BI and OpenVpn

R

rdxny

Pulling my weight
Oct 15, 2022
215
164
ny
I'm trying to install OpenVpn on my BI pc. (fios router can't do vpn), to avoid port forwarding.
I was able to install the server part (I think!) and it runs... though I'm not quite sure how to test it.
The issue is installing the client on Android. I installed OpenVpn on the phone, and it need the "client.ovpn" file. I copied that file to the phone, but when pointing OpenVpn app to that file, it shows errors finding the ca.crt, client.crt, and client.key files... I'm not sure where they need to be, or how to point to them in the client.ovpn file (I tried several ways), for example:

ca ca.crt
cert client.crt
key client.key

or

ca "c:\\program files\\openvpn\\Easy-RSA\\pki\\ca.crt"
cert "c:\\program files\\openvpn\\Easy-RSA\\pki\\issued\\client.crt"
key "c:\\program files\\openvpn\\Easy-RSA\\pki\\private\\client.key"

I tried copying the three files to the phone in same folder as the client.ovpn, no difference. I tried using another app, no change.

There is an option to retrieve the files using a web server interface to the openVpn on the pc..., but I have no clue how to do that.

Any suggestions will be appreciated.
 
update: I think I was able to connect the Schwabe version app, pointing to the files I had moved to the phone.
remaining questions: for the server choice, am I pointing the ap to my outward facing IP on the blue iris desktop running the vpn server? x.x.x.x:1194? or the internal ip? and protocol? UDP or TCP? so far I ger errors trying to connect...
 
hosting the VPN server on your BI machine, which is inside your network (aka behind your router), will still require you to set-up port forwarding to the BI server... which defeats the purpose.

Can you put FIOS router in bridge mode, and purchase your own router that supports VPN?
 
SpacemanSpiff said:
hosting the VPN server on your BI machine, which is inside your network (aka behind your router), will still require you to set-up port forwarding to the BI server... which defeats the purpose.

Can you put FIOS router in bridge mode, and purchase your own router that supports VPN?
Click to expand...
maybe, I hadn't considered that. The forwarding of a port to BI and VPN is no more secure that normal port forward?
 
rdxny said:
maybe, I hadn't considered that. The forwarding of a port to BI and VPN is no more secure that normal port forward?
Click to expand...

Correct!

Best practice is to have your VPN server presence bound at/on the router.
 
  • Like
Reactions: jrbeddow
Great reads here on IPCT

How to Secure Your Network (Don't Get Hacked!)

Many camera networks are unsecure, even those installed by professionals. This guide gives basic instruction in how to secure a camera network from the most common types of attacks. Perhaps the most important rule of securing a computer network is to not forward ports to unsecure services...
ipcamtalk.com ipcamtalk.com

VPN Primer for Noobs

The internet is a force of nature; no video surveillance system made was designed to be exposed to those forces.. NEVER FORWARD PORTS to your NVR or Cameras, doing such things not only exposes you to severe security problems, but everyone else on the internet too.. Hackers dont want your video...
ipcamtalk.com ipcamtalk.com
 
  • Like
Reactions: rdxny
You must log in or register to reply here.
Top Bottom