VPN Primer for Noobs

[fenderman]

Usually the only time we'd be using it remotely is when we might occasionally view our security camera on our smartphones when away from our home WIFI. I'm on a budget and needed to keep the price down, (especially after paying for the camera) but it only cost $47.95 on Amazon, no way I could pay $200 for a router right now, the router we are switching from is an old non-VPN Linksys E1000 and it's still working great even for HD streaming video, if it wasn't for needing VPN for the security camera we'd keep using it, so I guess the Cisco RV110W should work at least as good if not better than the E1000 as far as the LAN WIFI, right ?

if you are not going to be using any of the advanced features like vlan/multiple lans to segregate your network, then you will be better off with a modern asus router running open vpn that can be had for 75 or so..note these business routers are often a pain to configure (I have no experience with that model)...for example this is only 67 dollars..https://www.amazon.com/RT-ACRH13-Dual-Band-AC1300-4-port-Gigabit/dp/B01LXL1AR8/ref=sr_1_4?s=electronics&ie=UTF8&qid=1508905938&sr=1-4&keywords=asus+router

 

[GKL]

if you are not going to be using any of the advanced features like vlan/multiple lans to segregate your network, then you will be better off with a modern asus router running open vpn that can be had for 75 or so..note these business routers are often a pain to configure (I have no experience with that model)...for example this is only 67 dollars..https://www.amazon.com/RT-ACRH13-Dual-Band-AC1300-4-port-Gigabit/dp/B01LXL1AR8/ref=sr_1_4?s=electronics&ie=UTF8&qid=1508905938&sr=1-4&keywords=asus+router

The Cisco router is already in transit, but it has very good reviews. That Asus is nice but doesn't seem to have the actual built-in VPN like the Cisco has. I'm still researching and learning and thought I needed to have my security camera on a vlan to protect it from attack. Since we'll have just one camera for now (maybe 1 or 2 more eventually) and have only 2 people at the most remotely viewing at the same time, should my 5 Mbps VPN limit be okay, or should I set my camera to a lower resolution than the max ?

 

[fenderman]

The Cisco router is already in transit, but it has very good reviews. That Asus is nice but doesn't seem to have the actual built-in VPN like the Cisco has. I'm still researching and learning and thought I needed to have my security camera on a vlan to protect it from attack. Since we'll have just one camera for now (maybe 1 or 2 more eventually) and have only 2 people at the most remotely viewing at the same time, should my 5 Mbps VPN limit be okay, or should I set my camera to a lower resolution than the max ?

its uses openvpn that is just as good if not better...its built into the asus...
vlans segregate networks...its useful to prevent the camera or any other device to have access to your network..but as far as preventing attacks vpn is what you are looking for..
5Mbps will be ok...resolution has no effect on bitrates, its a separate setting.
Note the you will need to learn how to properly setup this unit, it wont be plug and play or easy like the asus.

 

[GKL]

its uses openvpn that is just as good if not better...its built into the asus...
vlans segregate networks...its useful to prevent the camera or any other device to have access to your network..but as far as preventing attacks vpn is what you are looking for..
5Mbps will be ok...resolution has no effect on bitrates, its a separate setting.
Note the you will need to learn how to properly setup this unit, it wont be plug and play or easy like the asus.

Okay, so a vlan is not necessary for protection from outside attacks, the VPN takes care of that automatically ? The Cisco might not be as easy, but in the past I had to figure router set ups that were not plug and play, and have already been reading an online setup guide to get an idea ahead of time of the procedure, I just have to educate myself again https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv110w/quick_start/guide/Published/rv110w_quick_start_en.pdf .....got to sleep now, thanks for the continuing help, it is appreciated !

 

[fenderman]

Okay, so a vlan is not necessary for protection from outside attacks, the VPN takes care of that automatically ? The Cisco might not be as easy, but in the past I had to figure router set ups that were not plug and play, and have already been reading an online setup guide to get an idea ahead of time of the procedure, I just have to educate myself again https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv110w/quick_start/guide/Published/rv110w_quick_start_en.pdf .....got to sleep now, thanks for the continuing help, it is appreciated !

your routers firewall takes care of it...the vpn allows secure outside access instead of punching a huge hole in it by port forwarding...

 

[GKL]

if you are not going to be using any of the advanced features like vlan/multiple lans to segregate your network, then you will be better off with a modern asus router running open vpn that can be had for 75 or so..note these business routers are often a pain to configure (I have no experience with that model)...for example this is only 67 dollars..https://www.amazon.com/RT-ACRH13-Dual-Band-AC1300-4-port-Gigabit/dp/B01LXL1AR8/ref=sr_1_4?s=electronics&ie=UTF8&qid=1508905938&sr=1-4&keywords=asus+router

I just checked and I found the other router had not shipped yet so I was able to cancel it and order the asus, since I did not need vlan. Now will this be different from that cisco as far as setting up the vpn ?

 

[fenderman]

I just checked and I found the other router had not shipped yet so I was able to cancel it and order the asus, since I did not need vlan. Now will this be different from that cisco as far as setting up the vpn ?

it will be much easier..

 

[GKL]

it will be much easier..

When I originally thought the cisco was already in transit I was mistaking it with the camera which was in transit, the router was a later order. So that asus router should be an overall better router and not have the limitations of that cisco ?

 

[looney2ns]

When I originally thought the cisco was already in transit I was mistaking it with the camera which was in transit, the router was a later order. So that asus router should be an overall better router and not have the limitations of that cisco ?

It will work fine for you. Asus is a very popular choice.

 

[BeerNut]

Initially tried using a rpi2 for a VPN but it wasn't reliable. For a cheap VPN I bought a tmobile router and flashed it with Asus merlin firmware. VPN and router have been extremely reliable.

 

[username]

The recent flaw in WPA2 protocol requires that routers be patched. As of this moment Asus has not released a patch for my RT-N66W but say they are "working on it". I would expect that much older units will never be patched. That may include that very old Cisco router that OP canceled. Just another thing to research when buying older routers. I still have a Linksys WRT54g (it's13 yrs old!) in my garage to help with the signal. I doubt it will ever be patched and I will need to find a different solution, probably will install different firmware (tomato) on it if a fix is available.

 

[fenderman]

The recent flaw in WPA2 protocol requires that routers be patched. As of this moment Asus has not released a patch for my RT-N66W but say they are "working on it". I would expect that much older units will never be patched. That may include that very old Cisco router that OP canceled. Just another thing to research when buying older routers. I still have a Linksys WRT54g (it's13 yrs old!) in my garage to help with the signal. I doubt it will ever be patched and I will need to find a different solution, probably will install different firmware (tomato) on it if a fix is available.

Asus is really great with updates as far as consumer routers go...they will likely patch it soon....in theory cisco should be patching that router as well as they promise updates until 2022 but who knows...its important to note that despite all the hoopla about Krack, it risk is low because it requires the attacker to be within your wifi range...furthermore, as long as the client is patched there is no risk from the router unless it supports 802.11r....

 

[usaf_pride]

I have a Ubiquiti EdgeMax ER-X. Not the most user friendly, but for $50, it's pretty robust. I have it paired with a few AC-Lite pro access points (already patched) and really like the performance.


Sent from my iPad using Tapatalk

 

[BeerNut]

I also have a Ubiquiti EdgeMax ER-X, you're definitely right about it not being user friendly. I bricked it trying to upgrade the firmware. Tried the CLI and even worked with Ubiquiti support that finally RMA'd it. Based on what I read that particular router has issues due to the firmware utilizing most of the memory. Currently using tmobile router and Ubiquiti UAP-AC-LITE.

 

[GKL]

We had been using an old Linksys E1000 which worked great but did not have VPN capability, so since we were getting our first ip camera we got a VPN capable router, the ASUS RT-ACRH13 which I hooked up yesterday, it was a very easy setup and no real problem connecting our various computers and devices. (It was recommended to me on this forum, thanks !) Anyhow, last night I noticed a yellow "!" mark on the software interface and it said there was a firmware update available, all I had to do was click on the link and about 3 minutes later the upgrade was downloaded and installed and I then only had to reboot the router and it;s still working great. My next step will be to hook up our ip security cam, first time for me so I am doing a lot of reading trying to make sure I do it right and in the proper steps, might have to wait till next week depending on how soon we might get rain today.

 

[GKL]

I'm trying to make sure I have a clear understanding of how to set up my first ip camera. I don't have a hardware NVR but was just going to use NVR software from the camera manufacturer installed on my laptop, Hikvision iVMS-4200 and their smartphone app iVMS-4500. I do have a POE injector to power the camera. Now we want to be able to view the live camera feed not only thru our home WIFI but also when away from home thru our smartphone data connection. I had been searching thru the forum to get a better understanding on the right way to set this up, one person said they left their NVR open and just blocked their cameras with the VPN, I'm not sure if they had a hardware NVR or not though. Do I set up the VPN to block my camera from outside attack but will still be able to access the live feed myself when away from home ? I notice there is a VPN selection in the settings on my smartphone, is that something that needs to be set up to work with the camera also ? I'm not sure if I can install my camera outside today depending on how soon we might get rain today (and I'm still learning) but is it okay to connect the camera inside the house just long enough to get all the settings correct and camera operational then disconnect it till I can install it outside ?

 

[looney2ns]

I'm trying to make sure I have a clear understanding of how to set up my first ip camera. I don't have a hardware NVR but was just going to use NVR software from the camera manufacturer installed on my laptop, Hikvision iVMS-4200 and their smartphone app iVMS-4500. I do have a POE injector to power the camera. Now we want to be able to view the live camera feed not only thru our home WIFI but also when away from home thru our smartphone data connection. I had been searching thru the forum to get a better understanding on the right way to set this up, one person said they left their NVR open and just blocked their cameras with the VPN, I'm not sure if they had a hardware NVR or not though. Do I set up the VPN to block my camera from outside attack but will still be able to access the live feed myself when away from home ? I notice there is a VPN selection in the settings on my smartphone, is that something that needs to be set up to work with the camera also ? I'm not sure if I can install my camera outside today depending on how soon we might get rain today (and I'm still learning) but is it okay to connect the camera inside the house just long enough to get all the settings correct and camera operational then disconnect it till I can install it outside ?

If you haven't yet, go to page one of this thread and start from the beginning.

 

[usaf_pride]

I also have a Ubiquiti EdgeMax ER-X, you're definitely right about it not being user friendly. I bricked it trying to upgrade the firmware. Tried the CLI and even worked with Ubiquiti support that finally RMA'd it. Based on what I read that particular router has issues due to the firmware utilizing most of the memory. Currently using tmobile router and Ubiquiti UAP-AC-LITE.

If CLI is available, it's always the safest route. The ER-X is limited on memory, but the instructions are clear on how to handle that. If you have any *nix experience, it's not so bad.


Sent from my iPad using Tapatalk

 

[BeerNut]

Yeah I think I messed up trying to upgrade via the GUI. Learned my lesson and used the CLI on the replacement they sent me. Debating on dumping it on ebay picking up another tmobile router as they can be had for under $50 and are more versatile since I'm just using the ER-X as a switch now.

 

[GKL]

If you haven't yet, go to page one of this thread and start from the beginning.

Thanks, I had read some of it before, but will study it more, I'm somewhat tech savvy in other areas, but ip cameras and VPNs are a new area for me as this is our first ip security camera that I'm studying to make sure I set it up right.