How are you getting to BI remotely?

IReallyLikePizza2

Known around here
Joined
May 14, 2019
Messages
1,852
Reaction score
4,441
Location
Houston
Other than VPN, what are you guys using to get to BI?

I have OpenVPN and Wireguard setup at home, but I don't like having to connect to a VPN first. And I sure don't want to just blindly expose BI, and I'm not AT ALL confident that would end well

Anyone have any fancy solutions for this?
 

Flintstone61

Known around here
Joined
Feb 4, 2020
Messages
6,587
Reaction score
10,894
Location
Minnesota USA
nothing. yet. I have email alerts set up. Fills my 15 gig mailbox from Gmail about every 12-14 days. and thats with only 4 of the 15 cams sending emails. Someday I'll have BI at home, and get time to do the VPN thing. But i can always cheat and fall back to the Amcrest Xvr App....that's redundantly recording same data.
 

MicahJames

Pulling my weight
Joined
Aug 26, 2019
Messages
186
Reaction score
212
Location
San Jose, ca
I’m using port forwarding and the iOS app. I’m pretty sure that’s the worse thing I can possibly do based on what I’ve read on here so I’m hoping to use a more secure method soon. Just need the time one weekend to focus on that.
 

Mark_M

Getting comfortable
Joined
Jul 2, 2019
Messages
963
Reaction score
1,366
Location
Land down down under
nothing. yet. I have email alerts set up.
Same here for now. Once I get a new router (I'm looking at the Ubiquiti) I'll get a VPN for secure access.

I'm using email because I don't have a means to securely access right now. All this does is email based on a garage door's switch (saves me getting to the end of the street and contemplating if I have closed it the door!).
Port forwarding is a little too risky.

I don't have much of a need to view remotely, but it's a feature that will be handy while on holiday.
 

biggen

Known around here
Joined
May 6, 2018
Messages
2,539
Reaction score
2,765
Your only options are a VPN or port forwarding.

I use Wireguard. I leave the VPN connected on my phone and iPad 24x7.
 

IReallyLikePizza2

Known around here
Joined
May 14, 2019
Messages
1,852
Reaction score
4,441
Location
Houston
Your only options are a VPN or port forwarding.

I use Wireguard. I leave the VPN connected on my phone and iPad 24x7.
There are for sure better options, but a lot of them are much more complicated and/or expensive. Currently I'm looking into a conditional access system where your local device must have a certificate to be let in
 

whoami ™

Pulling my weight
Joined
Aug 4, 2019
Messages
230
Reaction score
224
Location
South Florida
Um... pretty sure a VPN needs a cert to get in. Port forwarding you can create firewall rules whitelisting IPs. Still only two options. pfSense is my final answer. I think VPN Client Pro for Android has option to make vpn connect when opening a selected app.
 

TVille

Getting comfortable
Joined
Apr 26, 2014
Messages
672
Reaction score
1,639
Location
Virginia
I'm using ZeroTier. It stays connected on my Android phone, and seems to always work. I do have to re-enable it after I reboot the phone. A YouTube video on setting it up with BI is here.
 

The Automation Guy

Known around here
Joined
Feb 7, 2019
Messages
1,376
Reaction score
2,737
Location
USA
VPN for me.

However I also use Tasker with my Android phone and have a profile set up with a custom desktop icon. When I click on that icon, it first loads and logs into the VPN connection and then loads the BI app. I also have it set up so that when I navigate away from the BI app, the system automatically closes the VPN connection. It works well and the entire process takes about 4-5 seconds to load.
 

biggen

Known around here
Joined
May 6, 2018
Messages
2,539
Reaction score
2,765
There are for sure better options, but a lot of them are much more complicated and/or expensive. Currently I'm looking into a conditional access system where your local device must have a certificate to be let in
That's a VPN with certificates.
 

IReallyLikePizza2

Known around here
Joined
May 14, 2019
Messages
1,852
Reaction score
4,441
Location
Houston
That's a VPN with certificates.
You can do this without VPN. As soon as you hit a firewall/reverse proxy or whatever you setup, it checks for a certificate on the device. If there is one, it lets you through directly without a VPN

I'm trying to find a nice way to do it without something like a Citrix Netscaler where is easy
 

biggen

Known around here
Joined
May 6, 2018
Messages
2,539
Reaction score
2,765
You can do this without VPN. As soon as you hit a firewall/reverse proxy or whatever you setup, it checks for a certificate on the device. If there is one, it lets you through directly without a VPN

I'm trying to find a nice way to do it without something like a Citrix Netscaler where is easy
How does your device know to hand the certificate off? Wouldn't you see need to manually activate the app/program in order to give the certificate to the requesting entity?
 

IReallyLikePizza2

Known around here
Joined
May 14, 2019
Messages
1,852
Reaction score
4,441
Location
Houston
I'm currently trying it with Duo

You hit Blueiris.whatever.com which goes to a Duo auth proxy, checks your device (Which needs the DUO App) and then lets you through to the end location which is Blue Iris

There are a few other ways, but I think this might be the best
 

whoami ™

Pulling my weight
Joined
Aug 4, 2019
Messages
230
Reaction score
224
Location
South Florida
I would assume opening a port is safer than allowing a 3rd party access to your network. But maybe it's just me.
 

IReallyLikePizza2

Known around here
Joined
May 14, 2019
Messages
1,852
Reaction score
4,441
Location
Houston
You're not allowing third party access to your network, the local server looks back at the DUO Cloud to get your device info, and then lets you in
 

Old Timer

Known around here
Joined
Jul 20, 2018
Messages
1,352
Reaction score
2,945
Location
I'm ok
If you are IT friendly, look into NGROK.io

It works well, and even works for my on my Verizon hot spot.
 

kumar2020

Young grasshopper
Joined
May 8, 2020
Messages
42
Reaction score
11
Location
Iowa
I previously used a VPN but as others have commented, my Android phone kept disconnecting. It was also a bit of a pain to set up. I'm currently using ZeroTier. It's easy to set up and I can manage connections between specific devices whether or not they are on my home network.
 
Joined
Jan 5, 2019
Messages
13
Reaction score
1
Location
UK
Using zerotier also. Such a simple solution. With home assistant and ui3. I'm not happy with the layout in ui3 yet. I'm trying to get different views set up for different devices. Ui3 for mobile, tablet, TV etc and realtime webhooks or some trigger to activate triggered camera on the screen. I was using the ui3 beta function. But that just stopped recently
 

Jagradang

Getting the hang of it
Joined
Aug 10, 2017
Messages
172
Reaction score
36
VPN for me.

However I also use Tasker with my Android phone and have a profile set up with a custom desktop icon. When I click on that icon, it first loads and logs into the VPN connection and then loads the BI app. I also have it set up so that when I navigate away from the BI app, the system automatically closes the VPN connection. It works well and the entire process takes about 4-5 seconds to load.
any chance i could have a look at your tasker job. I tried it but couldn't get it working right so might be something i'm doing wrong.
 

NielK

Getting the hang of it
Joined
Jan 2, 2018
Messages
44
Reaction score
77
Location
UK
Same here for now. Once I get a new router (I'm looking at the Ubiquiti) I'll get a VPN for secure access.

I'm using email because I don't have a means to securely access right now. All this does is email based on a garage door's switch (saves me getting to the end of the street and contemplating if I have closed it the door!).
Port forwarding is a little too risky.

I don't have much of a need to view remotely, but it's a feature that will be handy while on holiday.
Setting up a VPN on the Ubiquiti USG router was straightforward, as was setting up an iPhone / iPad to work with it. So far it has worked reliably for remotely connecting to BI (using the BI app and also UI3 running on a web browser). The VPN is routed into a separate LAN and you can configure the firewall to limit what the remote users can connect to on the private side of your router. (In my case, only the BI server.) Very handy for checking in while away. And for watching geo-fenced UK TV programmes :)

In case you need it, this site generously offers a free dynamic DNS (IP Cam Talk DDNS). Thank you IPCamTalk!
 
Top