OpenVPN on NVR PC or edgerouter X?

[cornholio]

Hello,

Does anyone know if the edgerouter x will be able to handle a vpn server thats connecting to a BI server (5 to 7 cameras)? I expect 1 frequent user, 2 infrequent users.

I'm trying to setup OpenVPN for my blue iris setup and could use an opinion on what I should do.

I've been trying to setup openvpn on my i7-6700 pc which is also my blue iris server. I've so far managed to connect from my iOS device to the openvpn server but no luck yet getting blue iris ios client to connect using the ddns domain name. I can access the web server from a browser though. I realize that I'm going to have to do some bridging between the router and the vpn server. This got me thinking if I should just host the vpn server on the router itself. I currently have a linksys ea9500 which I want to return. I want to setup a edgerouter x/edgerouter lite with tp link access points. It might be easier for me to isolate that subnet with a pc and the cameras on it if i host the vpn on the router.

 

[fenderman]

I've so far managed to connect from my iOS device to the openvpn server but no luck yet getting blue iris ios client to connect using the ddns domain name.

With a successful vpn connection you no longer use the ddns name...that is the entire point, you are now local to the network, use your local ip address.

 

[cornholio]

With a successful vpn connection you no longer use the ddns name...that is the entire point, you are now local to the network, use your local ip address.

Yea, that worked. What I wanted to achieve was that the VPN connect on demand. How do I tell the phone to connect to the VPN only when I'm accessing the cameras?

 

[fenderman]

Yea, that worked. What I wanted to achieve was that the VPN connect on demand. How do I tell the phone to connect to the VPN only when I'm accessing the cameras?

I dont think that is possible with an iphone...with android I believe you can do this via tasker.

 

[cornholio]

Oh, really? I saw this and thought it would be possible c.3) iOS OpenVPN On-Demand Setup. iOS profiles do let you configure the on demand vpn.

I think the question is how do I configure the BI server and port forwarding so that the app tries to connect to a domain name that triggers the on demand vpn.

Are you saying that the above can't be done and that the Android tasker would detect me launching the blue iris app and connect to the vpn?

 

[fenderman]

Oh, really? I saw this and thought it would be possible c.3) iOS OpenVPN On-Demand Setup. iOS profiles do let you configure the on demand vpn.

I think the question is how do I configure the BI server and port forwarding so that the app tries to connect to a domain name that triggers the on demand vpn.

Are you saying that the above can't be done and that the Android tasker would detect me launching the blue iris app and connect to the vpn?

You might be able to do it that way, I dont own an ios device, I dont know what versions of ios that works on or if it works at all.
What you are trying to achieve is in no way dependent on blue iris...you leave BI configured the way you would if everything was local. Not sure why you bring up port forwarding as the entire point of vpn is to NOT rely on port forwarding...

 

[cornholio]

Hmm.. I could be wrong but I think it actually is dependent on the Blue Iris setup. Here's my understanding:
For the on demand vpn to work someone has to request access to that domain. That someone in my case is going to be blue iris. So that's why I'll need to have an internal IP address (LAN) and the external (I'm assuming this is what you use the WAN for in the app setup) IP address as separately configured on the app.

The port forwarding is for the router to forward all requests to the port UDP 1194, TCP 443/943 to the VPN server (my PC). Here the VPN server is not the router.

In fact that is the original question I have, does my router (Ubiquiti EdgeRouter X) have the CPU capacity to handle a VPN connection from 2 phones to the BI server.