VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    857
@GLK. Suggest you google "openvpn connect windows phone client" for some info on getting your windows phone to use openvpn. There is at least one hit with that search, whether or not it is suitable.... you will have to check

Thanks, I appreciate the suggestion and I had been trying to search for that but nothing yet, but I did see where many window phones users have been asking for it to be made. I even saw where one person was trying on their own to code a version of openvpn to work on windows phones but nothing about it being finished. It's sad there has to be a technical roadblock like this, I have a Nokia Lumia 1520 and it has some great features and a really big screen and it's a really great phone overall.
 
So are you saying Hikvision would hack into our computers thru the p2p ?

It's beginning to look like Hikvision ip cameras and consumer class routers have such a limited compatibility I might have been better off waiting a few years for the technology to be more widely compatible...

It's not that there's anything particularly wrong with Hik's cameras or consumer routers. The camera and router that you have are pretty good products. It's your particular combination of circumstances in this case that's the problem.

Your choices basically break down to:

1. Do it right with either another router/firewall that supports L2TP/IPsec or switch phones to one that supports OpenVPN which will require spending some money.
2. Set up some other VPN server on your net which likely won't be as easy as the diagram shows and will require a machine to be up and running whenever you need access.
3. Use their P2P cloud service which kinda sucks because you're running through and relying on their servers.
4. Open up some ports which means that you're relying on whatever security (or lack there of) there is in the firmware of the cam which is kinda sketchy at best.
5. Just don't bother with remote access.

Your pick.

You might also be able to run something like TeamViewer which lets you relatively securely remotely control a computer on your network but that will have its own issues and will be kind of a kludgy way to do it.
 
  • Like
Reactions: GKL
ivms will do nothing for you if you cannot connect to the network...your asus router requires a vpn client on your phone.
I would not trust hikvision p2p for a second. No there is nothing else that will work.
Alternatively if you carrier is GSM (att, tmobile etc) there are a bunch of 50-100 dollar android phones available that will likely blow away your windows phone...
I was trying to see if there was a router not too much more than what I just paid for the asus that did have a vpn server that would be compatible with my windows phone that has "L2TP with IPsec" vpn, I found one that MIGHT be right but I'm not sure, it says - N518W supports up to 5 IPSec/PPTP/L2TP VPN tunnels. - but is that the same as a "L2TP with IPsec" server ? Here is the link - http://www.uttglobal.com/default.asp?id=3460

I have to be ABSOLUTELY sure the N518W would work with my windows phone vpn setting of "L2TP with IPsec" before I could even think about ordering it and sending back the asus router. ......I am not sure if "IPSec/PPTP/L2TP VPN tunnels" is the same as saying it works as a "L2TP with IPsec" server.
 
It's not that there's anything particularly wrong with Hik's cameras or consumer routers. The camera and router that you have are pretty good products. It's your particular combination of circumstances in this case that's the problem.

Your choices basically break down to:

1. Do it right with either another router/firewall that supports L2TP/IPsec or switch phones to one that supports OpenVPN which will require spending some money.
2. Set up some other VPN server on your net which likely won't be as easy as the diagram shows and will require a machine to be up and running whenever you need access.
3. Use their P2P cloud service which kinda sucks because you're running through and relying on their servers.
4. Open up some ports which means that you're relying on whatever security (or lack there of) there is in the firmware of the cam which is kinda sketchy at best.
5. Just don't bother with remote access.

Your pick.

You might also be able to run something like TeamViewer which lets you relatively securely remotely control a computer on your network but that will have its own issues and will be kind of a kludgy way to do it.

I do have teamviewer but haven't used it in a long time, can teamviewer be used to enable my windows phones to view the live feed from my ip camera ?

also, let me ask this to you too -

I was trying to see if there was a router not too much more than what I just paid for the asus that did have a vpn server that would be compatible with my windows phone that has "L2TP with IPsec" vpn, I found one that MIGHT be right but I'm not sure, it says - N518W supports up to 5 IPSec/PPTP/L2TP VPN tunnels. - but is that the same as a "L2TP with IPsec" server ? Here is the link - http://www.uttglobal.com/default.asp?id=3460

I have to be ABSOLUTELY sure the N518W would work with my windows phone vpn setting of "L2TP with IPsec" before I could even think about ordering it and sending back the asus router. ......I am not sure if "IPSec/PPTP/L2TP VPN tunnels" is the same as saying it works as a "L2TP with IPsec" server.
 
I do have teamviewer but haven't used it in a long time, can teamviewer be used to enable my windows phones to view the live feed from my ip camera ?

also, let me ask this to you too -

I was trying to see if there was a router not too much more than what I just paid for the asus that did have a vpn server that would be compatible with my windows phone that has "L2TP with IPsec" vpn, I found one that MIGHT be right but I'm not sure, it says - N518W supports up to 5 IPSec/PPTP/L2TP VPN tunnels. - but is that the same as a "L2TP with IPsec" server ? Here is the link - http://www.uttglobal.com/default.asp?id=3460

I have to be ABSOLUTELY sure the N518W would work with my windows phone vpn setting of "L2TP with IPsec" before I could even think about ordering it and sending back the asus router. ......I am not sure if "IPSec/PPTP/L2TP VPN tunnels" is the same as saying it works as a "L2TP with IPsec" server.
avoid no name brands...who knows if they even provide timely firmware updates...
 
  • Like
Reactions: GKL
Hello all,

I've been running OpenVPN setup on an ASUS Router. This has worked like a charm for me since I set it up in July. Today, I upgraded the firmware on my ASUS RT-AC88U to 3.0.0.4.382_15850.

Now, I cannot connect to the VPN. I tried creating and exporting a new .ovpn file, but I still can't connect.

I get an error message saying "OpenVPN server daemon failed to start. Please check your device environment or contents in the Advanced Setting page."

Any help would be GREATLY appreciated.

Thanks!
 
Hello all,

I've been running OpenVPN setup on an ASUS Router. This has worked like a charm for me since I set it up in July. Today, I upgraded the firmware on my ASUS RT-AC88U to 3.0.0.4.382_15850.

Now, I cannot connect to the VPN. I tried creating and exporting a new .ovpn file, but I still can't connect.

I get an error message saying "OpenVPN server daemon failed to start. Please check your device environment or contents in the Advanced Setting page."

Any help would be GREATLY appreciated.

Thanks!

Might be a silly question, but have yo tried a couple of power cycles?

If not, then it could be incompatibilities between the settings in the old FW and the new.
I'd suggest trying the following.

Backup your settings
Factory reset the router
Set the OpenVPN server back up

If that works, great.. If not then just restore your settings to get back to where you are now.
 
thanks, Ralph.

I tried a couple of power cycles.

Also, I didn't do "factory reset" but I did revert back to earlier June 15 firmware (pretty sure that's the one I was running). OpenVPN still not working.

Not sure what to do next :(
 
from the log file on the ASUS router this may be the relevant entry, but I don't know how to correct it.

"Assertion failed at ssl.c:2005"
 
Thanks again, MrRalph.

I FINALLY got OpenVPN working again.

On my ASUS RT-AC88U, I rolled back to the June 15 firmware, and I also updated the "OpenVPN Connect" app on my Android phone. It's hard to be certain at this point, but I think updating the app is what fixed the issue. On Google Play, the "what's new" in the app description cited some connection issues with older VPN servers (not sure which version of VPN server runs on the ASUS router.) Coincidentally, the app release date was today.

If anyone else runs into connectivity issues, I'd recommend updating the app on your Android device.
 
  • Like
Reactions: MrRalphMan
Well. I downloaded and installed the Softether software and I have been trying for hours to get a connection between my windows phone and the Softether server on my laptop.

I'm trying to get an L2TP with IPsec connection between my windows phone VPN client and the Softether server, at first I was getting error code 1460 on my windows phone, tried changing some things now I keep getting error message 720 on my windows phone.

I know Softether should work with windows phones because I read of others being able to do it.

Please, does anyone know how to fix windows phone error 720 ?

I don't have any idea whether settings need to be changed in my Softether setup, or in my router setup, or on my laptop computer, or on the windows phone, or a combination of any of those. I could have router settings wrong or incomplete, when you are new at this and router directions are very basic it's almost a guessing game as what info to plug in where. :confused:

I am very new at VPN and router configuring, but I have tried searching the web and reading a lot to try to figure this out on my own before bothering anyone with more questions, but I still am not even sure what to check first.

I'm not one to give up easy, but if I can't get this figured out within a couple weeks or so then I might have to settle for PPTP or port forwarding as unrecommended as they are, at least I'd have a working connection :lol:

Thanks to all for enduring my rant and ongoing questions :lol:
 
I setup an OpenVPN server on my Asus AC68U router. I can connect with my Android phone perfectly fine. The only problem is that I can't access my computer on my LAN unless I disable the computer's firewall. I've searched but haven't found a solution. I know I can add a rule so I tried to open the port that is used but I still can't connect and would this still be secure even though the port is open behind the VPN?
 
Last edited:
@GKL Take a look at this thread Windows Phone - SoftEther VPN User Forum I just was able to get my Window Phone to work adding the UDP ports to the router NAT table. I am using a Raspberry Pi with 2 nics, but it might solve your issue.
 
Oh, Just noticed you were on it already.
 
Oh, Just noticed you were on it already.

This is going to show how much of a noob I am on this stuff, I feel like a first grader trying to do algebra :lol:

On another forum someone replied:

It's router setting.
Your acccess router may have NAT function.
Port-forwarding allows the router to redirect specific traffic into your PC.
Please read the router manual for detail operation.
(end of quote)

I replied: (and still waiting for a reply back)

My problem is the router manual seems to assume I know what values to input, but I am new at this and it's a guessing game, the values I tried obviously were not right somehow.

The port forwarding section has the following fields to fill in and I'm guessing what to put in each one and the only one I am sure of is the Protocol being UDP. I'm not sure if the "Local IP" means the IP of my computer or the IP of the windows phone I am trying to connect with.

Service name:

Source target:

Port range:

Local IP:

Local port:

Protocol:
 
The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video feeds, they want an always on linux box with decent internet connectivity that can be used to attack targets on the internet.. they want to turn your camera into a weapon of mass destruction.

When you say "NEVER FORWARD PORTS" are you talking about doing that OUTSIDE of the VPN protocol?

For example I've just setup VPN on my pfSense box, OpenVPN to be exact. I know that it's going to use UDP to "listen" on a specific port, for my VPN connection.

Is this ok? Am I safe doing this?
 
When you say "NEVER FORWARD PORTS" are you talking about doing that OUTSIDE of the VPN protocol?

For example I've just setup VPN on my pfSense box, OpenVPN to be exact. I know that it's going to use UDP to "listen" on a specific port, for my VPN connection.

Is this ok? Am I safe doing this?
Yes, you have to have one external link through to your VPN server. The software 'should' be robust enough to keep the bad guys it's, that's it's some purpose really.

Sent from my ONEPLUS A3003 using Tapatalk