 (using wizard or cli i believe) and connect garage poe switch to one and the nvr to the other
then you will need to use the firewall to block wan access to switch 0 but remember to allow lan access in order to view nvr .

(another way would be to power erx with 12vdc and use eth2 and eth4 on vswitch0 with dlink and uap connected to this. then eth0 and eth3 on vswitch1 with the poe switch and nvr on this

after this the best way for remote access is to create a remote access openvpn server on the erx this way once connected it will be like you are on the lan

only had time for a quick look but some of the following may help but will be worth using google for more information
Setting up an OpenVPN server with Ubiquiti EdgeRouter (EdgeOS) and Viscosity - SparkLabs (I personally use openvpn for android on my client device)
 

Brendon06

Young grasshopper
Joined
Jan 20, 2019
Messages
33
Reaction score
16
Location
New Zealand
this may also help
 

Blue65

Getting the hang of it
Joined
May 19, 2018
Messages
106
Reaction score
11
Location
77008
Thank you all for the responses. I think I most certainly need to power my Edge Router with conventional 12V plug. The reason I had it setup like this in the first place is I thought you could only use the POE out on this router if you used the POE in piece. I have an AP in the ceiling that does not have an AC plug to it, so I need that POE. However, one thing I was thinking was to plug in the ubuiqti edge with the 12V plug then get a 8 port POE switch for the Main LAN. I then could connect that POE AP to the POE switch. This would physically isolate that main LAN. Then I could start on the network segregation piece.

Thoughts?
 
Top