New guy looking for help on current build list

eric90000

n3wb
Joined
Apr 6, 2020
Messages
9
Reaction score
4
Location
Ireland
I have not tried that, but I think the answer is no. That would give the cameras a direct route to the internet via the POE switch connected to the RP to the internet. You would connect your BI computer via the primary NIC to the RP. You might investigate putting your ISP supplied router in bypass mode and getting a router with built in OpenVPN.


What I have done to solve this issue is the following: My BI server is upstairs. My main PC that I use daily is in my office downstairs. This PC has two RJ45 jacks on the motherboard which I configured one for my main LAN and the other on the same subnet as the POE switches and cameras. That second connection goes to one of my POE switches. So I have access to each camera from both machines.
So just to confirm, it's the cameras/PoE switch on NIC2 that shouldn't have ANY direct internet access, not the BlueIris machine that the cams feed in to? i.e. as per your picture, only the cams are isolated, the BlueIris machine itself is still fully connected to the internet via NIC1? Sorry for coming accross as silly, I've just never had to fully understand this stuff before and want to research first before I buy anything.

Also, if I were to make a Raspberry pi into a VPN using PiVPN, would it matter exactly where that device is connected to my home network? I assume that wherever it's connected it would need to have access to the Blue Iris machine via it's NIC 1?
 
Joined
May 1, 2019
Messages
2,215
Reaction score
3,504
Location
Reno, NV
Do not worry, Mr Eric90000. I followed the same path as you are doing now ;) Took a long time to understand what a subnet was (which, this is) and how things worked. Piece of cake now!
 
Joined
Aug 8, 2018
Messages
7,386
Reaction score
25,889
Location
Spring, Texas
So just to confirm, it's the cameras/PoE switch on NIC2 that shouldn't have ANY direct internet access, not the BlueIris machine that the cams feed in to? i.e. as per your picture, only the cams are isolated, the BlueIris machine itself is still fully connected to the internet via NIC1? Sorry for coming accross as silly, I've just never had to fully understand this stuff before and want to research first before I buy anything.

Also, if I were to make a Raspberry pi into a VPN using PiVPN, would it matter exactly where that device is connected to my home network? I assume that wherever it's connected it would need to have access to the Blue Iris machine via it's NIC 1?
The cameras and the switches that they are plugged into are isolated. Yes, the BI server is 'fully connected to the internet via NIC1'.

As far as the RP for VPN, I have no experience with that set up so I can't answer you on that.
 

DavidDavid

Getting comfortable
Joined
Jan 29, 2017
Messages
605
Reaction score
267
Location
Ohio
If you haven't purchased already, I'd suggest getting a 1,000ft spool of cat5 instead of 250 ft. Especially if you plan to add more cameras. And you never know when you might want to hardwire a TV or steaming device or something.

Also for my set-up I just have a rule in my router that blocks all incoming/outgoing transmissions for a range of IP address, which I've set up for my cameras. You probably have that capability in your router and would be much simpler than trying to hide them behind a second NIC.

Also you can run your VPN server on your blue Iris machine no problem. Just gotta forward the VPN port (usually 1194) in your router to the IP address of your blue Iris machine.
 

StarAPI

n3wb
Joined
Mar 8, 2020
Messages
20
Reaction score
6
Location
United States
Also, if I were to make a Raspberry pi into a VPN using PiVPN, would it matter exactly where that device is connected to my home network? I assume that wherever it's connected it would need to have access to the Blue Iris machine via it's NIC 1?
Hi eric90000:

You are correct, the piVPN would need to be connected to the Blue Iris machine via NIC1. I am successfully using piVPN in my own setup, running on the same pi as my piHole.
 
Top