How we built our DIY Home Security Camera System – VueVille

A topology is a representation of how a system is connected together. Network topologies may be either physical or logical. A physical network topology shows the actual physical layout and the connections between different elements. A logical network topology shows how they are functionally linked to each other. The topology above is a logical representation of our home surveillance network.

We have three Hikvision IP cameras, and a Reolink C1 Pro recording 24/7 to a Network Attached Storage (NAS) system from QNAP. NAS devices today are much more than just network storage, they are more like mini-servers. Generally they run their own Linux-based operating system that is accessed through a web browser. Common uses for a NAS are centralised network storage, as a backup target, as a VPN client/server, and as a DLNA server for streaming your media across the house to multiple devices.

The TS-231+ we use has multiple roles as well (EDIT: I have now upgraded to an Intel-based QNAP TS-253A NAS, the main role being a Network Video Recorder (NVR). This is possible using the NAS’ built-in Surveillance Station software. So the QNAP records full resolution video streams from my 3 Hikvision cameras and a Reolink C1 Pro to its internal hard drives. You could get a dedicated NVR but as I said, we had other uses for the NAS.

As mentioned in our goals above, we didn’t want to forward ports from the cameras to the Internet. The alternative to forwarding ports from the camera to the router and exposing them to the Internet, is to create a VPN connection to your home network so that you can dial in securely. For this you need an Internet-facing device in your home network that can act as a VPN server.

The QNAP software has a built-in VPN server that supports all the major VPN protocols. I chose the OpenVPN protocol as it is widely accepted as the most secure protocol at the moment. All others have been compromised either by the government or by hackers. Our ISP’s DSL modem-router is physically the center point of the network as all the devices are connected to it either directly or through switches.

We use a VPN client on our Android phones or laptops to connect to our home network via OpenVPN, the QNAP NAS acting as the OpenVPN server for the entire home network. This lets us access all our network resources as if we never left home, live-viewing and reviewing recorded footage is so easy. Accessing the security camera system while at home

The QNAP NAS’ Surveillance Station can be accessed either via the web interface or the Windows QNAP QVR client software that you saw above in the screenshot. The tinyCAM Monitor Pro app on our smartphones are all configured using the local IP address of the QNAP NAS and Hikvision cameras. At home, we just open the app and it simply works. No fuss. No hassles. Accessing the security camera system from outside the home

1. Personal preference – I started out recording just motion detection clips to my NAS NVR, just as I do on the Hikvisions with SD cards inside. But sometimes I felt like I wanted to see a bit more of what happened before and after the motion detection event. An example – I sometimes get people ringing the doorbell and walking away. Now the Hikvision cameras record 30 seconds before and after the motion trigger. In the unlikely case that it is a burglar casing my house, I would like to know whether he came in a car, what colour the car was, hopefully a plate, and where he parked. With the 30 sec pre and post record, I may or may not get all of these details. But with the NAS recording 24/7, if I want more details than just the pre and post record images sent to me by the Hikvisions by email alert, I can log into the NAS and check out the full video. I am happy with the last 10 days of recording on the NAS for now (1.5 TB space allocated), but I can easily up it to 20-30 days by getting a bigger hard drive.

2. How motion detection recording works – Since the NAS provides a pre-recording feature, it means that it is actually recording everything it is receiving from the camera, holding on to it for the duration of the pre-record (1 min in our example) in case motion is detected. If there is no alert it has no reason to save the clip and it deletes it. This happens on a rolling basis. My only concern with 24/7 recording was that I would wear out the hard drive quicker – but then if it is in any case recording everything for the pre-recording feature, I cannot do any more harm by recording 24/7. Hope this reasoning makes sense!

When you add a camera and turn on motion detection alerts as described here under the “Configure Alarm Recording on the QNAP NAS” section, the NAS will login to your cameras and attempt to set up motion detection rules in the camera. Then when the camera sends an alert according to the rules defined by the NAS, Surveillance Station will receive them and then respond accordingly (start recording, put an event marker on the timeline, send email snapshot, send an SMS alert etc.).

So the first key point is that your QNAP NAS actually doesn’t do any motion detection, it relies on the camera to do it. So you wont find any configuration options for those rules in your NAS – you will find it in your cacmera settings. This method is smart because your camera will usually have more advanced motion detection methods such as line detection, intrusion detection, PIR motion sensors etc to which the NAS can theoretically respond. I say theoretically because there is a downside – the NAS’s ability to respond to those alerts depends on how well QNAP supports your specific camera make and model. For eg. I have Hikvision cameras. The NAS will not respond to any motion detection alert other than the basic motion detection. So it ignores the line detection and intrusion detection alerts that I love because it cuts down false alerts massively.

I dislike both cloud and uPNP, but uPNP is far more dangerous than using the QNAP cloud. The reason is that uPNP for never intended to be used on external networks such as the Internet. I keep it disabled on my router and all devices that support it. uPNP is how insecure or compromised(hacked) devices can ‘dial home’ to their manufacturer or even used by hackers to spy on you.

QNAP cloud – I never tried it because the QNAP openVPN server has been flawless and is very very fast. There is no middleman – my phone connects directly to my home network. Also by just using one app (openVPN client), my phone then is literally inside my home network – I can do everything as if I am am at home, plus all my internet traffic is routed over my home router (not public Wifi for example). I recommend using only the openVPN protocol because all other VPN protocols have been compromised by various governments and so safe to assume hackers as well. The official QNAP documentation is very good and should help with configuring the openVPN server. Some tips – default settings should be good, except under advanced settings use UDP (not TCP) and a random port (not 1194). Then get a dynamic DNS for your home router (noip.com is free, paid ones also exist). Then port forward that specific UDP port from router to NAS. Then download the QNAP configuration file and open it with the official openVPN client app, enter your dynamic DNS settings and login details and off you go. That’s about the gist of it.

Connecting your PoE switch directly to the QNAP only allows surveillance station on the QNAP to retrieve video from your cameras, and only if you have the second port on the QNAP set up correctly (e.g. You’ll need to have static IP addresses on the cameras, or need the QNAP to run a dhcp server serving that port.) In the configuration you have, you would presumably be able to view video that the QNAP has retrieved, but you won’t be able to connect directly from your desktop to your cameras. That sort of configuration can be a good thing, as it also prevents your cameras from talking to the outside world but it’s more complicated to set up, as Daniel mentioned.

I think what you want is that your QNAP and your cameras should all be plugged into some switch that is also connected to your main netgear. Based on what Daniel said, I suspect this is what he has too, although the diagram in the article makes it look as if he has one cable from the switch to the QNAP, and another from the QNAP to the router.

Hi John, thanks for dropping by! I have been using the TS-253A for over a year now and I’m very pleased with it. Instead of rigid partitions, I use the shared folders concept where each shared folder can use as much space as it wants on the 3TB WD RED hard drives I use. So I have set a limit of 1.5TB of storage in the the Surveillance Station app. This equates to around 10 days of storage. The only downside to using it as an NVR is that it doesn’t support the advanced motion detection methods of the Hikvision and Dahua cameras that are crucial for reducing false alerts. But I record 24/7 anyway, so it doesn’t bother me too much. A dedicated NVR with redundant storage is very expensive – a NAS with redundant storage can be had for a fraction of that cost (as long as you don’t need more than 4-6 cameras). If you need more than 4-6 cameras, the total cost starts rising due to the extra licence per camera model QNAP and other NAS manufacturers follow. But as you have realised, a NAS can do so much more. The TS-253A also supports one-click virtual machines, so I have set up a Linux Ubuntu virtual machine to play round with as well. I run my OpenVPN server on it, apart from using the HDMI output to view my cameras on the TV. At the moment, the TS-253A gives the best bang for your buck because of the included 4 IP camera licences.