Starlink Remote Cameras

3-Steps to Enable Inbound Remote Access

Enable secure, remote access to your IP Surveillance Camera on your Starlink network

No public IP, no VPN, no port-forwarding needed.

Starlink Remote Camera

Overview: Starlink Remote Camera

A common home or small office security camera setup requires inbound IP access. The only downside? If you are not at home, on your home network, you cannot access your security cameras through Starlink for remote surveillance. Or can you?

In Starlink Port Forwarding we discussed how Carrier-Grade NAT (CGNAT) works, and how Agilicus AnyX can be used to connect through the Starlink into an internal environment, even though there is no public IP for remote surveillance and security operations.

In this article we describe how a user setup their Starlink and an IP Security Camera (e.g. Hikvision) with Agilicus AnyX, achieving anywhere secure access, from any device, despite the CGNAT limitation. They can access their home surveillance video from anywhere.

The simplest, and most powerful method of using your cameras remotely is to invest in a network video recorder (NVR), such as Synology Surveillance Station. This platform provides a location to run the Agilicus Connector, as well as a location to store the video when motion is detected. It also acts to aggregate your cameras and make them available via HTTP.


Many security cameras have a web interface. If you have a URL you can use from your browser at home, then you can use it while away with Agilicus AnyX.
The Agilicus AnyX platform is almost entirely cloud SaaS. In order to work with your Starlink network, you will be installing the Agilicus Connector on a device you already have. This software will facilitate the incoming network traffic.
The Agilicus Connector supports many device types. Windows, Linux, OpenWRT, Synology. You can see more information on the product guide page. In general, the machine will need about 100MB of storage, 20MB of ram to operate.
You can see an animated diagram on the Agilicus Connector page. But in general, this works the same way e.g. a Google Nest thermostat works. Something inside your home network makes a persistent outbound connection to our cloud. When you are away, you will connect to our cloud, it will confirm your identity, and bridge you across these two outbound connections.
You can see the pricing here. If you have only 2 users there will be no ongoing cost.
Agilicus AnyX is an excellent solution for web applications, for SSH (e.g. command line access), for a Share (e.g. file access), and for remote desktop (Microsoft Remote Desktop, VNC). If you have complex networking needs that require layer-3 routing this is probably not the right solution for you.
Agilicus AnyX is an implementation of Zero Trust, a security best practice. You will use single-sign-on authentication via your Google or Microsoft account (there are no passwords). You can optionally enable multi-factor authentication. All traffic is encrypted with TLS 1.3 HTTPS. You can configure firewall rules in this system for e.g. geo-ip based access, as well as other more complex rules. You will have a full audit trail of who used what when.
No. The Agilicus AnyX is a SaaS solution, cloud based. In order to work with your Starlink network, you will install a small piece of software on a single device you already own.
Certainly! Please either open the chat icon in the lower-left, fill in the form, or email us (info @ and our team would be happy to discuss further with you.
Yes, the end user can use the web-based profile as well as the desktop based launcher. The desktop-based launcher requires OSX 11 (last supported version by Apple) or later.
No, Apple does not provide a server platform since the XServe. The connector is supported on Linux, Windows, various embedded platforms like Synology, pfSense, Mikrotik, etc. To run the connector on an Apple Mac, you may use the Docker instructions (see Install Docker Desktop on Mac).
We do not recommend using the RTSP feature of your camera with Agilicus AnyX. Instead we recommend using the HTTP interface.
Yes, via Agilicus AnyX.

Data Flow

The high-level data flow is shown at the right. A managed SaaS system (Agilicus AnyX) acts as the intermediary. A program installed on the local network (Agilicus Connector) makes an outbound connection, thus overcoming the limitation of the NAT.

User-based authentication via Single-Sign-On and End-To-End Encryption round out the feature set of getting the User to their Data without caring about the network.

SSH Animated Data Flow

The Setup

Signup. Create your Account
The signup process asks you what you want to call your account. You then have the option of using your own domain-name (so your share and web-applications will be something like https://my-app.mydomain), or one of ours. The Signup process is very simple, detailed instructions are here.
Install. Install the Connector on the network
In the Agilicus Admin UI, create a Connector. Give it a name (e.g. my-nas).This can be installed on a Raspberry PI, an OpenWRT Router (if it has enough flash), a Mikrotik, pfSense, a synology, a windows machine… many options exist. For this application Synology is a good choice, particularly if you will use the Synology Surveillance station.
Configure. Create a Web Application
We recommend using an NVR, but if we assume your IP Camera has a web interface, you can directly access it via a web application in Agilicus Admin interface, referencing the camera’s IP or hostname as the ‘upstream host’ and port 80 (typically)). This will proxy you, after proving your identity, to the ip camera. From anywhere to your Starlink Remote Camera.
cc586a2c compass
Open https://profile.MYDOMAIN, sign in. Try your share. Try the admin interface of the Starlink Remote Camera. Now, do this from a network that is not at your home (e.g. LTE, a Cafe). Observe it works without regard to where you are. No VPN.
Feel free to try additional services, e.g. a VNC or RDP remote desktop to your Mac, Linux, Windows machine. Connect to your home Building Management System. SSH to a NAS (web or command line) from remote, whatever works best for you.

Next Steps

In the case study above, the User’s objective was to use their IP Surveillance Camera from anywhere, without interference of the CGNAT of the Starlink.

The user can see their home surveillance video via their Starlink Remote Camera. From anywhere, on any device, with single-identity and single-sign-on, with multi-factor authentication.

No VPN is used, no overlapping or private IP issues Any network with out bound Internet access, whether fixed, mobile, corporate, will have direct access to the home or small business camera system. The Starlink Remote Camera access is simple, seamless, reliable, non-disruptive.