I have a client with locally hosted security cameras. There is a DVR box that has a port open and a 3rd party app you can view the cameras from. Traditionally we have been forwarding the port to the WAN via the router there. Its a restaraunt btw.

When the ISP upgrades the router every few years there’s a huge headache trying to get the ports back open and bridging the modem and router blah blah blah. Not only this, even though they are supposed to have a static wan ip, it does change from time to time.

What i would like to do is plug in a raspberry pi on the network and forward the DVR’s ports somewhere accessable.

Im thinking of something along the lines of wireguard, but just for a single ip/port that i can tunnel over ngrok. Seems doable but i’m having trouble finding the proper terms to google. Port forwarding generally brings up router config, and tunnelling seems to expect you to be on the device who’s ports you wish to access.

Any advice?

  • dadarobot@lemmy.sdf.orgOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    10 months ago

    Something ive noticed from using wireguard from my phone is my traffic across the board slows down significantly while connected because everything is routed back home.

    With tailscale can the user be connected, and only have a specific ip/domain routed through it? I also dont have access to the dvr’s internal system to run tailscale from it.

    Anyway thanks for the lead, im reading up now

    • MangoPenguin@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      10 months ago

      Something ive noticed from using wireguard from my phone is my traffic across the board slows down significantly while connected because everything is routed back home.

      This is a config issue, you have your VPN set as the default gateway instead of just for the specific subnet of your home network.

      By default tailscale will not be a default gateway or subnet router, it will only give access between 2 devices with tailscale installed.

    • socphoenix
      link
      fedilink
      English
      arrow-up
      4
      ·
      10 months ago

      There’s a similar software called zerotier that only routes traffic you want across. You select an IP range (for instance 10.144..) and it gives your computer a new address. For my main computer let’s say it’s 10.144.168.128. The only traffic routed over the vpn is traffic addressed to that address. You can append the port to web traffic like https://10.144.168.128:8010/zm/index.php (zoneminder used as an example) and it would use the vpn for that connection but nothing else.

    • BCsven@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      10 months ago

      You can set what traffic goes across wireguard, either all of it, or only what is intended for the IP you are needing to connect to.