Please help me figure out my VPN

[Chase]

Ok first off I am a noob and I admit that my knowledge of this stuff is a bit over my head. My hope is that some of you will help guide me in the process of setting this up correctly because even after all the readings I just don't get "it."

So I have an Asus router and I have managed to setup my VPN on my router. I went with the PPTP Server that's built in already... I figured? it would be my easiest bet.

- Its enabled and VPN details are set as General.
- Further down I have created a username and password.

On my iPhone I went and connected to my VPN...

Type: PPTP
Server: Put my .asuscomm.com server here
Account: My username I created on the router VPN
RSA SecurID: Off
Password: My password I created on router VPN
Encryption level: Auto
Send All Traffic: On

Clicked done and it tells me I have connected to the VPN.

At this point I don't know what to do next in regards to viewing my cameras on my phone. I already have idmss lite installed on my iphone.

Am I setting this up right so far?
Do I need to make changes/updates/configurations on my NVR?
Do I need to forward ports to the VPN? Is that even OK?

Again I just don't understand everything and I am looking for help in getting this set up the right way.

 

[nayr]

Connect your VPN and then open idmss to your NVR's local LAN IP; done

you do nothing to your nvr, you forward no ports nothing further is needed.

 

[Chase]

Since I am opening idmss to my NVRs IP I would then assume that I am choosing the IP/Domain option right?

 

[nayr]

yea

 

[Chase]

Ok. A couple more questions

I will add my NVRs IP

Port automatically shows 37777 .... I plan to just delete that entry ... so that should solve that right meaning its not gonna want to use a port.

Username/Password.... Is this the credentials to log into my NVR? If it is do you recommend me using the admin account?

Another questions.... back to the router... on my VPN setup... I see another tab called VPN Client... I did not fill anything out there... is this something I need to do? The only username/password credientials I made were on the main VPN Server page (at the bottom of the page)

 

[nayr]

no you use ports, everything uses ports; just leave the defaults.. then configure gDMSS to connect on your wifi like any other client and then use it over VPN w/same settings.. your thinking too much and understand too little.

create a login just for your mobile devices so you dont lock out your admin account.

leave vpn client settings alone on your router

 

[Chase]

Sweet that worked!

Can you advise me how to be sure neither my NVR nor any of my cameras can send or receive information from the internet?

I want to take security seriously.

 

[spencnor]

@nayr. I also have an Asus router and set up Openvpn. The router also has the choice of PPTP vpn. Do you agree that Openvpn has a performance advantage and is more secure?

 

[nayr]

one should use OpenVPN over PPTP; its clearly more secure.. but either is better than port forwarding imo.

disable uPNP on your router and PNP/EzViz on your Cameras/NVR and you should be pretty good; otherwise you need to learn how to configure your firewall to be more restrictive by default and only allow what you want out.

 

[Chase]

Any ideas why I can't view cameras (wont connect) on idmss when I am away from home but on another wifi with my VPN turned on?

It works fine if I turn wifi off and use cellular service with VPN on.

 

[looney2ns]

That wifi has many restrictions set up it sounds. Public Wifi sometimes restrict access to many websites and such.

Part of life in the fast lane.

 

[Chase]

When im using my iPhone and cellular service and also being connected to my VPN (away from my house) does a VPN work in way to override cell service (for data consumption)?

It seemed like I was using the VPN connection for everything (web browsing, data consumption, etc) and not just when I was viewing my cameras on idmss.

I thought the VPN would only be used when viewing my cameras (away from home) and not for all data consumption when left on.

I tested this by using Speedtest with VPN on and with it off using only cell service.

 

[looney2ns]

Nope, if it's on, it's being used.

 

[Chase]

I decided to change over to OpenVPN via my Asus router. I have successfully set it up and have connected thru my phone.

I created a separate, new account for my iPad and exported my config file via the router. Uploaded it to the openvpn app and tried to connect on my iPad (just like I did on my iPhone) but it fails to connect. The connection times out. Any ideas what I should do to fix this? My username/password for my iPad account are correct.

 

[spencnor]

Uploaded it to the openvpn app and tried to connect on my iPad (just like I did on my iPhone) but it fails to connect. The connection times out.

This worked for me. I used the app Openvpn Connect on my iPad Air 2. I just installed the app., emailed the .ovpn file to myself. Then on the email attachment I long pressed on the .ovpn file and selected <Copy to OpenVPN>. Then simply entered my username and pw in the app.

 

[Chase]

That's what I did too

 

[spencnor]

That's what I did too

It was very straightforward for me. I didn't do anything else. Make sure your user ID and pw are correct. Beyond that I don't know what else it could be.

I followed the instructions by member randytsuch for my Asus router and had no problems.

See post #231
VPN Primer for Noobs

Randy : OpenVPN on a Asus router

 

[Chase]

Yeah it went fine on my phone. After I had my phone set up I went back to my router and added a user for the iPad. Made a new export file and put that on my iPad and tried logging in.

Hmmm

 

[Chase]

If I add users do I need to create a new export? Or do I use the same original copy.

 

[spencnor]

Yeah it went fine on my phone. After I had my phone set up I went back to my router and added a user for the iPad. Made a new export file and put that on my iPad and tried logging in.

Hmmm

From what little I know you can use the same user and .ovpn file on multiple devices. And I think it's recommended to create others for each device in case one of your devices is lost.

Edit: We cross posted. I'm pretty sure each .ovpn file is unique to the user ID.