ponyrider127
Pulling my weight
Is there a way to allow someone access to one camera only and not all of the cameras.
Allowing access
- Thread starter ponyrider127
- Start date
ponyrider127
Pulling my weight
Where do I do That?
ponyrider127
Pulling my weight
Thanks, Now I to have learn all over again
It's not really THAT bad, we all learn by doing.
Go to BI's "settings" => "Users" tab, click on the "Help" button and read up. BI has excellent and contextual built-in Help.
You'll discover how to create a "Group", assign a camera or cameras to that group and then allow that user to view only that group, thereby allowing that user to see only the cam or cams you want them to see. Be sure to un-check "Administrator" privileges.
Give it a shot!
ponyrider127
Pulling my weight
I will have to give them access to the vpn server also correct
Yes, if that's how you're set up for remote access, since port forwarding is highly discouraged.
ponyrider127
Pulling my weight
Yes, vpn server no port forwarding.
ponyrider127
Pulling my weight
That's what I don't like. I have told them no. Just trying to see if it is possible to limit it for 1 or 2 cameras only.
sebastiantombs
Known around here
You could also allow access only to the IP of your BI machine and the port BI is running on in your router. That should keep them from being able to access everything else.
ponyrider127
Pulling my weight
They would need to view live, search and download video.
ponyrider127
Pulling my weight
If someone put up their own camera and used my internet they would not be able to view the camera because of my vpn server. Is that correct?
SpacemanSpiff
Known around here
For clarity: Yes, you can limit them to the cameras of your choosing within the BI server itself. However, as @Mike A. pointed out, they will have access to the other systems/services on the local area network (LAN) that the BI server is on.
If the BI server is on your office LAN, along with network printers, files servers, access control systems, etc. Anyone connecting via the VPN might also have access to the same devices unless you take precautions to prevent it. If your IP cameras (network devices) are not isolated to their own separate network (connected to BI server by a 2nd NIC) they (VPN visitors) could potentially connect directly to the camera GUI.
SpacemanSpiff
Known around here
Put up their own camera, where? At their house? At your house (aka: your private network)?
edit:
Do you think someone set-up a spy cam on your network and is trying to access it from a remote location?
Mike A.
Known around here
- Joined
- May 6, 2017
- Messages
- 3,844
- Reaction score
- 6,424
You could do both - have your VPN and put their cam on a forwarded port, DMZ, etc. But then their cam would be sitting accessible to the Internet and a gateway into yours which isn't a real great idea.
With a more advanced firewall you likely could restrict VPN client access better but that's probably beyond what you have there. I don't think that there's any way to do that simply using a typical home router/client.
ETA: I guess you also could set up another VPN using a Raspberry Pi or whatever on a separate subnet/VLAN and give them access that way. You'd need to set up the BI server on both. That's getting a little more complicated though. Might be able to use the same front-end VPN server with different client subnet/IP settings but then they could change those easily.
Last edited:
ponyrider127
Pulling my weight
I already told them no. I would monitor it and upload what I see. Too much hassle for me to give them access.
Sometimes that's the best answer!
