so I have a reolink camera on my IOT vlan and because of the UID/P2P stuff the camera basically has OPEN WAN access for it to work. If I had a wired POE camera it would be easier to access over a remote VPN, but this battery doorbell goes via reolink servers.
ChatGPT told me that a VPN instance on my IOT VLAN could be a safer way of handling this. I could limit ports, but it said that the VPN instance would not expose devices the same way as they are exposed now. Not sure how but that works, but I’m all up for trying to restrict this camera.
I’ve searched the forum here for a similar issue and solution, and I’m sure it’s here somewhere, so I hope to ask you guys for help on this.
Setup WG interface on IOT VLAN
Routing the whole subnet through WG-IOT
Limit ports for a specific internal ip?
Setup external logging
I’m running a PC with Proxmox so I could spin up a server that can be endpoint for logging and inspection?
If you mean that your camera needs internet access and to hide your IP address you want to route the camera via a VPN?
Then sure go ahead install WireGuard to make a VPN connection to a VPN provider and use Policy Based routing to only route the camera (or whatever you want ) via the VPN.
No this does not make sense without an external VPN provider.
You can setup a WireGuard server to get access from outside to your home, your router is then the WireGuard server and e.g. your phone is the WireGuard client but it looks like that will not help you with the camera's, I guess
Then we share the same understanding. I’ve got a remote vpn server setup working as intended, but no the camera can’t function without talking to reolink servers.