Cigar Asylum Cigar Forum Mobile
Page 1 of 2
1 2 >
General Discussion>Question for network gurus
G G 02:44 PM 03-01-2017
I recently upgraded my wireless router. I have DSL from my phone company. The modem from the phone company is in bridge mode.

I have enabled the VPN Client on the router because I do some streaming through Kodi and don't care for the phone company to know it.

I have until I got this router had dyndns set up on my router for viewing my security cameras and it always worked, since I had no VPN set up on the old router.

I think the answer is no, but can I set up dyndns on the router and have a VPN client running and still see the cameras from outside the network?

I tried to set both up but when I activate the VPN client it won't connect, it gives a ip conflict/routing error.

I am guessing there is no way to get the dyndns to see the ip of the VPN and it can't see the router since it's IP is going through another city.
[Reply]
jledou 03:26 PM 03-01-2017
Probably way over my head but do you need to open a port for everything to be allowed out?
[Reply]
G G 03:56 PM 03-01-2017
Originally Posted by jledou:
Probably way over my head but do you need to open a port for everything to be allowed out?
I forgot to add that I have the port forwards configured.
[Reply]
mosesbotbol 07:24 AM 03-02-2017
Can you do a host file entry for the camera?
[Reply]
G G 01:25 PM 03-02-2017
Originally Posted by mosesbotbol:
Can you do a host file entry for the camera?
I don't have the knowledge to know if I can or not Moses. I know very little about host files.:-)
[Reply]
8zeros 11:52 PM 03-02-2017
So dyndns sets up a place on the internet you can address to look back at your router to see the cameras, right? And you have a port set up to forward out to that dyndns place, it seems.
Question 1. Does this work without the VPN?

VPN sets up a standard port to connect to that is running a program that encrypts and authenticates the connection with an outside computer.
Question 2. Does this work without the camera/dyndns stuff?
In other words, can one or the other or both work without the other running?

It seems to me that they are two separate things running their separate ways and should not bother the other.
[Reply]
Weelok 01:53 AM 03-03-2017
Hmmm, I think the answer to your question is no but I say that only because your router is doing the VPN. If you set up a VPN connection from your computer you could do what you want as that is what I do and the only encrypted connection is the computer IP traffic. This type of set up allows other connected devices to be routed through the router as normal.

By enabling VPN on the router, I suspect all the connections try and go encrypted? What router are you using?

I did some googling and it's possible to get what you want working but it's going to depend on the service you use to view the camera remotely as that service would have to support the VPN connection as well, e.g. Have the key in order to encrypt and decrypt the IP traffic.
[Reply]
Weelok 02:09 AM 03-03-2017
Here is someone doing what you want and it does sound complicated.

http://superuser.com/questions/87582...as-rtsp-stream
[Reply]
G G 07:18 AM 03-03-2017
Originally Posted by 8zeros:
So dyndns sets up a place on the internet you can address to look back at your router to see the cameras, right? And you have a port set up to forward out to that dyndns place, it seems.
Question 1. Does this work without the VPN?

VPN sets up a standard port to connect to that is running a program that encrypts and authenticates the connection with an outside computer.
Question 2. Does this work without the camera/dyndns stuff?
In other words, can one or the other or both work without the other running?

It seems to me that they are two separate things running their separate ways and should not bother the other.
the answer is yes they can both work separately. It's not quite as simple as you make it though. Using a VPN changes your ip (because of the encryted tunnel from my computer to the host) to the one on the VPN server. That is why the ISP cannot log or track what you are doing on the internet. The dyndns is required to connect back to the home network because most of us have a dynamic IP and not a static one. It simply lets you use a domain to connect back to the cameras, because when you set up the dyndns on the router it updates the actual ip so that the domain is always looking at the router. That's probably not as technical or correct as some on here can make it, but I think it's close enough.
[Reply]
G G 07:20 AM 03-03-2017
Originally Posted by Weelok:
Hmmm, I think the answer to your question is no but I say that only because your router is doing the VPN. If you set up a VPN connection from your computer you could do what you want as that is what I do and the only encrypted connection is the computer IP traffic. This type of set up allows other connected devices to be routed through the router as normal.

By enabling VPN on the router, I suspect all the connections try and go encrypted? What router are you using?

I did some googling and it's possible to get what you want working but it's going to depend on the service you use to view the camera remotely as that service would have to support the VPN connection as well, e.g. Have the key in order to encrypt and decrypt the IP traffic.
I have an Asus RT-AC87U. Yes I could use the VPN per device but it wouldn't be useful for my purpose then. The main reason I am using a VPN at the router level is that I am running Fire Sticks with Kodi and am streaming, and really don't care for the ISP to know. The Fire Sticks don't have native capability to run a VPN on the device.
[Reply]
mosesbotbol 09:45 AM 03-03-2017
Originally Posted by G G:
I don't have the knowledge to know if I can or not Moses. I know very little about host files.:-)
located in %windir%\system32\drivers\etc

Enter the host name of the device and IP address of the host to bypass DNS name resolution. There's a sample within the file.

***Copy file to desktop, edit it, and then copy back to "etc" folder. Host file does not have a file extension.
[Reply]
8zeros 09:48 AM 03-03-2017
I run tunnels and cameras on a lot of servers, but I never have made the router the VPN. I see how this would be the problem. I think you can set up a VPN on another router and bridge it to the one connected to the internet, then keep the camera server on the non VPN router and everything else on the VPN bridged router. You can even have a single computer doing both but that is tricky.
[Reply]
G G 09:53 AM 03-03-2017
Originally Posted by mosesbotbol:
located in %windir%\system32\drivers\etc

Enter the host name of the device and IP address of the host to bypass DNS name resolution. There's a sample within the file.

***Copy file to desktop, edit it, and then copy back to "etc" folder. Host file does not have a file extension.
I use a Mac. I am running the VPN client on the router so that ALL traffic from within my network goes through the VPN. Are you saying to edit the host file on the machine that I am trying to access the cameras with from outside my home network? If so, I use an iphone to do that mostly. And my questions are so that I understand, cause I am just smart enough about networks to be dumb. LOL
[Reply]
Weelok 10:51 AM 03-03-2017
I think the problem may just be your IP address changed after the VPN was enabled. Check the IP address of the router and verify if it has changed or not. If it has, then see if you can view your cameras from outside your network by using the new IP address and not the domain name.

Here is some interesting data on your router for VPNs but not completely relevant except for the IP changing. Sounds like a powerful router.

https://www.asus.com/support/faq/114892
[Reply]
G G 11:08 AM 03-03-2017
Originally Posted by Weelok:
I think the problem may just be your IP address changed after the VPN was enabled. Check the IP address of the router and verify if it has changed or not. If it has, then see if you can view your cameras from outside your network by using the new IP address and not the domain name.

Here is some interesting data on your router for VPNs but not completely relevant except for the IP changing. Sounds like a powerful router.

https://www.asus.com/support/faq/114892
Yes the IP surely changes from the dynamic one from the phone company to the VPNs IP address in whatever country or server I pick to connect to. You can't connect to the VPN IP cause I believe most VPNs use shared IPs and it doesn't know where to direct the traffic to when I try to connect using it. I tried it just for fun and it didn't work. I saw some info that PureVPN gives a static IP, but I am not sure that it would even work with that, but that's a question for someone with more knowledge than I have.

The IP the router shows is the phone companies dynamic IP in the WAN. But all devices that connect to the router shows the VPNs IP, which I currently use the nearest one to me and it's in Atlanta, GA.
[Reply]
Weelok 03:33 PM 03-03-2017
Well, I think we are all in agreement that your screwed hah. Since the only IP is virtual and routing is occurring at the VPN server, there is no way for you to forward port traffic to a separate device behind your router. The only way I see for you to make this work is a separate tunnel for each device and your not going to be able to do that with a basic home router.

I recommend you put a MAC by your TV and create a software VPN from the MAC to your streaming service which allows the rest of your network to not be a VPN.

My two cents.
[Reply]
G G 04:24 PM 03-03-2017
Originally Posted by Weelok:
Well, I think we are all in agreement that your screwed hah. Since the only IP is virtual and routing is occurring at the VPN server, there is no way for you to forward port traffic to a separate device behind your router. The only way I see for you to make this work is a separate tunnel for each device and your not going to be able to do that with a basic home router.

I recommend you put a MAC by your TV and create a software VPN from the MAC to your streaming service which allows the rest of your network to not be a VPN.

My two cents.
Kinda knew that was the answer, but I have learned over the years with computers and networks there is sometimes ways to do impossible sounding things. It's not a do or die thing, just nice to be able to peek in when we're not home. Thanks for chiming in.
[Reply]
8zeros 11:34 PM 03-03-2017
Originally Posted by Weelok:
Well, I think we are all in agreement that your screwed hah. Since the only IP is virtual and routing is occurring at the VPN server, there is no way for you to forward port traffic to a separate device behind your router. The only way I see for you to make this work is a separate tunnel for each device and your not going to be able to do that with a basic home router.

I recommend you put a MAC by your TV and create a software VPN from the MAC to your streaming service which allows the rest of your network to not be a VPN.

My two cents.
This is kind of what I was suggesting with the two router solution.
The first router on the modem running dyndns with the cameras port forwarded through it. This would be accessible from outside. This router would be running DHCP.
Another router would hook its WAN port to the first router. It would get DHCPed to the internet. Now run VPN on the second router. Use this router for everything you want tunneled. Since the dyndns was opened with the first router it will be OK for everything forwarded to and from there. Since the second router is VPNed point to point, only those points get altered, not the points in between, like the first router.
I haven't tried this but it seems like it should work the same as a tunnel opened up by a device on the network, except the device is a router.
[Reply]
Weelok 03:59 AM 03-04-2017
Originally Posted by 8zeros:
This is kind of what I was suggesting with the two router solution.
The first router on the modem running dyndns with the cameras port forwarded through it. This would be accessible from outside. This router would be running DHCP.
Another router would hook its WAN port to the first router. It would get DHCPed to the internet. Now run VPN on the second router. Use this router for everything you want tunneled. Since the dyndns was opened with the first router it will be OK for everything forwarded to and from there. Since the second router is VPNed point to point, only those points get altered, not the points in between, like the first router.
I haven't tried this but it seems like it should work the same as a tunnel opened up by a device on the network, except the device is a router.
Hah now I see what your saying!!!!! I like it!!!! This sounds like it would work and be a pretty cheap solution!!!
[Reply]
G G 08:41 AM 03-04-2017
Originally Posted by 8zeros:
This is kind of what I was suggesting with the two router solution.
The first router on the modem running dyndns with the cameras port forwarded through it. This would be accessible from outside. This router would be running DHCP.
Another router would hook its WAN port to the first router. It would get DHCPed to the internet. Now run VPN on the second router. Use this router for everything you want tunneled. Since the dyndns was opened with the first router it will be OK for everything forwarded to and from there. Since the second router is VPNed point to point, only those points get altered, not the points in between, like the first router.
I haven't tried this but it seems like it should work the same as a tunnel opened up by a device on the network, except the device is a router.
Originally Posted by Weelok:
Hah now I see what your saying!!!!! I like it!!!! This sounds like it would work and be a pretty cheap solution!!!
That seems to be the easiest, and as Weelok points out the cheapest solution. I will buy another router soon. But one more question. If I use an older Linksys router that I have for the first router, it wouldn't really matter would it? Because if I understand you right the first one would only do the routing and handle the port forwards for the cameras. The second router would be the actual workhorse for the network as far as the wireless and ethernet connected computers, right?
[Reply]
Page 1 of 2
1 2 >
Up