Using Port Triggering instead of Port Forwarding
- Thread starter S.H.A.R.K.
- Start date
fenderman
Staff member
- Joined
- Mar 9, 2014
- Messages
- 36,907
- Reaction score
- 21,295
Do you understand the difference?
No, it doesn't. I'm pretty sure the only practical use of port triggering is FTP active mode, where the client PC has to act as a server too in order to transfer files. It does not apply to anything Blue Iris does.
nayr
IPCT Contributor
Setup a VPN and quit forwarding ports..
nayr-
Can you elaborate on your VPN solution? I have been tossing around the idea of setting up openvpn now for months and really wanting to pull the trigger but still a little hazy on the setup.
Thanks....
nayr
IPCT Contributor
Run a VPN Server on your Router or somewhere on your LAN.. Create a User/Pass for each remote device on that VPN Server, setup a DynamicDNS Service so you always know the IP Address of your VPN Server, then configure your laptops/tablets/phones VPN Clients (built in or app) to connect to your VPN Server and login when they are on a remote network..
thats the basic jist of it.. when the VPN is established your remote device is just another device on your LAN's Subnet and has access to all the hosts on your home network, from anyplace in the world that has internet.. its all encrypted, so even if your on a public wifi all your traffic is safe and secure, as long as the VPN is connected.
If a device ever gets lost or stolen you just delete that devices user account, without having to reconfigure every mobile/remote device you own.. as long as you use separate logins for each one.
thats the basic jist of it.. when the VPN is established your remote device is just another device on your LAN's Subnet and has access to all the hosts on your home network, from anyplace in the world that has internet.. its all encrypted, so even if your on a public wifi all your traffic is safe and secure, as long as the VPN is connected.
If a device ever gets lost or stolen you just delete that devices user account, without having to reconfigure every mobile/remote device you own.. as long as you use separate logins for each one.
nayr-
Appreciate the response....I def understand the "jist" of having a vpn on the network but thx for going into detail as well
Just a few more ?'s if you don't mind:
1. Would you say configure vpn server on router or on a pc within your network for best performance / throughput?
2. Would you configure it as a "tun" adapter especially since primary connections would be from a mobile device?
3. I would also want to access Windows / Samba shares while connected to vpn (as well as ip cams)...do you see any issue with this configuration?
4. Do you have a preference on vpn server software (i.e. openvpn versus....)
Thanks....a ton!
nayr
IPCT Contributor
1. Router would be best, unless you have really slow router and really fast internet performance wont be an issue.. for example a Raspberry Pi2 can handle about 35Mbit of VPN Throughput, do you have internet upload speeds in excess of 35Mbit? Doubt it.
2. Tun is what you want for remote devices calling home, TAP is more for bridging two networks permanently and requires routes to be established.
3. No problem at all
4. I Prefer PPTP + IPSec over OpenVPN, everything has a VPN Client for that built in by default.. no apps nessicary.
2. Tun is what you want for remote devices calling home, TAP is more for bridging two networks permanently and requires routes to be established.
3. No problem at all
4. I Prefer PPTP + IPSec over OpenVPN, everything has a VPN Client for that built in by default.. no apps nessicary.
- Joined
- Aug 29, 2016
- Messages
- 3
- Reaction score
- 0
How can I manage that ?
The thing is that, when I don't forward the port to my IP Cam, I can't use my app for that cam to watch the video in realtime.
Interesting is the fact that when I turn port triggering on, I can use the app with my internal IP adress of the cam when I take the way over VPN.
But I don't understand how to use the IP Cam only with VPN.
Letting the port on the unsafe 80 ?
PC's, mobiles & tablets have PPTP-Client onboard, but not my IP Cam.
nayr
IPCT Contributor
You dont VPN to your IP camera, you VPN to your home network.. then you access the cameras like you were on the local network with local IP's, because with a VPN tunnel enabled your client device is just another device on the LAN.
- Joined
- Aug 29, 2016
- Messages
- 3
- Reaction score
- 0
the problem is, I can config the cam without any port forwarding through my VPN but I can't use the app when not openend the port to the cam.
Watching realtime video in the config gui is not so comfortable for me because I always have to log in for watching. I would prefer the app.
Also I don't understand why I get access through the LAN adress (VPN) but not with my WAN adress when I use port triggering instead of port forwarding.
(I know that port triggering uses the device to open the port and the cam will not do, because you use the port from outside)
Edit: Port Triggering isn't reproduceable anymore. Must have been a little glitch in the config.
Watching realtime video in the config gui is not so comfortable for me because I always have to log in for watching. I would prefer the app.
Also I don't understand why I get access through the LAN adress (VPN) but not with my WAN adress when I use port triggering instead of port forwarding.
(I know that port triggering uses the device to open the port and the cam will not do, because you use the port from outside)
Edit: Port Triggering isn't reproduceable anymore. Must have been a little glitch in the config.
Last edited by a moderator:
nayr
IPCT Contributor
because your on the LAN, once you VPN there everything is internal.. dont make any external connections.. think of it like this, remote device w/no vpn.. no access.. enable VPN and now remote device is just another LAN device just like you were at home on your home wifi.. everything is encrypted by the vpn, even plain text connections like port 80.
close down the port forwards and port triggering and just use vpn
close down the port forwards and port triggering and just use vpn
- Joined
- Aug 29, 2016
- Messages
- 3
- Reaction score
- 0
ok now it works. thx
Now I have to figure it out how to do this with the Xbox with only the one router which is also the VPN server.
I know Custom Firmware has the option to choose PPTP instead of DHCP in the network config.
But this is only when I have VPN Server out there which is not directly on my Router (VPN Passtrough).
But I can't figure it out how this could work with the Xbox when I don't want to share the Internet connection of my PC which is able to config the VPN Login (what I can't do directly on the Xbox).
I could make another router or Rasberry Pi a VPN router, but that's not really my intention.
So any further ideas ? Thx
I think its impossible with only one router which do the VPN too.
Now I have to figure it out how to do this with the Xbox with only the one router which is also the VPN server.
I know Custom Firmware has the option to choose PPTP instead of DHCP in the network config.
But this is only when I have VPN Server out there which is not directly on my Router (VPN Passtrough).
But I can't figure it out how this could work with the Xbox when I don't want to share the Internet connection of my PC which is able to config the VPN Login (what I can't do directly on the Xbox).
I could make another router or Rasberry Pi a VPN router, but that's not really my intention.
So any further ideas ? Thx
I think its impossible with only one router which do the VPN too.
Last edited by a moderator:
Nayr-
Sorry to drag up an old thread...but I'd like to try my hand at setting up a vpn server on a desktop or something I have laying around. Curious to see what vpn server app / program you use specifically for the PPTP+IPSec protocol. I am getting really nervous in my old age of having all these open ports
Thanks....
nayr
IPCT Contributor
I am running it on a Ubiquiti EdgeRouter