This allows the BI server to see all the cameras. Set the server to dish IP addresses (or use a managed switch or router in between the cameras and computer). If you are using a stand alone PoE switch, plug it into the computer hosting BI. This mean I cant even access the individual cameras web interface unless im on the blue iris server, but Im ok with this.Īnother option - one that I am STRONGLY considering, is to physically isolate the cameras from the network completely. I blocked all incoming and outgoing traffic at the cams, and relegated them to only "speak" to the server hosting blueiris. Manually add each camera to the block list or put it on a vlan. I would suggest using a firewall like pfsense or openSense or whatever. If it were up to her, I'd have $5000 wrapped up in Ring devices, as their app makes everything nice and easy to use.Īny help here is greatly appreciated. Is there a better method of keeping my home network secure, the cameras unable to do anything other than send video to my BI server, and still allow easy access to/from our phones for alerts and viewing feeds? The WAF goes waaaaaay down if I tell her that she has to VPN any time she wants to check a camera. This makes keeping the VPN constantly connected much less desirable. I can activate the VPN, log into the BI server, and view my camera feeds, but then what? I realize the VPN is the secure way to do this, but what if I want to get motion alerts on my phone? Do I have to have the VPN constantly connected? Does the app always have to be running? My speed tests show that my phone's data throughput is choked down by the VPN by quite a bit, even though my home network, which is hosting the VPN is a much faster network than my cellular provider.not sure if that's to be expected. When I'm not on the network, I have to connect to the VPN that I had set up in the Unifi controller via my phone, and then I'm able to connect to the BI server.and that's where I'm at. When I'm on my home network, the app seems to connect to the server just fine. ![]() I followed the tutorial in the PC software to set up remote access.and copied those settings over to the Android app. I downloaded the BI Android app, and was a bit confused about setting up remote access. The cameras should only be able to talk to the Blue Iris PC, and the software is currently recording from the two cameras I installed last night. I think I have the appropriate firewall rules in place to prevent the cameras from accessing the internet (and the internet from accessing the cameras) for any reason. I set up a VLAN for the Cameras/PC, and a Remote User VPN in the Unifi controller. I have a dedicated Windows 10 PC running Blue Iris for the cameras. I'm running all Ubiquity Unifi gear for the network stuff. ![]() I've got a 1Gb/s up/down fiber connection from my ISP, so bandwidth should never really be an issue. I'm a networking noob, and have no prior experience with Firewalls, VPNs, etc.but I think I've managed to trudge through the basic stuff. I spent a little too much time on the IPCT forums, and basically learned that Chinese IP cams are chatty and send questionable amounts of data to places it probably doesn't belong, hackers love compromising these devices for use in botnets, and port forwarding is the devil. I bought Blue Iris back on March 30th, and only finally got around to installing the first two of my cameras last night.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |