Thinking this over, although I had to follow a different process, the issue was similar and all I did was use a different device to set them up after resetting. I believe I was using my phone initially (android) and tried the process with my Ipad to get it working.
You were right I was wrong. I have the newer version apparently. This is from the Lifx website support.
Reset your light
Before Starting: Please reset your LIFX light by turning it off/on 5x until it cycles - it will stop on white.
For the LIFX Original, turn the light on then use the switch on the side 1x.
For all LIFX products with plugs, please unplug/re-plug completely 5x.
1 Like
Well, I finally gave up and contacted Lifx and they are sending me out a replacement device under warranty.
1 Like
I setup a spare 2.4GHz access point that had been left over from an upgrade to 5GHz AC Wifi. I was able to connect all the wifi devices to the "new" access point so the new setup I did for either VPN or restricted IP's on the ASUS messed me up?
I took off the restrictions from the ASUS and quit playing with the openVPN for now until my system goes stable for a few days before I try it again. 
1 Like
OK I must admit that I am a totally newbie on this VPN thing and I am ready to give this a second try. Can someone point me to some kind of tutorial on how for me to setup a VPN so that I can connect to my Hubitat from remote location?
I got PrivateInternetAccess PIA as my service. I am able to use it on my laptop so that it connect to some distant server so that it secures my connection to the Internet but I don't see the step I am missing to connect to my Hubitat system?
I am confused I think on setting up the OpenVPN on my ASUS RT-AC3200 router to allow me to connect. I was doing the instruction for setting up OpenVPN client on the router but I think that is only for giving me a VPN client for all my home network devices going out to the internet so that I don't have to load or run a PIA on each of my devices at home and still be VPN protected, right?
So what do I do for setting up the ability for me to remotely connect into my Hubitat?
This is the documentation from Asus on how to enable the vpn server.
https://www.asus.com/support/FAQ/1008713
This should generate an ovpn file that use can use to configure the client. If you are connecting from an android phone, you can install the official app (there are quite a few versions out there but get the official) and then choose the import option using this file.
I have. Afew tricks I can share if you also use Tasker, but let's get you connected first.
1 Like
I tried a setup from my Synology, but found it slow and didn’t like opening ports. I ended up just using Apple Remote Desktop to remote back to a Mac laptop, which I have on the network anyway for stuff like Homebridge and Google Assistant Relay, etc
Mac or PC, any Secure VNC will accomplish the same thing. Just open a browser on the computer you’re remotely connected to and you’ve got access to Hubitat.
I could be wrong but I would think that if the vpn in on the router itself there would be no ports to open....it is already exposed to the Internet on the WAN port.
From the perspective of just accessing the web interface, yes, they both accomplish the same thing. However, there are other benefits to a vpn server. For example, I do not expose my internal ip cams to the Internet...just not comfortable with the level of security on these cameras. With the vpn I can access their video feeds using TinyCam as if I was on my local wifi.
All easily connected remotely because of Tasker.
1 Like
As I believe you have surmised, PIA is used for connecting your client devices (Laptops, Phones, Tablets, or even your router) to PIA's OpenVPN server.
When connecting back into your own home, the simplest way I have found is to use Asus' built-in OpenVPN server, along with the free Asus Dynamic DNS feature.
Once you have the OPenVPN Server and Asus Dynamic DNS working on your router, you will them configure your phone, laptop, tablet etc... as an OpenVPN Client that points back to your own router's OpenVPN server. In order to find your router, amongst all those on the Internet, you will use the Asus Synamic DNS name you created when configuring your router.
It sounds complicated, and it definitely isn't trivial if you've never done it before. However, the results are pretty fantastic.
2 Likes
There are no forwarded ports if you run the OpenVPN server on your router. However, the OpenVPN server is definitely listening on a port on the WAN adapter of your router. So, technically there is at least one open port. 
I still prefer this solution to versus running OpenVPN on another computer behind the router. I at least am somewhat vigilant about keeping my router's firmware up to date, which includes security patches and updated versions of OpenVPN. I know that if I had OpenVPN running on a Raspberry Pi behind my router, I would probably never touch it for fear of breaking it, or I'd simply forget about it until I really needed it (at which time I am sure it probably would be powered off or crashed for some reason! 
) At least if my router goes down, I am very aware and fix it quickly.
1 Like
Yep. My router just doesn’t allow it and this method is secure enough that I’m not concerned with someone gaining access.
I only personally have two cameras I can access via their cloud connection and I’m ok with that. But what you’re saying makes perfect sense with TinyCam. I’m fairly new to cameras in and around my home, so I’m sure I’ll need to change the way I’m doing things at some point, for one reason or another.
Oh yeah...forgot about the dynamicDns portion of the setup. I already have a domain and tie a subdomain to my external ip..google makes it pretty easy to setup but I wish it was all built into my router like yours. The funny thing is I had an Asus router that could do it but never really needed vpn access then. When I moved I needed a mesh router to cover the whole house and got an Eero that does not have vpn server options. I'm still hoping they add these features sometime.
I believe the WAN port is essentually listening on ALL ports but only opens the Lan to the ones that are forwarded. The openvpn server is in front of the firewall so I believe this method should be more secure since you aren't opening a port to a server behind the firewall (on your internal network).
Disclaimer:
Everything above is based on my limited networking knowledge and could very well be completely inaccurate. 2 teaspoons of salt should be included with consumption.
This is what I'm personally not comfortable with. I dont like the prospect of having video of the inside of my house in the cloud...and definitely not saved on a server list Nest does. For outside...no problem. I have 2 Ring cameras outside....and their current predicament with employees viewing people's video only serves to strengthen my belief that internal cameras should never be sent to an external server.
Just my own personal paranoia.
1 Like
I took the other highway. My OpenVPN is to a Linux server behind the router. Like you suggest, however, my Linux server is the first thing I'd notice being down. It's doing everything... dns, dhcp. there's redundancy but there's a noticeable difference. I keep my Linux server up to date far more than the ISP keeps their router (guest network) updated. My inside router is behind my Firewall and of course, so is the Linux server.
It's not better, just different and as you point out, fits me and thus suited to my home.
1 Like
You need to run the openVPN server on your router, genertate the certificate file, download openVPN client apps on Google play, iOS apps store or openVPN for desktop. Load the cert file file generate by your router and connect.
Don't forget to check mark on "allow client to client" on the router server VPN setting otherwise you won't be able to connect to devices connecting to your router.
2 Likes
You’re not wrong. Outside is Wyze Cam. Looking forward to RTSP support without having to flash custom firmware on those. Inside, pointing only at my front door is an iSmart Alarm Spot. That one I have been thinking about flashing with custom firmware and using TinyCam like you’re doing. Needs to be simple for my Wife to access from her iPhone through. Currently the iSmart Alarm software is dead simple and very reliably fast to access. Also doubles for Smoke and CO detection, and its response time is very fast. That last part is why I’ve hesitated to make that change in the firmware.
Don't flash the firmware if you have the latest Wyze firmware. I did this for 1 Wyze so I can added it to blue iris but you won't get HD quality and no auto night mode which really a let down. I ended up running Tinycam pro with BlueStacks and added all the cams to blue iris. It's a weird hack but I get both side of the coin.
Edit : oh yeah, no sound detection as well.
1 Like
I haven't had much time to play with the Wyze cam I bought a month or so ago. I did flash the custom firmware (didn't like the idea of the cam reporting back to Chinese servers) and didn't like the quality of the video and couldnt get the sound to work. It's been sitting on my desk unplugged ever since.
Are you saying that you can get this camera to stream locally using tinycam? If so, please point me to where there is a guide for this.
No, I like the Wyze firmware. Won’t be changing that. It’s the iSmart Alarm Spot I would consider changing. It’s the original and only has 720p. No sound a big disadvantage though. Wouldn’t want that.
They answered customer complaints and now send to Amazon servers. Rose Thibodeaux reviewed the Wyze cam and hired someone to analyze the data route to confirm their claim.
1 Like
