i have an internet connection without static ip and i have a camera (NVR) inside my network , i have a mikrotik device in this network.
i cant use ddns
i have another mikrotik device outside my network which have dedicated ip and internet access.
i want to stablish a VPN connection between the first network - as a client - and the second network as a vpn server and use my static ip to access my local network NVR .
Is that possible ?
Yes, is perfectly possible, and you have described the soluction for yourself.
Are you the admin of both devices?
If yes, then the answer is yes.’
When you say you cannot use DDNS, what do you mean.
Do you mean the IP cloud of the mikrotik??
It sounds like what you are really saying is that the
MT device is not the router on the main network (one with camera).
If you do not have access to this router, then maybe nothing is possible? and least legally!!
I think he mean: I do not have one public IP (only NAT or double-NAT) for use with cloud wher is the camera…
i have full access and the microtick is maine router of the routers. but in the first network, service provider makes some restrictions so i can’t use ddns.
could you please tell me how ?
The service provider prevents ddns??
What do you mean.
Have you tried turning IP cloud on and reading your WANIP from it???
Some ISPs use CG-NAT so you never get an Internet accessible IPv4 address just an IP in one of the private IP ranges (i.e.: 10.x.y.z or 192.168.x.y). In this situation ddns will not work properly as the Internet accessible IPv4 address is shared by hundred (thousands?) of other users.
As for how to use the VPN connection.
A quick Internet search will find guides on setting up various VPN configurations so pick on that suits you needs. I’ve found both SSTP and OpenVPN to be reliable regardless of the Internet connection type.
So Mickey T, you mean, either a whats my IP search or return from IP Cloud will return a private IP??
No, a What’s My IP lookup will return the Internet accessible IPv4 address. The problem is that the IP will be shared between multiple customers and CG-NAT (Carrier-Grade NAT) means that your router will be given a private IP address and the ISP will route the traffic as appropriate (when it works properly - UDP packets can have trouble with CG-NAT).
The simple scenario (this is how my ISP does it) is: ISP’s internet IP (Internet accessible) ↔ CG-NAT Router Private IP range (e.g.: 172.18.0.0/24) ↔ My router’s External IP (anything in the 172.18.0.0/24 range in this example. e.g.: 172.18.0.23) ↔ My router’s internal IP range (e.g.: 192.168.0.0/24)
So the What’s My IP will show the ISP’s Internet IP but not the IP assigned to the customer router (e.g.: 172.18.0.23). You can check for yourself by logging in to your router and looking at the IP assigned to you by your ISP. If it’s in either the 10.0.0.0/8 or 172.16.0.0/12 range (they don’t tend to use the 192.168.0.0/16 range because it’s too small) then your ISP will be using CG-NAT (or something similar).
CG-NAT was used a lot by mobile/cellular broadband services when they first became available. Now CG-NAT is used because the supply of IPv4 addresses is running out (has run out?) and, also, because ISPs have put a lot of time and money in to getting it setup so aren’t ready to move away from it just yet.