VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    857
Thanks. I only need Windows and Android. But, it wouldn't hurt to look into LastPass, since it's compatible across all 3 OS, just in case.

I'll try these out and let you know what I decide. Thanks again.

Not to influence you into one (or another) direction, but lastpass has had some security issues (If you use a password manager, you need to read this)

That's the reason why I opted for an "offline" vaulting mechanism.

Just my 2c.
 
Hey, I'm stuck...

Installing OpenVPN on my windows NVR. I followed the Easywindows install guide, but I'm confused. Does the server have to be started after all the config files are set up? I tried to connect, but get an error of missing ta.key file....which I understand is some sort of a security key that I have failed to set up...I'm hours into this, and feel like I'm getting close... Did I miss a step of creating the ta.key??

thanks for any help.
 
Not to influence you into one (or another) direction, but lastpass has had some security issues (If you use a password manager, you need to read this)

That's the reason why I opted for an "offline" vaulting mechanism.

Just my 2c.

Thanks for the article.

How does LastPass work differently than KeePass, which you do use?

What do you mean by "offline"? If KeePass gets synced to a Google Drive account, then isn't it still "online" somewhere?
 
Hey, I'm stuck...

Installing OpenVPN on my windows NVR. I followed the Easywindows install guide, but I'm confused. Does the server have to be started after all the config files are set up? I tried to connect, but get an error of missing ta.key file....which I understand is some sort of a security key that I have failed to set up...I'm hours into this, and feel like I'm getting close... Did I miss a step of creating the ta.key??

thanks for any help.

Can you post a link to the install guide you're following?

Do you have to install OpenVPN on the NVR? Can't you just configure it in your router?
 
I'm at the point of getting OpenVPN server running on windows BI computer, and have successfully set up clients (my phone and a laptop) that can remotely connect to the server.

So, I now can't remotely access BI over the VPN (which I previously did by forwarding port 81 on my router to the BI computer...but which i now closed since I got the VPN working).

What am I missing about not being able to see BI over the VPN? There must be some BI setting that I need to change??

Looking at OpenVPN, I may have incorrectly configured the "redirect gateway" option...or perhaps I didn't configure it at all..need to research this unless someone has a quick answer.
 
Last edited:
Can you access it locally over the LAN from a browser? If so, when you connect with OpenVPN you should be able to see BI using the same address you used on access locally.
 
Can you access it locally over the LAN from a browser? If so, when you connect with OpenVPN you should be able to see BI using the same address you used on access locally.
i can connect to the server, but cannot see BI or use the servers internet connection...

have been reading on topics of windows firewall, and ip forwarding...issue could be there...

i'm completely new to OpenVPN
 
OK, i need help from someone who has installed OpenVPN server on a windows 10 machine....

I'm close...have the connection running with client(s), but cannot use windows server machine IP or BI from the client...
 
At lot of interesting stuff here, but I must ask because my case may be a little different.
I have today an inteno router with sorry to say, have port forward for my camera. But I have now read enough to go for vpn and bought today an asus 68u router and install it after the inteno which change to bridge.

I am a little worried about the overall config. The old router use 10.0.0.1 (up to 254) and have a couple of Ethernet Connection (nanobeam to extend the local net). These devices use 10.0.0.30 and 10.0.031 last one on the remote accesspkt.

As the asus seems to prefer using 192.168.xx.xxxx I then avoid conflict with the old router (going to be in bridge mode but still ip 10.0.0.1), but in that setting I must change the ip of the nanobeams which seems a bit difficult espesially at the remote accesspkt which is hard to get to.

Any other solution?
 
Good morning,

Newbie here. I have a desktop running Windows 10, and Blue Iris (BI). These are connected to my ISP router via a Netgear Nighthawk X4S AC 2600. So there is an ethernet cable running from the Nighthawk X4S AC2600 to the desktop running Blue Iris (BI).

I have read through most of this thread, but am still lost. Can anyone guide me please? Here are some questions:

1) I presume I need to install some VPN software on the desktop running Blue Iris (BI)? Which is the preferred software nowadays? Open VPN? IpSec?

2) I believe my router has some provision to VPN in to it, can I use this functionality?

3) I am unsure where to begin, what are the first three steps I need to take?

I may be travelling on work soon, so I would like to set this up asap.

Your advice is very welcome.

Thank you!
 
Bruce- I struggled installing also and I am not very familiar with OpenVpn but did get it installed and running. Since you are connected, I assume you have the Firewall and router can ping the BI Server. As I said, I am not very knowledgeable, but I feel your pain from my experience.

For Windows Defender Firewall you should have Inbound Rule set for OpenVPN and the port you are using as shown below.


On your Router Port Forwarding you should have the port(s) forwarded for your BI Server.



When connected, you should be able to access BI Web server by using your LAN access IP. In my case below it would be 192.168.254.98:8080. Note: The LAN and WAN addresses should be the same.
thanks for all of that...yes i have those settings as you describe..

i can connect the client to the BI Windows maching with OpenVPN server, but cannot see the BI or use the internet on the server...

thinking that my config file for the server is not right...i'll post it here to see if you guys have any ideas..

thanks again
 
my server config file....

proto udp

dev tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key" # This file should be kept secret

dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

push "redirect-gateway def1 bypass-dhcp"

keepalive 10 120

cipher AES-256-CBC

persist-key
persist-tun

status openvpn-status.log

verb 3

explicit-exit-notify 1
 
ok, i tried to ping the server IP (192.168.0.xxx) from a connected client machine and get a timeout....

so clearly something isn't right....but the VPN says it is connected...
 
I can't be much help beyond what I shared. Hopefully someone with good understanding will help you out. Sorry Bruce.
 
Good morning,

Newbie here. I have a desktop running Windows 10, and Blue Iris (BI). These are connected to my ISP router via a Netgear Nighthawk X4S AC 2600. So there is an ethernet cable running from the Nighthawk X4S AC2600 to the desktop running Blue Iris (BI).

I have read through most of this thread, but am still lost. Can anyone guide me please? Here are some questions:

1) I presume I need to install some VPN software on the desktop running Blue Iris (BI)? Which is the preferred software nowadays? Open VPN? IpSec?

2) I believe my router has some provision to VPN in to it, can I use this functionality?

3) I am unsure where to begin, what are the first three steps I need to take?

I may be travelling on work soon, so I would like to set this up asap.

Your advice is very welcome.

Thank you!

I would expect your router to work like mine for openvpn, so you can look at my guide
NetGear R7800 - OpenVPN
 
Good morning,

Newbie here. I have a desktop running Windows 10, and Blue Iris (BI). These are connected to my ISP router via a Netgear Nighthawk X4S AC 2600. So there is an ethernet cable running from the Nighthawk X4S AC2600 to the desktop running Blue Iris (BI).

I have read through most of this thread, but am still lost. Can anyone guide me please? Here are some questions:

1) I presume I need to install some VPN software on the desktop running Blue Iris (BI)? Which is the preferred software nowadays? Open VPN? IpSec?

2) I believe my router has some provision to VPN in to it, can I use this functionality?

3) I am unsure where to begin, what are the first three steps I need to take?

I may be travelling on work soon, so I would like to set this up asap.

Your advice is very welcome.

Thank you!

I would expect your router to work like mine for openvpn, so you can look at my guide
NetGear R7800 - OpenVPN
 
  • Like
Reactions: alwayson
OK, finally....what a learning curve..

if you look at my server config file, the server IP address when accessed from a client is 10.8.0.1 (I thought it was 10.8.0.0) if I point my browser there, I do see BI through the looking glass....

so now i just need to automate all of this so that when I want to see BI remotely, i automatically connect the vpn first...
 
At lot of interesting stuff here, but I must ask because my case may be a little different.
I have today an inteno router with sorry to say, have port forward for my camera. But I have now read enough to go for vpn and bought today an asus 68u router and install it after the inteno which change to bridge.

I am a little worried about the overall config. The old router use 10.0.0.1 (up to 254) and have a couple of Ethernet Connection (nanobeam to extend the local net). These devices use 10.0.0.30 and 10.0.031 last one on the remote accesspkt.

As the asus seems to prefer using 192.168.xx.xxxx I then avoid conflict with the old router (going to be in bridge mode but still ip 10.0.0.1), but in that setting I must change the ip of the nanobeams which seems a bit difficult espesially at the remote accesspkt which is hard to get to.

Any other solution?
Welcome to the forum and smart move to get away from port forwarding.

You should be able to change your ASUS router to 10.x.x.x it does not have to be on 192.168.x.x