Difference between revisions of "Camera access from VPN"

From Wiki Knowledge Base | Teltonika
(Created page with "==Introduction== This article is part of a series dedicated to use cases involving RUT routers and <b>Hikvision</b> cameras. Here you will find instructions on how to configu...")
 
Line 49: Line 49:
 
[[File:Hikvision_url_login_v4.png]]
 
[[File:Hikvision_url_login_v4.png]]
  
If this is the first time that you are connecting to the camera, you will be required to create a user. Just follow the prompts and after you have successfully logged in go to <b>Configuration</b> section (top left corner of the page) and navigate to the <b>Network → Basic Settings → TCP/IP</b> page. You can change the IP address from here, by editing the value of the <b>IPv4 Address</b> field:
+
If this is the first time that you are connecting to the camera, you will be required to create a user. Just follow the prompts and after you have successfully logged in go to the <b>Configuration</b> page (top left corner of the page) and navigate to the <b>Network → Basic Settings → TCP/IP</b> section. You can change the IP address from here, by editing the value of the <b>IPv4 Address</b> field:
  
 
[[File:Hikvision_change_camera_ip_v1.png]]
 
[[File:Hikvision_change_camera_ip_v1.png]]
  
Configure different IP addresses for all cameras that you may be using and move on to the next step.
+
Configure different IP addresses for all cameras that you may be using and advance to the next step.
  
 
==Step 3: configure Port Forwarding==
 
==Step 3: configure Port Forwarding==

Revision as of 10:22, 29 April 2019

Introduction

This article is part of a series dedicated to use cases involving RUT routers and Hikvision cameras. Here you will find instructions on how to configure a surveillance system that can be managed and controlled remotely via VPN with the help of a single RUT router.

If you're looking for something else that is camera related, you may find the information you need in one of these related articles:

Overview

You will need

  • a router from the RUT series (except RUT850);
  • at least one Hikvision IP camera;
  • access to or ownership of a VPN network;
  • a PoE switch or another type of power supply for the cameras;
  • (optional) a Hikvision NVR (Network Video Recorder).

Configuration scheme

Hikvision configuration scheme 1 v2.png


Overview

The cameras and the NVR are connected via Ethernet cables to a PoE switch, which is connected to an RUT router, placing all devices in the same LAN. The RUT router is connected to a VPN making the network reachable to other VPN clients. In order to reach individual devices in the LAN, Port Forwarding to each device is configured on the RUT.

Step 1: configure VPN

First we will configure a VPN client on the router. A VPN connection will provide remote access to the router's local network and ensure data security. If your router has a static public IP address, you can access it without the help of VPN. However, it is not recommended because the absence of VPN leaves the camera's vulnerable on an unsafe public network with nothing but password protection.

The configuration will depend on the type of VPN that is available to you. You can find various VPN configuration guides here. For this guide we'll be using OpenVPN (click here for OpenVPN examples).

Once you set up a VPN connection or if you chose to skip this part and use the router's public IP instead, you can advance on to the next step.

Step 2: configure the cameras

The default IP address for Hikvision cameras is 192.168.1.64. If you plan on using a single camera, you can leave this IP address or change it to whatever suits your needs. But since we'll be configuring 4 cameras and an NVR for this example, we'll need to set up the equipment to have different IP addresses. The setup we'll be using will have the following IPs:

Hikvision camera ips v2.png

To change the IP address of a Hikvision camera, power it on, connect it to your PC or an Ethernet port of your RUT router (that is connected to the PC). Type the camera's default IP address (192.168.1.64) into the URL field of your web browser and press "Enter":

Error creating thumbnail: Unable to save thumbnail to destination

If this is the first time that you are connecting to the camera, you will be required to create a user. Just follow the prompts and after you have successfully logged in go to the Configuration page (top left corner of the page) and navigate to the Network → Basic Settings → TCP/IP section. You can change the IP address from here, by editing the value of the IPv4 Address field:

Error creating thumbnail: Unable to save thumbnail to destination

Configure different IP addresses for all cameras that you may be using and advance to the next step.

Step 3: configure Port Forwarding

Port Forwarding is a way of redirecting an incoming connection to another IP address, port or the combination of both:

Error creating thumbnail: Unable to save thumbnail to destination

This means you can access multiple LAN devices via a single IP address, but using different ports. Since we have access to the router via its VPN IP (10.0.0.1), we can configure redirects from this IP to the NVR and the IP cameras.


To configure Port Forwarding on a RUT device, go to Network → Firewall → Port Forwarding and scroll to the bottom of the page. Locate the New Port Forward Rule section and create a rule to reach the NVR's web interface:

Error creating thumbnail: Unable to save thumbnail to destination

By default, this rule will redirect connections from hosts in WAN connecting to port 81 to the NVR's IP and port 80 (default http port). As discussed earlier, we want to connect via VPN, not WAN; therefore, you will have to edit the rule accordingly. Locate the newly created rule in the list and click the "Edit" button next to it:

Error creating thumbnail: Unable to save thumbnail to destination

Change the Source zone from "wan" to the type of VPN that you are using and save the changes:

Error creating thumbnail: Unable to save thumbnail to destination

You can also create analogous rules for every other camera. Just remember to use different ports and specify actual camera IPs:

Error creating thumbnail: Unable to save thumbnail to destination

Step 4: remote access

To test whether the setup works, open your web browser and try to reach a camera. For example, to reach Camera 1:

Error creating thumbnail: Unable to save thumbnail to destination

If you are redirected to the camera's web interface, congratulations - the setup works!