VPN Primer for Noobs

What VPN Solution are you using?

  • Total voters
    856
NVR's sync the cameras times using onvif and not ntp.. if you enable both NTP and configure NVR to set time on cameras they fight each other.

but yeah its possible to setup NVR to sync NTP time and then push it out to all the cameras..
 
bumping this back into view for the holiday spending spree
 
  • Like
Reactions: wantafastz28 and fenderman
Thanks Nayr for these great directions. One thing I can't find though.
I use Blue Iris to connect to my cameras from my iPhone and it is great. Right now via port forwarding, it is immediate.
going forward, I will use a VPN but I don't want any lag when I click on my Blue Iris icon nor do I want to have to open the VPN separately.
I don't believe there is a way to have Blue Iris starting the VPN connection every time you click on it. Correct? If so, would still be a lag but maybe acceptable.
As an alternative and probably better option, I could have an always open VPN on my iPhone but I have not found a way to do this. Any suggestion? Either OpenVPN or L2TP.
THANKS!
 
Open VPN always on when I use my Samsung did you try in settings on the app for always on .
 
those are for hiding your IP from tracking services, few if any will allow you to remote access your network
 
Ahhh gotcha.


I may try to use a raspberry pi to create a server. I got a location with open camera ports that people keep trying to access...
 
Nice guide @nayr .

I am wondering about router support and ease of use of OpenVPN with internal server. Apparently my new TP-Link wireless router (Archer C7) does not have its own server. I think it supports having one on the LAN (maybe up to 10), but that would be a pain. I think my other router/AP Netgear (R7000) does. Does anyone know if the Ubiquity Edge series (X or Lite) support OpenVPN? I am fairly sure they support PPTP and L2 ipsec, but supect that getting thoes to work with an android cell phone on LTE reliably might be a heavy lift. If it is easy however, they might be a good choice for the router between the cable modem and one or two LANs where the APs reside. Otherwise i think putin an ASUS wireless there (ex RT-AC66U B1) and using the other wireless routers as APs would be the easiest way to go. It is not that I think i will ever have more than 30,000 pps, so that is likely not really a decision. My gut tells me that the Ubiquity products are more resilient, for little or no added cost.

One suggestion for an added point. I think that to use VPN, a token is needed to be exchanged (one time). In general the server will create this and the clients will have their half to encrypt/de-crypt the tunnel traffic. What this means is their needs to be a vpn server process (in the router maybe), a client (ex android client tunnel app) and a set of tokens (one needs to be made and copied to the client in all cases). I think this minor point is missing.
 
Last edited:
Ive got a UBNT EdgeRouter and it dont have OpenVPN; im using IPSec off a freeradisus server I installed on the egdrouter.. If you are familiar w/linux command line you can install OpenVPN on it im sure.

tokens are not always used w/VPN, its just suggested because brute forcing a token is pretty much not going to happen.. its just a form of authentication and VPN can use all sorts of methods of auth.
 
  • Like
Reactions: quest100
@nayr, Does your IPSec system work well with android phones? what app do you use? i assume that it woks well with the built in security of modern computer OSes, but not sure how easy that would be for phone camera monitoring, my primary usage case right now.
 
  • Like
Reactions: rhaas12321
yeah works really well cause my router has ipsec crypto acceleration; im using the native android VPN client thats built in.
 
well lookie there. i did not know VPN was native to android. are you able to use port 443 with ipsec? I will be looking at this setup a bit more soon.
 
no ipsec requires specific protocols (not tcp/udp, IKE, ESP, etc) to be allowed, so trying to run it only over tcp/443 isint gonna fly
 
Nice post, @nayr !!, I saw it only now... ;)
Agree on all, my cameras and NVR are on their own VLAN, and are accessible via VPN or from my lan, but they cannot initiate connections by themselves (fw rules, internal NTP and so on), it's funny seeing, in the firewall's logs, how many sessions these devices try to initiate to some external ip addresses (mostly amazonaws) .....
Cheers,
jonatha
P.S. I mean ... these devices try to connect the internet .....when actually they shouldn't (with all internet services disabled)
 
Last edited:
I have an Asus RT-AC88U router and cannot get the VPN to allow me access. Is anyone familiar with that router and willing to help? My IT guy has already spent 2 hours and researched issues on his forums and still nothing.
 
Dytryn said:
I have an Asus RT-AC88U router and cannot get the VPN to allow me access. Is anyone familiar with that router and willing to help? My IT guy has already spent 2 hours and researched issues on his forums and still nothing.
Click to expand...
asus has the easiest vpn implementation...something either wrong with your router or it guy...
youtube has a bunch of tutorials
 
BLKMGK said:
I run PFSense as my firewall and am looking to access it via IOS and am having a heck of a time getting it setup so I'm watching this with interest.
Click to expand...

Did you get that sorted out? I can access my NVR via pfSense using "openVPN Connect" running iVMS-4500 on iOS. It took awhile but I finally got it.
 
You must log in or register to reply here.
Top Bottom