Allowing access
- Thread starter ponyrider127
- Start date
Yes, you simply set up a user account for that person and only give them access to one camera.
It's not really THAT bad, we all learn by doing.
Go to BI's "settings" => "Users" tab, click on the "Help" button and read up. BI has excellent and contextual built-in Help.
You'll discover how to create a "Group", assign a camera or cameras to that group and then allow that user to view only that group, thereby allowing that user to see only the cam or cams you want them to see. Be sure to un-check "Administrator" privileges.
Give it a shot!
Yes, if that's how you're set up for remote access, since port forwarding is highly discouraged.
Mike A.
Known around here
- May 6, 2017
- 4,199
- 7,066
Note that then they'll effectively be a client on your network and have access to whatever is accessible.
That's what I don't like. I have told them no. Just trying to see if it is possible to limit it for 1 or 2 cameras only.
sebastiantombs
Known around here
You could also allow access only to the IP of your BI machine and the port BI is running on in your router. That should keep them from being able to access everything else.
If someone put up their own camera and used my internet they would not be able to view the camera because of my vpn server. Is that correct?
For clarity: Yes, you can limit them to the cameras of your choosing within the BI server itself. However, as @Mike A. pointed out, they will have access to the other systems/services on the local area network (LAN) that the BI server is on.
If the BI server is on your office LAN, along with network printers, files servers, access control systems, etc. Anyone connecting via the VPN might also have access to the same devices unless you take precautions to prevent it. If your IP cameras (network devices) are not isolated to their own separate network (connected to BI server by a 2nd NIC) they (VPN visitors) could potentially connect directly to the camera GUI.
Put up their own camera, where? At their house? At your house (aka: your private network)?
edit:
Do you think someone set-up a spy cam on your network and is trying to access it from a remote location?
Mike A.
Known around here
- May 6, 2017
- 4,199
- 7,066
You could do both - have your VPN and put their cam on a forwarded port, DMZ, etc. But then their cam would be sitting accessible to the Internet and a gateway into yours which isn't a real great idea.
With a more advanced firewall you likely could restrict VPN client access better but that's probably beyond what you have there. I don't think that there's any way to do that simply using a typical home router/client.
ETA: I guess you also could set up another VPN using a Raspberry Pi or whatever on a separate subnet/VLAN and give them access that way. You'd need to set up the BI server on both. That's getting a little more complicated though. Might be able to use the same front-end VPN server with different client subnet/IP settings but then they could change those easily.
Last edited:
I already told them no. I would monitor it and upload what I see. Too much hassle for me to give them access.
Sometimes that's the best answer!
