Menu
What's new

VPN help

D

dryfly

Getting the hang of it
Joined
May 25, 2015
Messages
258
Reaction score
46
I have read the VPN Primer but I'm still confused. My router does not have VPN server included, and I can't find WRT firmware that it will support. That leaves me with trying to setup a VPN on my dedicated Win 10 camera server. Is this possible and will it provide a secure system?

Can anyone point me to some specific directions as to how to do this?
 
S

Sean313

n3wb
Joined
Apr 16, 2017
Messages
11
Reaction score
0
dryfly said:
I have read the VPN Primer but I'm still confused. My router does not have VPN server included, and I can't find WRT firmware that it will support. That leaves me with trying to setup a VPN on my dedicated Win 10 camera server. Is this possible and will it provide a secure system?

Can anyone point me to some specific directions as to how to do this?
Click to expand...
I would really recommend doing it at the router level, for me I don't open any ports to my server to keep it secure. You can run it on windows 10 pro, I don't believe the standard home version has it. Are you using Windows 10 pro? It's usually under (on my win 8 pro setup) settings-network-create a vpn connection. What kind of router do you have?
 
D

dryfly

Getting the hang of it
Joined
May 25, 2015
Messages
258
Reaction score
46
I just bought a new router a couple of months ago and don't want to buy another right now. I'm running Win 10 Pro and have the option as per your directions called "add a VPN connection". What are the pros and cons of using it vs. at the router level? Any other software solutions?

When I put my camera system together remote access was not a priority. I'd just like to mess around with it.
 
S

Sean313

n3wb
Joined
Apr 16, 2017
Messages
11
Reaction score
0
A VPN is for sure more secure than any standard user name authentication, so if you have that option I would recommend using it. My reason is strictly personal for running it at the router level. I like to keep everything restricted so based on user decides what IP's they have access to on the VPN. I would just make sure your BI username and PW is not the same as your VPN username & PW.
 
FlipNJ

FlipNJ

Pulling my weight
Joined
May 3, 2016
Messages
346
Reaction score
127
This does not help you however, I went mad trying to figure it out and ended up moving my ASUS router to be my first router. (instead of the 3rd connected to another router that was connected to the modem) All good using the router based VPN. Waaaaay easier. Sucks to spend money but it is super easy and secure. For years I was tormented by my ISP (Optimum) with their convoluted system that would randomly close my opened port. Aggravating to say the least. The router based VPN is definitely the way to go. Just make sure to close any open ports afterward. Not to add to your confusion but try to get familiar with a dynamic host like no-ip. Its free and if your ISP routinely changes your IP address, you will never have a problem.
 
D

dryfly

Getting the hang of it
Joined
May 25, 2015
Messages
258
Reaction score
46
rcirz said:
This does not help you however, I went mad trying to figure it out and ended up moving my ASUS router to be my first router. (instead of the 3rd connected to another router that was connected to the modem) All good using the router based VPN. Waaaaay easier. Sucks to spend money but it is super easy and secure. For years I was tormented by my ISP (Optimum) with their convoluted system that would randomly close my opened port. Aggravating to say the least. The router based VPN is definitely the way to go. Just make sure to close any open ports afterward. Not to add to your confusion but try to get familiar with a dynamic host like no-ip. Its free and if your ISP routinely changes your IP address, you will never have a problem.
Click to expand...
Yeah, I think I'm wasting my time going any other route other than router based. Well, I'm not in any big hurry to take on this project as I'd like to get my camera system perfected first. And yes, I'm familiar with the concept of no-ip and will use.
 
R

rnatalli

Getting the hang of it
Joined
Aug 7, 2016
Messages
140
Reaction score
31
Do you have a Synology or QNAP NAS? Those have fairly easy to setup VPN servers. You could also get another router that supports DD-WRT or Tomato firmware.
 
VorlonFrog

VorlonFrog

IPCT+ Member
Joined
Aug 3, 2015
Messages
3,823
Reaction score
12,279
Location
Charlotte
dryfly said:
TP-Link AC1200 Archer C5 v2. Default firmware ver 3.17.1
Click to expand...
Unfortunately, I don't think DD-WRT was ever updated for this version of this router. I'm currently running OpenVPN on an Asus RT-AC68U. The most difficult part was generating the certificates for the server and clients, but that is easily done using Cygwin under Windows.
 
D

dryfly

Getting the hang of it
Joined
May 25, 2015
Messages
258
Reaction score
46
rnatalli said:
Do you have a Synology or QNAP NAS? Those have fairly easy to setup VPN servers. You could also get another router that supports DD-WRT or Tomato firmware.
Click to expand...
This is interesting. So a NAS such as these are not dependent on the router to be able to run a VPN? The cost is not that much more than a good router, and if I'm thinking correctly, I could move the hard drive out of my camera server computer and have it in a remote location away from the computer. I would only use the NAS for my camera system. If my assumptions are correct I'll start doing a little research.
 
R

rnatalli

Getting the hang of it
Joined
Aug 7, 2016
Messages
140
Reaction score
31
dryfly said:
This is interesting. So a NAS such as these are not dependent on the router to be able to run a VPN? The cost is not that much more than a good router, and if I'm thinking correctly, I could move the hard drive out of my camera server computer and have it in a remote location away from the computer. I would only use the NAS for my camera system. If my assumptions are correct I'll start doing a little research.
Click to expand...
Yes. So long as you forward the appropriate port(s) on the router and firewall on the NAS, there is no issue. I found Synology to be easier when it came to using OpenVPN; QNAP was a bit buggy. Just don't use PPTP.

As for using a NAS for a camera system, it technically works, but nothing like having Blue Iris on a PC. It also gets expensive when you go past the initial 2-camera license that comes with a Synology or QNAP NAS.
 
D

dryfly

Getting the hang of it
Joined
May 25, 2015
Messages
258
Reaction score
46
rnatalli said:
Yes. So long as you forward the appropriate port(s) on the router and firewall on the NAS, there is no issue. I found Synology to be easier when it came to using OpenVPN; QNAP was a bit buggy. Just don't use PPTP.

As for using a NAS for a camera system, it technically works, but nothing like having Blue Iris on a PC. It also gets expensive when you go past the initial 2-camera license that comes with a Synology or QNAP NAS.
Click to expand...
I though the purpose of a VPN was to prevent having to forward ports and create a security risk??? You can see I know little or nothing about this subject.

Regarding the NAS for cameras, I was speaking of storage for the camera PC. I run BI and was thinking I could put my WD Purple in the NAS box.
 
Pickel

Pickel

n3wb
Joined
Apr 18, 2017
Messages
27
Reaction score
8
I'm having the same issue, my ISP has locked down the router they provided and I have no way of accessing it. They do provide VPN on the router, but at an additional cost per month, which isn't the route I want to go. I'm just getting started getting my home network setup, so I'm still mapping out what all I want and the best way to accomplish it.
 
R

rnatalli

Getting the hang of it
Joined
Aug 7, 2016
Messages
140
Reaction score
31
dryfly said:
I though the purpose of a VPN was to prevent having to forward ports and create a security risk??? You can see I know little or nothing about this subject.

Regarding the NAS for cameras, I was speaking of storage for the camera PC. I run BI and was thinking I could put my WD Purple in the NAS box.
Click to expand...
There's a big difference between forwarding a port for OpenVPN; you not only need the username and password, you also need the certificate in order to login. Plus, everything going back and forth is encrypted. Add to this the security features NAS often include such as locking out IPs or temporarily all access after so many failed login attempts.
 
J

JBritt1234

n3wb
Joined
Sep 8, 2016
Messages
13
Reaction score
5
Location
Denver, Co
I use a Raspberry Pi running an OpenVPN Server via PiVPN: Simplest setup of OpenVPN

The setup and install is very easy. Setup a Raspberry Pi ($35-45ish depending on what you buy) with base OS install. Hardwire the device to your network, give it a static IP address. Setup OpenVPN using PiVPN: Simplest setup of OpenVPN and generate certificates for each device you would like to connect. You will need to forward the appropriate port, which as rnatalli goes into, is safe with OpenVPN.

This basically offloads your VPN connection to another piece of hardware, rather than using your home router, or other device. It is much more configurable in my opinion. In lots of the home routers I have used, VPN access is limited by their settings and/or shitty firmware.

I use port 443 TCP, rather than UDP as it helps get around businesses that have blocked VPN access. Not super common, but some do. I use noip.com to provide a DNS name which will automatically be updated via my Router. The OpenVPN client works on all your major computing devices and is free so it will update any external IP change from your ISP to your no-ip.com record. Only cost here is the Raspberry Pi.
 
D

DavidDavid

Getting comfortable
Joined
Jan 29, 2017
Messages
605
Reaction score
267
Location
Ohio
nayr said:
Where do I run my VPN Server? the best place is on your home router, since it will be required to be online and reachable for all remote connections anyhow its the best candidate. However if you have an always on PC-NVR it can also run it on there with great performance capabilities, or on a dedicated VPN appliance such as a Raspberry Pi
Click to expand...
Straight from the primer.....

Your windows 10 camera server is an "always on PC-NVR" he mentions as a second place to run it if the router option is not available to you.

And to answer your second question...

LMGTFY
Follow this link and then click on the first link that comes up.
 
Last edited:
O

OtisSha

n3wb
Joined
Apr 24, 2017
Messages
1
Reaction score
0
Sean313 said:
A VPN is for sure more secure than any standard user name authentication, so if you have that option I would recommend using it. My reason is strictly personal for running it at the router level. I like to keep everything restricted so based on user decides what IP's they have access to on the VPN. I would just make sure your BI username and PW is not the same as your VPN username & PW.
Click to expand...
When you use a vpn can the other people using that vpn's ip access your server?
 
D

DavidDavid

Getting comfortable
Joined
Jan 29, 2017
Messages
605
Reaction score
267
Location
Ohio
If you're running your own VPN server on your own network at home... You and only the people you give the keys to have access to it. Don't give anyone else the key and create separate keys/log ins for separate devices and if one of those ever gets lost of stolen, delete that account so nobody can use that device to access stuff on your network
 
Tinman

Tinman

Known around here
Joined
Nov 2, 2015
Messages
1,211
Reaction score
1,479
Location
USA
dryfly said:
I have read the VPN Primer but I'm still confused. My router does not have VPN server included, and I can't find WRT firmware that it will support. That leaves me with trying to setup a VPN on my dedicated Win 10 camera server. Is this possible and will it provide a secure system?

Can anyone point me to some specific directions as to how to do this?
Click to expand...
I did this on my dedicated BI machine and it works great....just follow this guide step by step.

Easy_Windows_Guide – OpenVPN Community
 
You must log in or register to reply here.
Top