Need help for networking between two subnets

[ionuttepeneu]

Hello, I'm in desperate need for help in solving what i think is a simple issue that is bugging me. I have setup Debian 8 on a VPS machine at arubacloud and have succesfully configured it as an OpenVPN and Zoneminder NVR server. I needed to do this because I have 4 android phones setup as surveilance cameras at a remote country house. My ISP uses CG NAT and I can't access anything remote because I don't have a public IP, so as a workaround my cameras connect through VPN to the VPS, I'm able to see and access them if I'm connected to VPN from my phone or PC using their static IP configured in Openvpn 10.8.0.XX but I can't add any of the cameras to the Zoneminder server. My beginner problem is that I don't know what to do so that Zoneminder has access to VPN clients. Thank you.

[p.H]

I see only one subnet in your post, the VPN one. What's the other subnet ?

I can't add any of the cameras to the Zoneminder server

Why not ?
Any firewall rules on the VPS ?

[ionuttepeneu]

Hi, I've pulled my IPtables so I can better show my problem, it may be that I incorrectly identified the problem:

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
default         host1-0-211-80. 0.0.0.0         UG        0 0          0 eth0
10.8.0.0        *               255.255.255.0   U         0 0          0 tun0
80.XXX.0.0      *               255.255.255.0   U         0 0          0 eth0
172.17.0.0      *               255.255.0.0     U         0 0          0 docker0

I think you are right regarding the subnet, basically may Zoneminder server is accessible at the public IP address http://80.XXX.0.XX but my cameras connect through VPN to the server. When I want to add a camera to Zoneminder it ask's for camera IP and port plus other info. I've managed to configure OpenVPN to provide static IP's to each camera, so what I tried to do was to add to Zoneminder a camera with the IP 10.8.0.10 and port 8080 and it always says that camera can't be found.Again Zoneminder is installed directly on the same server with my OpenVPN. If I'm connected to my VPN on my laptop or PC i can access the cameras directly using http://10.8.0.10:8080 in the browser without problems. So the question is how can I make Zoneminder see my cameras?

[p.H]

I've pulled my IPtables

What do you mean ?

What machine does this routing table belong to ? The VPS or your laptop/PC ?

Can you access the cameras in a browser or any HTTP client from the VPS ?

[ionuttepeneu]

The IP routing tables are of the VPS, Honestly I don't know how to open a web browser on the VPS, basically I connect to it using Putty and all I have is a terminal window without graphical interface. I can ping 10.8.0.10 and the cameras answers.

[p.H]

You can use a text-mode web browser such as lynx, links, w3m... It won't display pictures but at least you'll see the web page text.

Or you can use telnet on port 80 or echoping to check that the camera web server is reachable.

I assume you run PuTTY on Windows. It supports X11 forwarding but this requires that the SSH client host runs an X server and the SSH server host has graphical applications installed.

[ionuttepeneu]

Ok, text based browser was something new for me. I have install lynx on my VPS and can succesfully access http://10.8.0.10:8080 in text mode from the VPS itself. Does this mean it's a Zoneminder issue?

[p.H]

I'm afraid so. But I don't know this software at all.

You could run a packet capture such as tcpdump to see what's going on when Zoneminder tries to access the cameras.