VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    857
I've just setup piVPN on a 3b+. I've tried to get VPN running on a variety of dd-wrt routers and a Win 10 machine with no luck, but this worked first time. Using BlueIris for Android for remote checks.

If anyone's interested, I started here: PiVPN
Rick
 
Last edited:
A great alternative to the ASUS router is the Peplink Pepwave Surf SOHO. The software is maintained, the router is incredibly stable, and it has VPN and VLAN.
 
A great alternative to the ASUS router is the Peplink Pepwave Surf SOHO. The software is maintained, the router is incredibly stable, and it has VPN and VLAN.

Thanks for the heads-up. Looks very good.

Unfortunately they sell for just under $400 +P&H in this part of the world; I just bought a brand-new Asus ac68u for $150 delilvered.
Rick
 
  • Like
Reactions: adamdylan
Thanks for the heads-up. Looks very good.

Unfortunately they sell for just under $400 +P&H in this part of the world; I just bought a brand-new Asus ac68u for $150 delilvered.
Rick
Bummer. In the US they are only $199 +shipping
 
Ive used the openVPN in my Asus router for years to access my home network and cameras with my mobile phone and the Sprint Network. Within the past few months something has happened and the open VPN will no longer work on Sprint Data. Works fine connected to any wifi network and am also still able to connect to my network while using VPN on my iPad using ATT data. Anyone here using openVPN on Asus router along with Sprint? Note that i can connect to VPN while on Sprint data but nothing works not even browsing web pages or speed test much less getting cameras up.
 
I have a question, if I were to run a VPN on a raspberry pi, would I need some way to connect the raspberry pi directly to the nvr, or would I plug the nvr into my router, set up the VPN connect to the VPN on the raspberry pi and then I could view video?
 
Could someone please explain what is meant by this statement? For instance, What is a "point to point VPN outbound connection to an external server" mean exactly?
Not having an externally routable IP, if your VPN Server is on a Satellite or a Mobile Network you may not be able to remotely connect to anything.. port forwards wont work either. The best option for these networks is to establish a point to point VPN outbound connection to an external server you run on another network or subscribe to.
 
if you do not have a wired ethernet connection from your home, you may have a problem. Non wired connections are a satellite or a cell connection, this is for your home internet.

A point to point VPN is a connection that is always connected. Not interminaly connected like your cell phone to your house. A point to point VPN would be a always on connect between your house and your office (if you own the office). Or a connection between two office buildings.

What is the problem you are trying to solve ? What is your physical network ?
 
Not having an externally routable IP, if your VPN Server is on a Satellite or a Mobile Network you may not be able to remotely connect to anything.. port forwards wont work either.
In short, cellular and satellite ISP's utilize carrier-grade NAT, so no public IP is provided for your WAN.
 
  • Like
Reactions: bigredfish
if you do not have a wired ethernet connection from your home, you may have a problem. Non wired connections are a satellite or a cell connection, this is for your home internet.

A point to point VPN is a connection that is always connected. Not interminaly connected like your cell phone to your house. A point to point VPN would be a always on connect between your house and your office (if you own the office). Or a connection between two office buildings.

What is the problem you are trying to solve ? What is your physical network ?
In short, cellular and satellite ISP's utilize carrier-grade NAT, so no public IP is provided for your WAN.
So the solution to establishing a remote location, secure camera system that has only mobile internet available, using Openvpn, is to do what? How is an "outbound connection to an external server" to be accomplished? (This is getting back to my original problem discussed here that I am now working on again and starting all over.)
 
I have never created a point to point VPN. but it can be done. But i do not know how.

A different solution does your service provided, have a method or service that has an external IP address.
 
I have never created a point to point VPN. but it can be done. But i do not know how.

A different solution does your service provided, have a method or service that has an external IP address.
Apparently att provides them for businesses for a substantial cost which makes it not useful for this project. It seems to me there should still be a way to get around this problem.
 
I apologize in advance. I searched but can't find a reasonable explanation for how this is possible:

You can route just your home LAN over the VPN connection, in this configuration leaving it permanently connected should not cause any issues and you wont have to do it manually every time.. some VPN clients/apps do auto-reconnect and/or dial on demand

Anyone done this on a USG? I don't need step by step but maybe a general guide
 
Question for the group as I'm rather new to setting up a VPN for an added layer of security for my cameras and NVR I'm in the process of installing. Promise I've read a ton of documentation on this site, but still a little confused.

So far I've only gotten the DB2 doorbell from Nelly's installed and working well in the variety of apps: Guarding Vision, Hik-Connect and iVMS-4500. I did install iVMS-4200 3.1 and BatchConfig on my desktop, as well as a first few steps of adding a Hikvision IP cube cam (wifi & POE), but stopped after entering the wifi info when I quickly connected it via POE and accessed the web portal. Mainly stopped because I wanted to make sure I'm secure before fully installing and I don't want to open ports, but use OpenVPN rather.

Weird thing is, in the last day since I installed the doorbell and initial step or two of the cube cam, my internet usage when through the roof. I don't have an NVR connected yet either.

I have an all Araknis network (with Control4) and my Araknis 110 router has OpenVPN build in, which I THINK I've got installed and working. This leaves me to my question from a newbie: How can I tell the OpenVPN is working properly? As I understand it, I won't need any device with it running when I'm at home and on my network (i.e. iPhones, laptop, desktop, etc.). However, I've I'm away from our home and iPhone is on LTE WITHOUT OpenVPN turned on my iPhone, should I be able to access these apps (i.e. Hik-Connect) to see the doorbell live? I ask because currently I can turn wifi off my cell phone and still access the doorbell when OpenVPN isn't turned on.

Any newbie help would be greatly appreciated.
 
OpenVPN doesn't do anything to stop your devices from reaching out to the internet on their own. It only allows you reach into your network safely to access devices you've banned from reaching out on their own.

You will need to manually block any device from accessing the internet in your router if you want to. Then you'll have to VPN in to access them. Sometimes certain devices cannot be controlled like this thou be aware. But for cameras and files and such it will be fine. Not sure about the video doorbell as I don't have one, but they tend to rely on an internet connection from what I understand.
 
  • Like
Reactions: SouthernYankee
Well as it turns out my OpenVPN setup seems to be working perfectly. Guess my issue was trying to test it with only my Nelly’s DB2 doorbell installed, which I can access in or away from our home network just fine.

Once I connected one of my POE cams the OpenVPN works like a charm when not on my home network. Turn on to view with not need of opening ports. Not on, can’t connect to camera.

Only outstanding question, which I can seem to find from reading lots of posts, how to set the iPhone to automatically connect to OpenVPN when not at home? Is it simply keeping the native iOS VPN switch in the “ON” position and telling OpenVPN to continually attempt to connect? Read a few things this could drain battery though.

Or - just manually connect when I leave the house? Trying to not make it a pain for the wife.



Sent from my iPhone using Tapatalk
 
Only outstanding question, which I can seem to find from reading lots of posts, how to set the iPhone to automatically connect to OpenVPN when not at home? Is it simply keeping the native iOS VPN switch in the “ON” position and telling OpenVPN to continually attempt to connect? Read a few things this could drain battery though.

Or - just manually connect when I leave the house? Trying to not make it a pain for the wife.

You ask the right question, but you have to think around the problem to get to a possible solution.
If you have one WAN IP, and the VPN server runs directly on the same router where the internet comes in, you run into a routing race, when connecting FROM your LAN to your WAN IP and then back TO the same LAN (through the VPN server). Your device cannot handle the double routing and dies in an eternal flame war. Anyway :-) So how to deal with it? What I did: my wifi is not on the VPN server instance, so even when being at home, my VPN service is always on and when leaving home, the wifi is exchanged to 4g and the VPN service continues. Another option could be to define another (guest?) wifi with another subnet mask than your NVR/IP cams, so even with duplicate routing for the wifi DHCP range, you should with the always-on VPN be able to reach the subnet with the cams.

Which suits you most is up to you. I opted for the first, as I am on a vlan-secured/separated network where this Edgerouter thing is the core component, hosting VPN service and managing all my vlans. My wifi runs on a underlying wifi router thing.

Good luck!
CC