BI app needs to port forward?

D

dabflyboy

Getting the hang of it
Sep 13, 2015
86
62
USA
I'm trying to set up the Blue Iris app on my Samsung S10. The wiki says to never port forward, but the BI app says it requires it. What's the proper way to set this up?
 

Attachments

  • Screenshot_20200712-192939_Blue Iris.jpg
    Screenshot_20200712-192939_Blue Iris.jpg
    661.2 KB · Views: 15
  • Like
Reactions: swooosh83
I've read through it. The confusing part is that it says to never forward ports, while the BI app contradicts it and says it requires it.

I have an Arris TG1682G modem/router that is supplied by my ISP. It doesn't have a built-in VPN. From what I've read, it looks like I'll either have to buy a separate router with it built in, or subscribe to a service. Is that correct?
 
Last edited:
dabflyboy said:
I've read through it. The confusing part is that it says to never forward ports, while the BI app contradicts it and says it requires it.

I have an Arris TG1682G modem/router that is supplied by my ISP. It doesn't have a built-in VPN. From what I've read, it looks like I'll either have to buy a separate router with it built in, or subscribe to a service. Is that correct?
Click to expand...
Once again you do not need to port forward The Blue Iris server if you properly set up a VPN. The instructions you posted are geared towards the lowest common denominator and is terrible advice and provides an unsecured path for others to hack your PC. Paid VPN Services is not what you need they are the wrong type of VPN start weeding or port forward At your own risk there are a bunch of threads on this topic
 
  • Like
Reactions: dabflyboy
fenderman said:
Once again you do not need to port forward The Blue Iris server if you properly set up a VPN. The instructions you posted are geared towards the lowest common denominator and is terrible advice and provides an unsecured path for others to hack your PC. Paid VPN Services is not what you need they are the wrong type of VPN start weeding or port forward At your own risk there are a bunch of threads on this topic
Click to expand...
Gotcha. Thanks.
 
I have the same modem from comcast. I have placed the modem/router in passthru/bypass/bridge mode. This allows the arris tg1682g to only be a modem. not a router. Then I use a ASUS router which has a vpn built in, as my router.

-----------------------------------------------
My general VPN post
There are two types of VPN, do not get them confused.
The type depends on where the traffic conversation (traffic) originates

1) origination: local home network, destination the internet.
This type of VPN purpose to hides your activity from the internet, it is outbound, it normally costs a monthly fee to use. Direction is from your home PC to the internet, going to your bank, google, porn sites,,,, this not what you want. This VPN uses a VPN server that is in the middle of your communications.

2) Origination: the internet world wide web, destination: your home network.
This VPN type is used to provide a secure connection onto your local network, in bound to you local home network, from your office computer, your cell phone in your car, tablet at the coffee shop.. This is what you want, it does not have a monthly fee and is normally completely free. OpenVPN is this type of VPN.

If you home internet provider is a cellular network, then DDNS (dynamic Domain Name System) may not work, the DDNS is needed for most Inbound VPN services (OpenVpn), so OpenVPN may not work for you.

A video on the paid VPN.

------------------------------------------------------
 
Last edited:
  • Like
Reactions: Nanookofthenorth and dabflyboy
SouthernYankee said:
I have the same modem from comcast. I have placed the modem/router in passthru/bypass mode. This allows the arris tg1682g to only be a modem. not a router. Then I use a ASUS router which has a vpn built in, as my router.

-----------------------------------------------
My general VPN post
There are two types of VPN, do not get them confused.
The type depends on where the traffic conversation (traffic) originates

1) origination: local home network, destination the internet.
This type of VPN purpose to hides your activity from the internet, it is outbound, it normally costs a monthly fee to use. Direction is from your home PC to the internet, going to your bank, google, porn sites,,,, this not what you want. This VPN uses a VPN server that is in the middle of your communications.

2) Origination: the internet world wide web, destination: your home network.
This VPN type is used to provide a secure connection onto your local network, in bound to you local home network, from your office computer, your cell phone in your car, tablet at the coffee shop.. This is what you want, it does not have a monthly fee and is normally completely free. OpenVPN is this type of VPN.

If you home internet provider is a cellular network, then DDNS (dynamic Domain Name System) may not work, the DDNS is needed for most Inbound VPN services (OpenVpn), so OpenVPN may not work for you.

A video on the paid VPN.

------------------------------------------------------
Click to expand...

Thanks for the clarification. Much appreciated. It looks like I'll have to purchase another router. Any recommendations that won't break the bank?

edit: OR should I purchase my own modem/router combo to use instead of my ISP's?
 
Last edited:
dabflyboy said:
Thanks for the clarification. Much appreciated. It looks like I'll have to purchase another router. Any recommendations that won't break the bank?

edit: OR should I purchase my own modem/router combo to use instead of my ISP's?
Click to expand...
A modem router combo always presents problems.
Asus routers have built in vpn servers that are easy to setup or you can run an open vpn server on your blue iris pc.
If you want something more advanced but will require some work on your part to learn that lets you create vlans to segment networks but not too overly complex look at the unifi dream machine. (on a scale where asus is a 1, the unifi is a 5 while most others are 8-10).
If you are paying monthly for your modem router combo then get your own modem and use one of these routers.
 
  • Like
Reactions: dabflyboy
fenderman said:
A modem router combo always presents problems.
Asus routers have built in vpn servers that are easy to setup or you can run an open vpn server on your blue iris pc.
If you want something more advanced but will require some work on your part to learn that lets you create vlans to segment networks but not too overly complex look at the unifi dream machine. (on a scale where asus is a 1, the unifi is a 5 while most others are 8-10).
If you are paying monthly for your modem router combo then get your own modem and use one of these routers.
Click to expand...

Thanks @fenderman, but I think that one may be a bit out of my price range, at the moment. Going to have to go a bit cheaper, as there are a couple other things I need to spend a few dollars on first. Namely, a good UPS and a few more cameras. Too many brown-outs here. It may be something to look into for the future, though.
 
Port forward is required yes. Safer to open a port for VPN than a port for something else (unless your router can run the VPN server).

I run OpenVPN on my Milestone box. Works great.
 
Last edited:
  • Like
Reactions: dabflyboy
dabflyboy said:
. . . that one may be a bit out of my price range, at the moment. Going to have to go a bit cheaper, as there are a couple other things I need to spend a few dollars on first.
Click to expand...

You can pick up a used Araknis Router that will do VPN and provides free DDNS for $30-$40 on ebay. Here's one example:

Araknis Router

Here's the documentation:

Araknis 300 Series Router

I've been using one for about a month now with no issues.
 
As an eBay Associate IPCamTalk earns from qualifying purchases.
  • Like
Reactions: dabflyboy
OpenVPN uses the OpenSSL library for encryption. Another option is to use stunnel, which also uses the OpenSSL library. Stunnel creates a TLS wrapper around your session to BI.

So without any additional monetary investment, you can setup stunnel. Instead of opening a port for OpenVPN, you would open a port for stunnel.
 
  • Like
Reactions: swooosh83 and dabflyboy
You must log in or register to reply here.
Top Bottom