VPN setup for several locations needed

daru84

n3wb
Joined
Jun 12, 2018
Messages
25
Reaction score
2
Location
Munich
I run my cameras since years with port forwarding and BI and after some users told me to stop that and setup a VPN I realised the importance and am on the way to it. I also read "VPN Primer for Noobs" and "How to Secure Your Network" in this forum already.

I think it's still a long journey for me until I understand how I can setup the whole network for me.

My current situation:
Location 1: Computer running BI and cameras (no VPN needed because they are in the same network)
Location 2: Running cameras, VPN needed
Location 3: Running cameras, VPN needed

Questions:
1. It's pretty easy to setup and use a single VPN to ONE location. But I don't understand the idea how to do setup a VPN to two locations (2 and 3) plus the the one which doesn't need a VPN (1) ?
2. Can I use a identical DDNS in the router to setup VPN for location 2 and 3 ?

Thank for any help in advance! Links which lead to explanation are also very welcome! I am not lazy to read and study this topic, but I didn't find anything certain for me so far!
 

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,659
Reaction score
1,193
Hello @daru84,

sure we can help ! :)

The "easiest" way is to deploy 1 OpenVPN server on location 1. Create all security certificates and a user for location 2 and a user for location 3. Inline with this "easy" setup, deploy a router with VPN Client capabilities in both location 2 and 3. ASUS for example does not only have OpenVPN Server capabilities, but also OpenVPN client onboard. Which means that you simply enter the certificates (and DDNS of location 1) plus user 1/2 in the ASUS router of location 1/2. Configure the VPN client that àll traffic needs to go to location 1 OpenVPN server, so you are 200% sure there won't be any traffic leakage.

If you don't have an OpenVPN client capable router in location 2 and 3, but a "spare pc" (eg linux/raspberry/...), you can deploy OpenVPN client plus an additional gateway which will serve as end-point to your camera's where your video streams will fall into that gateway and enter the VPN tunnel towards location 1. Bit more complex to setup, plus if your camera's go "rogue" and "guess" the real internet gateway, they can still reach out to the internets.

Lastly, if you really want to go enterprise grade, you can think about a triple site-2-site VPN setup. Bit more complex to setup, but then your 3 sites are virtually connected, all the time.

Hope this helps!
CC
 

catcamstar

Known around here
Joined
Jan 28, 2018
Messages
1,659
Reaction score
1,193
Hla yo puedo ayudarte hago Vpn con router a bajo costo y firmware openwrt no hablo inglés lo siento
Woah, I don't speak Spanish, but indeed, deploying an OpenWRT/DD-WRT firmware might do the trick, but be very wary: if you are unsure what you're doing (especially triple check your hardware compatibility: if a v2 is NOT supported, do not even think about TRYING it, you'll brick your router).
 
Top