Hello from the US (at the moment)

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,448
Reaction score
47,574
Location
USA
I had posted this in another thread, but deleted and moved to here as it seems more appropriate:

A newbie with some knowledge and learning more everyday! I have had some variation of cameras for about 10 years and I use their respective app to view the cameras on mobile device.

I was kinda concerned about security and/or bandwidth drain, so my solution was to have the system connected to a switch and separate router (and thus a separate IP address subnet than other devices), in addition to a PC that is connected to that switch that is only used for watching the cameras. My thought was I could simply unplug the one Ethernet cable from the switch to the router if I was trying to watch Netflix or something and the cameras were slowing down the system or could unplug when doing something on another computer not connected to that switch.

I am now to the point where I don't want to invest in analog cameras to replace existing failing ones, so I have been looking at the latest IP cameras and that is how I stumbled across this site. There are some great contributors on this forum and a ton of information. One of particular concern is network security and the idea that the cameras should not have internet access and should instead be accessed via VPN. Some of those articles freaked me out!

After digesting it and looking at it more, I think I might be closer to a secure solution than I realized (but probably not secure enough for some on here). Below is my setup and it looks like my setup could be modified by simply obtaining a 3rd party viewer like Blue Iris, setting up a VPN (maybe switch a router to an ASUS), and block the cameras from internet access? Could I use the laptop Ethernet port to connect the cameras to and block internet access and then wifi of the laptop to access the internet or do I need two Ethernet ports?

We use VNC for work and I did a search and couldn’t find anything about VNC – in my mind VNC would be more secure than VPN as VNC only allows the ability to view and use the remote computer, whereas VPN joins the network? Thoughts?
 
Last edited:

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
5,170
Reaction score
5,320
Location
Houston Tx
:welcome:
My standard welcome to the forum message.

Please read the cliff notes and other items in the wiki. The wiki is in the blue bar at the top of the page.

Read How to Secure Your Network (Don't Get Hacked!) in the wiki also.

Quick start
1) Use Dahua starlight cameras or Hikvision darkfighter cameras or ICPT Night eye cameras (https://store.ipcamtalk.com/) if you need good low light cameras.
2) use a VPN to access home network (openVPN)
3) Do not use wifi cameras.
4) Do not use cloud storage
5) Do Not use uPNP, P2P, QR, do not open ports,
6) More megapixel is not necessarily better.
7) Avoid chinese hacked cameras (most ebay, amazon, aliexpress cameras(not all, but most))
8) Do not use reolink, ring, nest cameras (they are junk)
9) If possible use a turret camera , bullet collect spiders, dome collect dirt and reflect light (IR)
10) Use only solid copper, AWG 23 or 24 ethernet wire. , no CCA (Copper Clad Aluminum)

Read,study,plan before spending money ..... plan plan plan

You will need to set up a BI computer to record the video from the new cameras. The old cameras analog dvr cameras do not have the resolution of the new cameras, I would just junk the old stuff.

Do not run video through the router unless absolutely necessary.

I would place a simple switch between the router and the POE switch. Connect all other internal (home) devices to this switch. Connect the BI PC to this switch.
 

wittaj

IPCT Contributor
Joined
Apr 28, 2019
Messages
24,448
Reaction score
47,574
Location
USA
Thanks @SouthernYankee for your thoughts. I would like to pick your brain (and others as well):
  1. Could I use a spare router I have with wifi turned off to basically be used as a switch or should I purchase a simple switch (I know preference would be a switch, but would a router with wifi turned off be acceptable interim solution)?
  2. When you log in to your VPN - does this allow you to use BI app on your mobile device or are you essentially logging into your PC and running the PC version?
  3. Why not VNC instead of VPN?
 
Top