Networking for house and cameras

Discussion in 'Networking' started by nakashima, Jul 20, 2019.

Share This Page

  1. nakashima

    nakashima n3wb

    Joined:
    Nov 11, 2018
    Messages:
    11
    Likes Received:
    4
    Location:
    utah
    I have run cat6 cables from my mechanical room to all camera locations, multiple AP locations, along with directly to my office and a few other rooms. My intentions were to purchase a few ubiquiti ac lites and place throughout the home. My internet service is run into my mechanical room where they have a POE 24v ubiquiti powering their satellite dish.

    My questions are:
    1. from the IP they gave me do i need to get a router or will the edgerouter x work? Can I just plug the edgerouter x into a 24 port POE switch for all my cameras, BI computer, and AP's? Or do I need a 24 port router?

    2. Knowing my current situation, Is there a better recommendation?
     
  2. catcamstar

    catcamstar Getting comfortable

    Joined:
    Jan 28, 2018
    Messages:
    964
    Likes Received:
    586
    Hi!

    It might help if you provide more info on the specifications (model/type) of the gear your ISP installed in your house. In the "best" case, they deployed a "modem-only", which simply grabs one WAN IP on the internal side and they require you to put your own(ed) internet router behind it (eg. ASUS if you prefer wifi+eth, or ER-X if you opt for eth-only). In the "worst" case, they deployed a "modem plus router" device (including wifi/eth or eth-only), then you should ask to put it in bridged mode (passthrough) OR you put your ASUS/ER-X in the DMZ (which your ISP or yourself must configure).

    We can only provide valuable and concrete advice if we understand the full setup.

    It's good to have your cams on cat6 and not on wifi.

    Do also consider a "host" for your (Open)VPN server instance - I suggest you leverage your ER-X for it.

    Good luck!
    CC
     
  3. nakashima

    nakashima n3wb

    Joined:
    Nov 11, 2018
    Messages:
    11
    Likes Received:
    4
    Location:
    utah
    They provided me with nothing, I'm assuming the satellite acts as a modem, and the signal i get from it is an IP address. I would need to provide myself with the rest, so temporarily I've got a google wifi, but i intend on returning it when i figure out exactly what i want to do. Can i just plug it into the ER-X and into a switch and out to all my devices? I'm not familiar with a vpn server. can you elaborate?
     
  4. catcamstar

    catcamstar Getting comfortable

    Joined:
    Jan 28, 2018
    Messages:
    964
    Likes Received:
    586
    They did provide you with something :) The model/type of that satellite may help.

    In any case, this is the general theory:
    - if you would have cable/dsl: your ISP provides a modem (or modem/router). It gets "connected" to the ISP (WAN side). In 90% of the cases, your ISP hands out "public" DHCP WAN IP addresses. Which means you have a public addressable IP, on which you can then "ent" your OpenVPN server. So where-ever you are, you can reach your "home". Unfortunately, the D in DHCP stands for Dynamic, which means that every (predefined) period of time, your IP is "re"-leased. You càn have the same IP back, or your neighboor, or someone else at the other side of your state. In 10% of the cases you might be lucky (like me) and your DHCP is kinda "stable", and it doesn't change (like with me in the past 4 years). which has its advantages (eg I don't have to reconfigure my openvpn client configuration files), however if I'm under attack, I can't simply "reboot" my modem to get a new one. With DHCP, you seen some "dynamic" DNS to "update" your configuration records accordingly the WAN IP change. Many 3g/4g have the same practice: every x minutes you pop-up on the internet with another IP address. Handy as a "client", but annoying when being a "server".
    - in case of satellite (I've read some topics here on the forum), many ISP employ double NAT, which means that your ISP gives you an "internal" (pseudo) WAN IP. What does that mean: you'll get an ip like 10.x.x.x or 172.x.x.x. These are unroutable ip addresses which you simply cannot contact FROM the outside internet.

    Does that mean you have to be "locked out". No. You can setup any "server" in your network to dial-out to any "VPS" openVPN-wise, and try to keep that line open. Through that same VPS with OpenVPN Server, you "dial" in from your handheld/mobile when being out-of-the-house. By having this jumpbox, you can "jump" from the internet into your house. Only pitfall is the "try" to keep that line open. If your ISP resets the communication (eg when that pseudo IP address gets recycled - it will run in DHCP mode too!), then the VPN software should re-establish the connection.

    But apart from that, it "depends" on what you have received from the ISP, but there are ample solutions for almost every challenge :)

    Hope this helps!
    CC
     
    TL1096r likes this.
  5. nakashima

    nakashima n3wb

    Joined:
    Nov 11, 2018
    Messages:
    11
    Likes Received:
    4
    Location:
    utah
    Yikes... i feel like i need an eli 5 for networking. I was hoping it was as easy as, hook the cat 6 into erx, then into a poe switch and out to devices. then adjust some settings on the router. Sounds like i have my work cut out. Thank you for the replies.
     
  6. catcamstar

    catcamstar Getting comfortable

    Joined:
    Jan 28, 2018
    Messages:
    964
    Likes Received:
    586
    It càn be as simple as you say: connect the ethernet cable into the ER-X (eth0) and have a look at the IP address you'll see. Then connect your pc to the ER-X and surf to (as example) whatismyipaddress.com - compare the two addresses. If they are the same: you are a winner! If they are not the same, you need some tweaking to be a winner :p

    Keep positive! You can always win! :)
     
    TL1096r likes this.
  7. TL1096r

    TL1096r Pulling my weight

    Joined:
    Jan 28, 2017
    Messages:
    886
    Likes Received:
    205
    It takes a lot of learning and planning. catcamstar has helped me get setup. let us know what you go with @nakashima