Hi Guys,
I have been reviewing a few threads here on this forum as well as others on the internet regarding proper camera configuration and set up to allow remote viewing of cameras running Blue Iris while away from your local network. I wanted to get a better understanding on the use of VPNs and if there is a need to couple a VPN with Stunnel for secure remote viewing.
So far I have been able to gather that you do not want to forward any ports on your router and this will potentially leave you vulnerable to a host of issues. I believe the ideal method for connecting to a home blue iris server is to establish a VPN connection on your home router. Many people suggest using OpenVPN to achieve this. Is the purpose of the VPN in this case only to allow a remote device, says a cellphone, to appear as if it is actually connected to the local area network or would a VPN in this case also offer encryption? I have heard members on the forum express concern that when logging into their blue iris server it is not HTTPS enabled. The response has typically been this is not really an issue because the actual user name and password is not sent to the server but rather a secured hash. However, when viewing the cameras remotely because the connection is made via HTTP the camera feed would theoretically be able to be sniffed.
My understanding is that by adding Stunnel and port forwarding ports 80/443 you can achieve HTTPS on your blue iris server.
So my main questions are:
1) If I am using a VPN but visiting a http site I assume the traffic would be able to be sniffed by someone else on the same LAN as me but not by someone external to the LAN?
2) Is the use of port forwarding that is needed to use Stunnel acceptable to route my traffic more securely or am I opening myself up to issues by port forwarding?
3) Is using only a VPN to access my home network to remote view my blue iris cameras over HTTP leaving myself susceptible to others viewing my feeds?
Any help with this would be greatly appreciated!
Thank you!
I have been reviewing a few threads here on this forum as well as others on the internet regarding proper camera configuration and set up to allow remote viewing of cameras running Blue Iris while away from your local network. I wanted to get a better understanding on the use of VPNs and if there is a need to couple a VPN with Stunnel for secure remote viewing.
So far I have been able to gather that you do not want to forward any ports on your router and this will potentially leave you vulnerable to a host of issues. I believe the ideal method for connecting to a home blue iris server is to establish a VPN connection on your home router. Many people suggest using OpenVPN to achieve this. Is the purpose of the VPN in this case only to allow a remote device, says a cellphone, to appear as if it is actually connected to the local area network or would a VPN in this case also offer encryption? I have heard members on the forum express concern that when logging into their blue iris server it is not HTTPS enabled. The response has typically been this is not really an issue because the actual user name and password is not sent to the server but rather a secured hash. However, when viewing the cameras remotely because the connection is made via HTTP the camera feed would theoretically be able to be sniffed.
My understanding is that by adding Stunnel and port forwarding ports 80/443 you can achieve HTTPS on your blue iris server.
So my main questions are:
1) If I am using a VPN but visiting a http site I assume the traffic would be able to be sniffed by someone else on the same LAN as me but not by someone external to the LAN?
2) Is the use of port forwarding that is needed to use Stunnel acceptable to route my traffic more securely or am I opening myself up to issues by port forwarding?
3) Is using only a VPN to access my home network to remote view my blue iris cameras over HTTP leaving myself susceptible to others viewing my feeds?
Any help with this would be greatly appreciated!
Thank you!