Blue Iris through VPN

[pjriddle]

I have Blue iris operating succesfully on main site. I have another site with three cams that are all supported by blue iris that will not connect through a Hardware VPN.

The Hardware VPN is formed from two TP-Link VR600 routers with an IPSec VPN working between them. The VPN is up and running (I have two Panasonic IP phones connecting through it) and the cams IP's can be pinged but they will not link through the Blue Iris software. If I run a demo Blue iris on the remote site all is OK and cams recognised.

What am I missing, is there a port that needs forwarded or some other tweak needed. Any help appreciated. Peter

 

[The Automation Guy]

Are there VLANs involved as well? I only ask because the VPN setups I've created (OpenVPN connections via pfSense firewall) require you to explicitly allow which VLANs a person can connect to over the VPN. If you followed a "stock" setup guide, you might have only allowed access over the VLAN to the main network segment and not included the VLAN segment that the cameras are located on. That being said, you shouldn't have to do anything differently to have BI find a camera on a remote network if the VPN is set up correctly. Remote devices coming through the VLAN should appear as local devices on your network. If they don't, I suspect it is a VPN setup issue.

I have a full time VPN connection set up between my house and my parents house. I have a single camera at my parents house that I pull into my BI setup over the VLAN. I simply had to "add" that remote camera in my local BI using the IP address of that camera on my parents network. BI immediately found the camera and I had no problems integrating it into the BI ecosystem. This even with the BI machine being on a separate VLAN on my local network. This is how the VPN should work if set up correctly.

So for example, my local local network looks like this:

• Main VLAN 192.168.20.x
• Camera VLAN 192.168.21.X (includes local cameras and BI)

My Parent's network looks like this:
- Main network 192.168.50.X (camera sit's on main network - perhaps it's network address is 192.168.50.50).

I simply added that remote camera into BI using the camera's actual ip address of 192.168.50.50 and BI found and setup the camera as expected without any additional steps other than having the VPN connection set up to include both my Main and Camera VLANs in the VPN bridge/connection.

 

[jaydeel]

I have a full time VPN connection set up between my house and my parents house. I have a single camera at my parents house that I pull into my BI setup over the VLAN. I simply had to "add" that remote camera in my local BI using the IP address of that camera on my parents network. BI immediately found the camera and I had no problems integrating it into the BI ecosystem. This even with the BI machine being on a separate VLAN on my local network. This is how the VPN should work if set up correctly.

Thanks for posting this. Can you expand on your setup a bit? Are you using OpenVPN? If so, is your parent’s router configured as the OpenVPN server, or client?

I recently attempted to perform such a setup while caretaking for my parents in another state. But I’m a networking novice and was not property prepared and ran out of time. I carried a camera and an Asus RT-AC68U router with me. Their internet provider is Armstrong and adding a second router required a call to tech service to provision equipment they did not own.

 

[The Automation Guy]

Thanks for posting this. Can you expand on your setup a bit? Are you using OpenVPN? If so, is your parent’s router configured as the OpenVPN server, or client?

I recently attempted to perform such a setup while caretaking for my parents in another state. But I’m a networking novice and was not property prepared and ran out of time. I carried a camera and an Asus RT-AC68U router with me. Their internet provider is Armstrong and adding a second router required a call to tech service to provision equipment they did not own.

I have pfSense firewalls at both locations (although that really doesn't matter as long a whatever router/firewall you are using can support VPN connections). You only set up the VPN "server" at one end which is set up as a "peer to peer" connection. At the other end, you set up a client connection (also in peer to peer mode). You'll need to share the encryption keys between the server and the client however. I think I did it though a secure online vault, but you could also physically carry the key on a USB drive, etc.