VPN Primer for Noobs

[bug99]

Some other quick reads for you

Optimize Connections With a VPN Speed Test
How To Run A VPN Speed Test (Check your Speed) - VPN Freaks

I did a quick read of the link above, but failed to notice a mention of the fact that a speed test will only work if the internet path is through the VPN tunnel. This is a configuration setting as to how to handle internet traffic pushed from the server or on the client i believe. For normal camera usage, internet traffic will bypass the VPN. For secret surfing, it goes through the tunnel by design.

 

[Pickel]

Ok, I'm at a total loss now. I have Openvpn running on my Blue Iris machine, but my android device fails to connect. I checked the logs and there is nothing. I had my ISP forward the port for my BI Server, but now my server won't connect to internet when I use static up address. At this point I don't know wether to go with nvr or buy a new router I can manage.

 

[MrRalphMan]

Ok, I'm at a total loss now. I have Openvpn running on my Blue Iris machine, but my android device fails to connect. I checked the logs and there is nothing. I had my ISP forward the port for my BI Server, but now my server won't connect to internet when I use static up address. At this point I don't know wether to go with nvr or buy a new router I can manage.

Hi, sorry I can't see any other posts on this thread about your setup.

Do you know what port or ports the ISP forwarded to you BI server?
What's the internal ip address or range of your router?
What IP are you setting the BI server to?
What IP or URI are you using on the Android app?
Patio

Sent from my ONEPLUS A3003 using Tapatalk

 

[cb8]

That is good to know. It would be nice if OpenVPN could utilize multicore. Using the RPi3 would should free up overhead from the router. Should I connect the RPi3 to the router or the switch or does it not matter?

Planned setup is
cable modem > WiFi router
smart switch > unmanaged poe switch

If you actually need more throughput and have multiple clients you can always work around it by running multiple instances of OpenVPN, though that's all moot unless you actually have an uplink that can push that much data. I wouldn't worry too much about which switch I connected it too unless you parts of your network is actually bandwidth constrained.

 

[Pickel]

Hi, sorry I can't see any other posts on this thread about your setup.

Do you know what port or ports the ISP forwarded to you BI server?
What's the internal ip address or range of your router?
What IP are you setting the BI server to?
What IP or URI are you using on the Android app?
Patio

Sent from my ONEPLUS A3003

Yeah, I requested they forward port 443 to BI server ip address. The ip address for the router is 192.168.88.X and I set the BI server to 192.168.88.XXX. The Android app is trying to connect to this same address.

Part of the issue is when I set the BI server to this static address it looses internet connection, but if I change it to any other address within this range it reconnects.

 

[MrRalphMan]

Hiya,

The IP addresses look ok for your internal side of things, but not sure why hardcoding this IP would cause it to lose the internet.
What are you setting as the default Gateway?

Also you say you are trying to hit this IP from your Android device, is this inside or outside your Network? If inside it should be fine without the VPN, if it is outside, you'll need to use the external IP address.

Unless you've one of these weird ISP setup, then all bets are off.

Hope this helps dude.

Paul

 

[Pickel]

Hiya,

The IP addresses look ok for your internal side of things, but not sure why hardcoding this IP would cause it to lose the internet.
What are you setting as the default Gateway?

Also you say you are trying to hit this IP from your Android device, is this inside or outside your Network? If inside it should be fine without the VPN, if it is outside, you'll need to use the external IP address.

Unless you've one of these weird ISP setup, then all bets are off.

Hope this helps dude.

Paul

I'm leaving the default gateway that was there originally.

I'm trying to connect over the cell network.

I have over air internet from a rural provider. Irritates me that I can't get into the router and look at the settings. I haven't tested the port to see if they opened the right one, but the BI server shows no activity when I try to connect from the client. It may be something with the firewall too. Guess I need to take a few days off to play with it without distractions, lol.

Thanks for your help.

 

[DWW0311]

Cisco ASA. In the process of switching to Sophos XG (waiting for the appliance to arrive).

 

[Pickel]

Question - I now have OpenVPN up and running on my blue iris server and OpenVPN Connect on my Android is hooked up to the mother ship. How do you know if you're secure? When I log into wifi at work (OpenVPN is connected), but when I Google "What's my ip" from my phone it gives me the same ip that is shown from my work computer. When I do it over wireless, I get a different ip every time I ask.

 

[xips]

Question - How do you know if you're secure?

How to check if your VPN is leaking private data

How to See if Your VPN is leaking your IP address (and how to stop it)

VPN makes my head hurt.

 

[Pickel]

Thanks, I will read those tonight. I actually gave up on setting up OpenVPN on my BI server and went out and bought an ASUS router. So much easier to set up that way! Now just need to figure out where I'm going to install all this equipment.

 

[DWW0311]

Now just need to figure out where I'm going to install all this equipment.

LOL, this is how it began for me. Before you know it you'll be asking yourself "where would a rack fit in my house?"

 

[tangent]

How to check if your VPN is leaking private data

How to See if Your VPN is leaking your IP address (and how to stop it)

VPN makes my head hurt.

Those articles are about VPN services that people use for privacy and illegal activities and a little security at coffee shops.

This thread is about setting up your own VPN server to facilitate secure access to your own network.

 

[Pickel]

LOL, this is how it began for me. Before you know it you'll be asking yourself "where would a rack fit in my house?"

Haha, already bought an 8U rack, power supply, 24 port patch panel, etc. I literally don't know where I'm going to put it. I'm going to have to run a plug wherever it's going. My electrical panel is outside, so that's its own challenge.

 

[Michael Shen]

hi all - need help on this very elementary problem. i have an asus router with both opevn vpn and pptp set up (i believe properly - cant screw up with so few configurations). i have a pixel xl on straight talk.

with pptp setup - when on mobile network i can connect (i see it in the logs) but then it says 'unsuccessful'
May 29 08:07:33 pptp[19129]: LCP: timeout sending Config-Requests
May 29 08:07:33 pptp[19129]: Connection terminated.
May 29 08:07:33 pptp[19129]: Modem hangup
May 29 08:07:33 pptpd[19128]: CTRL: EOF or bad error reading ctrl packet length.
May 29 08:07:33 pptpd[19128]: CTRL: couldn't read packet header (exit)
May 29 08:07:33 pptpd[19128]: CTRL: Fatal error reading control message in disconnect sequence

with pptp on local network - the connection is fine.

Questions: i am coming to the conclusion straight talk (my mobile provider) is somehow causing this problem?

with openvpn, i manage as far as setting it up in my android but the connect button is always greyed out - i dont even have a chance to connect.

does anyone know how to resolve my problems?

 

[DWW0311]

Haha, already bought an 8U rack, power supply, 24 port patch panel, etc. I literally don't know where I'm going to put it. I'm going to have to run a plug wherever it's going. My electrical panel is outside, so that's its own challenge.

Let me know in a year or two the point to which it has progressed (which it will ... )

I'm up to a 20U rack, 24 port patch, 12 port patch, Cisco 3560G-48 and 3560G-24P (in the rack, there are more of them elsewhere ... ), Cisco IAD2431-1T1E1, Cisco 7975's and 7921's throughout the house, Cisco 5520 wireless controller w/ a 5 Aironet footprint, 5 Dell servers (soon to be 6), Cisco 2901, fiber running everywhere imaginable and a Lenovo SA120 72TB.

It will get out of control, trust me on this one. It will get out of control and you'll be lucky to live through it

 

[Chase]

I have disabled/blocked my cameras from accessing the internet from my router. Is it also recommended to block your NVR from accessing the internet?

 

[DWW0311]

hi all - need help on this very elementary problem. i have an asus router with both opevn vpn and pptp set up (i believe properly - cant screw up with so few configurations). i have a pixel xl on straight talk.

with pptp setup - when on mobile network i can connect (i see it in the logs) but then it says 'unsuccessful'
May 29 08:07:33 pptp[19129]: LCP: timeout sending Config-Requests
May 29 08:07:33 pptp[19129]: Connection terminated.
May 29 08:07:33 pptp[19129]: Modem hangup
May 29 08:07:33 pptpd[19128]: CTRL: EOF or bad error reading ctrl packet length.
May 29 08:07:33 pptpd[19128]: CTRL: couldn't read packet header (exit)
May 29 08:07:33 pptpd[19128]: CTRL: Fatal error reading control message in disconnect sequence

with pptp on local network - the connection is fine.

Questions: i am coming to the conclusion straight talk (my mobile provider) is somehow causing this problem?

with openvpn, i manage as far as setting it up in my android but the connect button is always greyed out - i dont even have a chance to connect.

does anyone know how to resolve my problems?

Google "Straight Talk Wireless blocking VPN" - people have been complaining about them for years over this issue.

re: OpenVPN on Android - you imported and applied the .ovpn file to the device?

 

[DWW0311]

I have disabled/blocked my cameras from accessing the internet from my router. Is it also recommended to block your NVR from accessing the internet?

Assuming they are all located on the same VLAN, I would block the entire VLAN from accessing the internet, but short answer, IMO yes.

 

[Michael Shen]

Google "Straight Talk Wireless blocking VPN" - people have been complaining about them for years over this issue.

re: OpenVPN on Android - you imported and applied the .ovpn file to the device?

unfortunately i have googled and saw the complaints (and no solution) - am still trying to find out if someone found a workaround. +1 more instance on the complaint.

about OpenVPN - imported the .ovpn file and i assume the act of doing so applied it to my setting... i see my hostname automatically pr-epopulated correctly. router is AC5300 if that matters (dont think it does)