Any Blue Iris (Security camera software) users here? Need help accessing over VPN server

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

ascent

Occasional Visitor
Hopefully someone here has this setup working, but if not I can try to explain what I'm trying to accomplish and how Blue Iris works. I did several searches on the web for this issue but haven't pinpointed a solution yet.

I normally access the IP camera feeds while connected to my home LAN. To access, I use the built in "web interface" but opening a browser and going to the local IP of the windows machine that Blue Iris is running on, including a port number. So, something like 192.168.1.xx:(port number).

I would like to access the same way when away from home, so I setup a VPN server with the help of this forum( https://www.snbforums.com/threads/setting-up-vpn-server-ddns-dns-omatic-not-working.71743/ )

When using my mobile device, I can successfully connect to my VPN server using the Open VPN app. Once, connected, I can log in to my router as a test that it is working. However, I am not able to see the attached USB drive (on the router) in the VLC media player app like I normally can when on my home LAN. This is not something I really care about being able to do, but it might be useful information for trying to get the Blue Iris web interface working.

I had to do two things to be able to connect to the Blue Iris web interface over VPN:
  • Blue Iris - uncheck the "LAN only" option in the "Users tab"
  • Router GUI - turn "Block Internet Access" off for the windows machine that Blue Iris is running on
Those two things I would rather have reversed, so I'm wondering if anyone here is running Blue Iris and has some suggestions how to make this work. If "LAN only" unchecked poses no additional security risk, then I'm fine leaving that as is. But I would still like to block internet on the windows machine.
 

eibgrad

Very Senior Member
A few years ago, Windows, for reasons of added security, starting blocking any foreign private IPs by default. And your OpenVPN server's IP tunnel network falls into that category (e.g., 10.8.0.0/24 is typical). But you don't need to turn off the Windows firewall entirely. You just need to make an exception in the firewall by creating appropriate Inbound/Outbound rules for the tunnel's IP network.
 

here1310

Regular Contributor
you can also try to prevent the Win-PC from accessing the Internet at the router...

iptables -I FORWARD -m mac --mac-source CA:FE:BA:EE:AF:FE -j REJECT

replace them CA:FE:BA:EE:AF:FE with the MAC from your win-PC

if it works,create a script "firewall.sh" + dos2unix firewall.sh + chmod 0755

((1) Asus RT-AC68U how to add scripts? | SmallNetBuilder Forums (snbforums.com))

and run it in firewall-start (script) "sh /jffs/scripts/firewall.sh"

Code:
#!/bin/sh
#
logger -t $(basename $0) "firewall started [[email protected]]"
#
iptables -I FORWARD -m mac --mac-source CA:FE:BA:EE:AF:FE -j REJECT
#
logger -t $(basename $0) "firewall finished [[email protected]]"
 
Last edited:
Similar threads
Thread starter Title Forum Replies Date
D Astrill VPN app security VPN 12

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top