[Solved] IP Cam throught ISP natted 4G connection

Samples of working configurations.
Locked
silmo
OpenVpn Newbie
Posts: 5
Joined: Thu Mar 15, 2018 4:42 pm

[Solved] IP Cam throught ISP natted 4G connection

Post by silmo » Thu Mar 15, 2018 5:06 pm

So heres my situation:
Image

So I have security cam under ISP natted 4G internet connection. So i cannot acces to camera from internet.
Im planning to connect raspberry pi based VPN client to Router b LAN (where is this camera and ISP natted internet connection) and rapsberry pi based VPN server under Router A LAN where is "good" internet connection without restriction. And make VPN pipe between these two LAN. To do this i need to make bridge VPN connection ?

In addition i want connect to security camera from anywhere (without) VPN connection by using my Router A and it's internet connection and router port forward. Is this possible ? And if it is how i need to make configuration?

Sorry for my noob questions and thank you in advance!
Last edited by silmo on Thu Mar 15, 2018 8:11 pm, edited 2 times in total.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4631
Joined: Fri Jun 03, 2016 1:17 pm

Re: IP Cam throught ISP natted 4G connection

Post by TinCanTech » Thu Mar 15, 2018 5:53 pm

silmo wrote:
Thu Mar 15, 2018 5:06 pm
To do this i need to make bridge vpn?
Probably not.

I don't know what you IP camera software is capable of but openvpn can be configured to provide the network you describe. As for the rest .. you have a long road ahead of you .. I suggest you start here:
HOWTO: For OpenVPN Community Edition

silmo
OpenVpn Newbie
Posts: 5
Joined: Thu Mar 15, 2018 4:42 pm

Re: IP Cam throught ISP natted 4G connection

Post by silmo » Thu Mar 15, 2018 6:04 pm

TinCanTech wrote:
Thu Mar 15, 2018 5:53 pm
silmo wrote:
Thu Mar 15, 2018 5:06 pm
To do this i need to make bridge vpn?
Probably not.

I don't know what you IP camera software is capable of but openvpn can be configured to provide the network you describe. As for the rest .. you have a long road ahead of you .. I suggest you start here:
HOWTO: For OpenVPN Community Edition
Ok, is good to know that is possible. So now i have client to server connection allready up and working. Now i can see server side LAN but not client side. Can someone please point me to right direction :geek:

edit: And my ip cam or actually two cameras are foscam camera. So they are just two normal web server.

silmo
OpenVpn Newbie
Posts: 5
Joined: Thu Mar 15, 2018 4:42 pm

Re: IP Cam throught ISP natted 4G connection

Post by silmo » Sun Mar 18, 2018 2:50 pm

I have made some progress. I follow up this guide https://community.openvpn.net/openvpn/wiki/RoutedLans. Now i am able to ping from "pi vpn server" (192.168.188.68) to "pi vpn client" (192.168.1.60) and vice versa.
I understand i need some NAT config to vpn client ? What exactly is command and where write those if three cameras have IP adress example: 192.168.1.70, 192.168.1.80 and 192.168.1.90. And i want JUST those to get acces to internet through vpn pipe. My lan2 router doesnt have ip route options :/ Do i have to configure my pivpn server nat too ?

-thanks!

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4631
Joined: Fri Jun 03, 2016 1:17 pm

Re: IP Cam throught ISP natted 4G connection

Post by TinCanTech » Sun Mar 18, 2018 9:19 pm

silmo wrote:
Sun Mar 18, 2018 2:50 pm
i am able to ping from "pi vpn server" (192.168.188.68) to "pi vpn client" (192.168.1.60) and vice versa.
Well done.
silmo wrote:
Sun Mar 18, 2018 2:50 pm
I understand i need some NAT config to vpn client ? What exactly is command and where write those
iptables:

Code: Select all

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
OpenVPN Community Edition Documentation
You will have to customise that to your environment.
silmo wrote:
Sun Mar 18, 2018 2:50 pm
i want JUST those to get acces to internet through vpn pipe
iptables and block access to the VPN from other nodes.
silmo wrote:
Sun Mar 18, 2018 2:50 pm
My lan2 router doesnt have ip route options :/ Do i have to configure my pivpn server nat too ?
You do not have to configure NAT on the server but you may find that easier.

Personally, I find using NAT complicates things but you don't have much choice at your client end.
You could install a better router or make the RPi the gateway (will require two real ethernets).

silmo
OpenVpn Newbie
Posts: 5
Joined: Thu Mar 15, 2018 4:42 pm

Re: IP Cam throught ISP natted 4G connection

Post by silmo » Mon Mar 19, 2018 5:33 am

Thank you tincan.

So now i am able to ping vpn server to client and vice versa. Also from client side lan machine to server side lan machine but not from server side lan machine to client side at all... So what is those missing config that i need to do to host my cameras from client side lan... I would really appreciate if someone can help! i am stuck and spet hours with this :?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 4631
Joined: Fri Jun 03, 2016 1:17 pm

Re: IP Cam throught ISP natted 4G connection

Post by TinCanTech » Mon Mar 19, 2018 6:51 pm

silmo wrote:
Mon Mar 19, 2018 5:33 am
but not from server side lan machine to client side at all...
You could before .. ?

https://community.openvpn.net/openvpn/wiki/RoutedLans

A shorter version:
HOWTO: Expanding the scope of the VPN to include additional machines

Make sure your server reads the CCD file in your --client-config-dir for the --iroute

Make sure IP forwarding is enabled on the client as well.

silmo
OpenVpn Newbie
Posts: 5
Joined: Thu Mar 15, 2018 4:42 pm

Re: IP Cam throught ISP natted 4G connection

Post by silmo » Mon Mar 19, 2018 8:17 pm

"Next, you must set up a route on the server-side LAN gateway to route the VPN client subnet (10.8.0.0/24) to the OpenVPN server (this is only necessary if the OpenVPN server and the LAN gateway are different machines)"

Problem was there and now it work ! Thanks again :)

Locked