VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    857
As an Amazon Associate IPCamTalk earns from qualifying purchases.
Well it appears that it was not on sale at Amazon, but was at Newegg. At least I was not taken for anything other than a buck and we have not stacked up any shipping cost. Well at least one of us is happy. LOL

Thanks guys.
 
Just went through reading all 21 pages of this thread, great info.

Below is what I have done:
1) All cameras are connected to NVR and using 10.x.x.x IPs assigned and managed by the NVR.
2) NVR is connected to the router and I have paired mac address to a particular IP address.
3) Added a firewall rule to block all traffic from NVR's IP address and for all ports.
4) Verified that firewall rule works and no connectivity to the outside world.
5) Turned on OpenVPN server on the ASUS router.
6) Used iPhone with wifi turned off to login into the VPN server and able to access the NVR.

The app for NVR access is FLIR Secure.
Now, that I have the setup working the way I wanted, time to start locking it further down.
Thx for all the great suggestions.

Everything is working the way I wanted except the system seems to lose connectivity every couple of days. At that point, I have to disable firewall rules and enable them again. Almost, like the connection is being "forgotten" and needs to be refreshed. Any thoughts on what might be causing it and how to fix it good?
thx
 
Very newb question. If I only access my cams through my own lan do I still need a vpn on my router?
 
I know you guys don't suffer fools but id really appreciate some help here. I cannot fathom out what I need to do.

Below is a screenshot from my router, can this be used? It has a IPSEC page which looks like I might be on the right area but how do I know what to populate the fields with? Is this a VPN server or is it not capable of that?

Router-VPN-page.jpg
Router-VPN-page2.jpg
 
From doing a quick search online of your router (TP-Link Archer VR900) it looks like it doesn't have the capability of running a VPN server...

Hmm, I did suspect that although I did find a guide how to do it on that router and he had different options. It was an old article and I’m on a fairly new firmware.

Perhaps I need to do it on my BI PC, it’s only an i5 but it’s lightly loaded with only six cams so hopefully I have the headroom, although I know it’s advised to run nothing but BI on the PC it’s on.

I’m afraid I cannot grasp networking at all, I don’t even understand port forwarding but I just port forward the PC if it hosts the VPN, is that right?
 
Hmm, I did suspect that although I did find a guide how to do it on that router and he had different options. It was an old article and I’m on a fairly new firmware.

Perhaps I need to do it on my BI PC, it’s only an i5 but it’s lightly loaded with only six cams so hopefully I have the headroom, although I know it’s advised to run nothing but BI on the PC it’s on.

I’m afraid I cannot grasp networking at all, I don’t even understand port forwarding but I just port forward the PC if it hosts the VPN, is that right?
Honestly I would get a router that supports OpenVPN server if you are that uneasy about networking. Speaking from personal experience ASUS routers are very easy to set up.
 
  • Like
Reactions: looney2ns and Jinx
@nayr suggests in this threads first post running your vpn server on your BI PC as a good second alternative if your router can't do it.

In that case you would forward the VPN port (by default usually 1194) thru your router to your BI PC.
 
  • Like
Reactions: Jinx
Hmm, I did suspect that although I did find a guide how to do it on that router and he had different options. It was an old article and I’m on a fairly new firmware.

Perhaps I need to do it on my BI PC, it’s only an i5 but it’s lightly loaded with only six cams so hopefully I have the headroom, although I know it’s advised to run nothing but BI on the PC it’s on.

I’m afraid I cannot grasp networking at all, I don’t even understand port forwarding but I just port forward the PC if it hosts the VPN, is that right?

If you don't understand it, find someone who knows. You don't want to open your network up to security issues.
 
  • Like
Reactions: Jinx
I always thought that it was cake, as in easy as cake. I like Cake.:screwy:

Just blowing off a little bit of crazy. Yet I am preparing to dive into this on the 29th.
 
Great post and something probably 99% of IP cam users aren't aware of.

I have a Zoom 5352 router which has VPN. I have searched for hours on how to set it up but unlike all the info on setting up VPN on Asus and Netgear routers, I can't find anything. I tried researching all the individual option settings but after many hours I am still not sure what to put.

I want to set it up as IPSec/L2TP. My router has options to enable L2TP and IPSec but I am not sure if enabling both gives me IPSec/L2TP or if I can only use one or the other.

My main problem is the IPSec options, especially what to set for Local and Remote endpoint settings, and also the IPSec and advanced settings with the red errors in the screen shot below.

Thank you in advance for any help.

VPNSS1.jpg VPNSS2.jpg VPNSS3.jpg
 
Is anybody experiencing an issue where OpenVPN / Netgear is issuing a 192.168.254.x IP address to Android Clients even though the LAN is 192.168.1.x? This makes VPN pointless for me. Any idea how I can fix this? Quick googlefu seems as though its got to do with Android / TUN and idk how to fix it. Anyone with any ideas? Thanks
 
I think I got it figured out / fixed. I would prefer it be on the same subnet but I think this is working....I added a static route in the R8000 router. Seems to be working for now.

Destination IP: 192.168.254.0
Subnet Mask: 255.255.255.0
Gateway IP: 192.168.1.1
Metric: 2
 
Can anyone help me out with this? Just started poppin up last week. Easy fix? I am currently using the VPN built into my Netgear Router
vpn_vpn.png
 
I was just getting ready to post the same thing. I posted on OpenVPNs firum as well. I have instructions from Untangle to try.
 
Last edited:
I don't think it's a bug. I am a VPN noob, but I think it is something that requires a firmware update from Netgear and it appears Netgear is ignoring customers.

Sent from my VS990 using Tapatalk
 
Ok, I just uninstalled OpenVPN from my Untangle server and reinstalled it; generated new OpenVPN files and I'm good to go. So your assumption on the Netgear may be correct. Hopefully, someone who knows Netgear will chime in.