I need recommendation for good wifi cameras for indoor and outdoor (and potentially door bell, door lock, flood lights, and garage door opener).

[tangent]

5k to go through multiple areas of solid concrete to get cables where they'd need to go.

I can’t run Ethernet. And power line won’t work in my house.

Yes. If you’re asking to try to help me run Ethernet, I assure you it’s not an option. I’ve had professionals come. They can do it but it’ll cost way more than I want to spend.

Perhaps you need to rethink where you think the cables need to go. It's likely you could put some cameras on the garage and record to an NVR or computer that's mounted inside the garage. When you get someone to bid something like this you have to be a bit careful. A lack the knowledge or imagination to do it in a more practical way and might lead someone to give you an 'I don't want this fucking job' price (which is better than someone drastically underestimating what's involved).

I'm fairly confident your roof isn't made of concrete and that if nothing else some conduit could be used outside the building. Do you have any kind of attic?

As for powerline protocols like Home Plug AV2 or G.hn, I'm curious why you seem so confident they won't work? How well they work varies a lot, but generally the list of reasons it might not work AT ALL is fairly short and there are relatively simple solutions to most of those problems. There are also options like MoCa that use existing coax cable.

You can buy a big hammer drill that would have no problem drilling through several feet of concrete for a couple hundred bucks.

If you have so much concrete, you're going to have a terrible time getting wifi to work reliably enough to use many cameras.

 

[mat200]

Perhaps you need to rethink where you think the cables need to go. It's likely you could put some cameras on the garage and record to an NVR or computer that's mounted inside the garage. When you get someone to bid something like this you have to be a bit careful. A lack the knowledge or imagination to do it in a more practical way and might lead someone to give you an 'I don't want this fucking job' price.

I'm fairly confident your roof isn't made of concrete and that if nothing else some conduit could be used outside the building. Do you have any kind of attic?

As for powerline protocols like Home Plug AV2 or g.HN, I'm curious why you seem so confident they won't work? How well it works varies a lot, but generally the list of reasons it might not work at all is fairly short and there are relatively simple solutions to most of those problems. There are also options like MoCa that use existing coax cable.

You can buy a big hammer drill that would have no problem drilling through several feet of concrete for a couple hundred bucks.

If you have so much concrete, you're going to have a terrible time getting wifi to work reliably enough to use many cameras.

Hi @Anchal Nigam

@tangent has some solid advice here.

If your attached garage is by the front of the house, I would use it as the "NVR network" room .. one hole out on each side of the garage door for 3 cat5e cables to 2-3 cameras on each side of the garage door. That will give you decent coverage of your driveway and hopefully front door approach.

 

[AlwaysSomething]

I started off my journey with Ring and Wyze and will never go back (cloud only, no local options when I had them, wouldn't work if internet was down, subscription costs, etc.)

Next step was going local storage and no subscriptions (still using WIFI but now learning about POE).

I bought Amcrest, Reolink, and a few other highly purchased cameras from Amazon when first getting cameras and not understanding much. It was a mix of POE and WIFI. Since then I've learned a lot from this community and have started replacing cameras with better ones when I can and POE as well.

Even for my indoor cameras that I used to watch my pets and appliances, WIFI will miss those special moments (Murphy's Law). I know you've made it clear you want WIFI so here's what I can offer with that (even though as everyone else stated it's not good).

I will say Amcrest is better than Reolink. The only Reolink products I still use are their Doorbells which are great and most on this forum will agree (there is at least 1-2 main threads on them). I have both the Wifi and POE versions of the doorbells for different locations/needs. Both great.

If you are going to use Blue Iris and don't care about the camera's proprietary apps then I would say Amcrest is good (lower end Dahua) and works well with Blue Iris. Amcrest has their own app but I don't use it anymore. Oh and with any Apps (I've tried many) you are going to constantly be playing with the Firewall rules (it's crazy how many different IPs and ports they use). The Amcrest cameras are also adjustable (ie: shutter speed, FPS, etc.). Those adjustments are key when it comes to motion. Reolink didn't have them for the cameras I had.

I also have still some Tapo (TP-Link) cameras that are REALLY cheap (inexpensive). There are some threads on here about them as well (C110 I think is the popular one). They are not bad but also have no adjustments (ie: shutter speed, FPS, etc.). I kept them for trying to "catch" those "special moments" but they tend to blur on motion. If you want to capture motion then upgrade to the Amcrest (shutter speed is key). If you only care about stills (ie: house is still standing as you mentioned) then Tapo might work. I still have some for items that don't have motion (ie: wood stove thermometers, thermostats - I don't want anything "smart" in my house, etc.)

Also, Andy (EmpireTech) is a vendor on here that offers good cameras (rebranded Dahua). I just found this indoor WIFI camera he has and plan to buy to replace at least one of my old Amcrest:

EmpireTech H4C 4MP Indoor Fixed-focal Wi-Fi Network PT Camera

1/2.8" 4Megapixel CMOS. | Max. 25/30fps@4M. | H.265 encoding. | Human detection. | Wi-Fi. | Two-way Talk. | Sound alarm.

empiretech01.com

Nice thing about this camera (and the Amcrest) is they still have an ethernet port so if you are having problems you can test if it's the camera or the WIFI (it's usually the WIFI).

One more thing, if you want to also save to SD Card (as a backup) then you can with the Amcrest (and EmpireTech) but cannot with the Tapo. The Tapo has an available SD card slot for storage but you cannot use it if you turn on the streaming (Blue Iris, Frigate, etc.). Found that out after purchasing.

Hope that helps a little with WIFI cameras... even though they still are not recommended.

 

[jonesheri]

I'm looking for advice on how to best secure my cameras (not just from being used as bots or potential access points into my network, but also from freely streaming live feeds of my property across the web) while utilizing Reolink's NVR and maintaining the ability to use Reolink's mobile app to receive notifications, alerts and for accessing footage and live feeds via the NVR.

I recently purchased a Reolink 16ch 4K NVR and 14 Reolink PoE cameras. I've come across a couple posts on IPCT that illustrate that Reolink has not been very well received by most members. I know most members are running far more advanced networks and BI systems. I watched several YouTube videos and read several tutorials on other sites about BI and it was just way too over my head, so I decided to go with Reolink.

I've read through several threads in the Cyber Security Forum including; "Newbie Starter Guide...", "IPCT Cliff Notes", "Network Security Primer", and "VPN Primer...". Most of the posts are geared towards a system running BI ("double NIC", VPN, etc). I understand the premise of a VPN and being able to remotely access your BI system (or any system on your network) securely via the VPN from outside of your home network, the point behind the double NIC, using a VLAN, and just isolating the cameras completely from the internet.

Theoretically I could put the NVR behind a VPN and use the VPN to remote access the NVR (I'm not sure if this would work) but my goal isn't to access the web UI of the NVR, rather to maintain the functionality and ease of use of the Reolink Mobile App (unless there is some fundamental and well known vulnerability in the Reolink Mobile app that I am unaware of).

Does having the NVR act as the "middle man" between the cams and the internet provide adequate protection (I assume not)? I'm assuming the cameras are using the PoE switch built into the NVR to connect directly to the internet and it's not just the NVR connecting to the internet.

I read all about the basic tips in regards to disabling uPnP, port forwarding and even firewalling the cameras specific IP/MAC addresses. But since most of the recommendations on what ports to leave open appear to apply to BI I'm not sure which ports are required for the Reolink system to maintain function and whether the cameras themselves (not just the NVR) need an internet connection to maintain app functionality as well.

Currently my physical network setup is very basic ISP Modem > Wireless Router and my plan was to connect the NVR directly to the router I use to connect all my devices to the internet. I had already planned on adding a run of Cat6 from my ISP Modem and purchasing a second wifi router to add coverage. Perhaps using ASUS router to connect the NVR to the internet and using its advanced VPN and firewall controls is the solution? Or placing a physical firewall device between my current router and the NVR?

Any suggestions, recommendations, experiences (what settings to change/disable, ports to open/close, physical devices to use, firmware/software, procedures, best practices, etc) would be much appreciated before I just plug the NVR into my wireless router and hope for the best.

I'm sure I forgot some stuff, it was a lot of information to take in for a beginner, and lots of switching Snapchat between open tabs and google searches to comprehend everything.

Thanks!

 

[jonesheri]

I'm looking for advice on how to best secure my cameras (not just from being used as bots or potential access points into my network, but also from freely streaming live feeds of my property across the web) while utilizing Reolink's NVR and maintaining the ability to use Reolink's mobile app to receive notifications, alerts and for accessing footage and live feeds via the NVR.

I recently purchased a Reolink 16ch 4K NVR and 14 Reolink PoE cameras. I've come across a couple posts on IPCT that illustrate that Reolink has not been very well received by most members. I know most members are running far more advanced networks and BI systems. I watched several YouTube videos and read several tutorials on other sites about BI and it was just way too over my head, so I decided to go with Reolink.

I've read through several threads in the Cyber Security Forum including; "Newbie Starter Guide...", "IPCT Cliff Notes", "Network Security Primer", and "VPN Primer...". Most of the posts are geared towards a system running BI ("double NIC", VPN, etc). I understand the premise of a VPN and being able to remotely access your BI system (or any system on your network) securely via the VPN from outside of your home network, the point behind the double NIC, using a VLAN, and just isolating the cameras completely from the internet.

Theoretically I could put the NVR behind a VPN and use the VPN to remote access the NVR (I'm not sure if this would work) but my goal isn't to access the web UI of the NVR, rather to maintain the functionality and ease of use of the Reolink Mobile App (unless there is some fundamental and well known vulnerability in the Reolink Mobile app that I am unaware of).

Does having the NVR act as the "middle man" between the cams and the internet provide adequate protection (I assume not)? I'm assuming the cameras are using the PoE switch built into the NVR to connect directly to the internet and it's not just the NVR connecting to the internet.

I read all about the basic tips in regards to disabling uPnP, port forwarding and even firewalling the cameras specific IP/MAC addresses. But since most of the recommendations on what ports to leave open appear to apply to BI I'm not sure which ports are required for the Reolink system to maintain function and whether the cameras themselves (not just the NVR) need an internet connection to maintain app functionality as well.

Currently my physical network setup is very basic ISP Modem > Wireless Router and my plan was to connect the NVR directly to the router I use to connect all my devices to the internet. I had already planned on adding a run of Cat6 from my ISP Modem and purchasing a second wifi router to add coverage. Perhaps using ASUS router to connect the NVR to the internet and using its advanced VPN and firewall controls is the solution? Or placing a physical firewall device between my current router and the NVR?

Any suggestions, recommendations, experiences (what settings to change/disable, ports to open/close, physical devices to use, firmware/software, procedures, best practices, etc) would be much appreciated before I just plug the NVR into my wireless router and hope for the best.

I'm sure I forgot some stuff, it was a lot of information to take in for a beginner, and lots of switching Snapchat between open tabs and google searches to comprehend everything.

Thanks!