TIP: Click on subject to list as thread! ANSI
echo: rberrypi
to: CHRIS GREEN
from: DELOPTES
date: 2020-12-28 14:01:00
subject: Re: Simplest 3G/4G connec
Chris Green wrote:

> OP here - I'm in the UK but the system this is for will be in France.
> So digging out specialist providers and such is one level more
> difficult than doing it 'at home'.

I have my parents in another country and they use linux PC. I and they have
dynamic IP.

I have setup DDNS with no-ip.org at home and have a physical PC (industrial
Geode from 2007) that I use as firewall and VPN (with OpenVPN). On the
modem I configured forwarding of all traffic to the FW. On my parents PC I
have a script that checks a URL on my home apache server (vie the DDNS)
that simply replies with YES or NO. If YES it starts the OpenVPN on the
remote (my parents) PC and connects to my FW if NO it stops the VPN on the
remote PC. Then when connected, I use the VPN IP to connect to their PC in
the VPN network.

Same can be achieved with mobile network - there are hubs with SIM cards to
provide internet in regions where there is no fast internet connection, or
simply to carry with you and use anywhere. The process would be the same
because what matters is the DDNS and your VPN. As soon the client connects
to the server you can access the client over the VPN IP. As it was stated
you have to "push" the routes from/to your local network.

So you say you are located in the UK and have a local network with, let's
say, 192.168.1.0/24. Your VPN has 10.1.1.0/24. The OpenVPN will push a
route to the client in France to the gateway in 192.168.1.0 and route the
traffic from 10.1.1.0 to 192.168.1.0. This way you can access anything on
10.1.1.0 from 192.168.1.0.

I got tired following the whole thread ... the described setup is a common
practice and I do not understand why so many posts. Forgive me if I
repeated or misunderstood something.

I do not know what was mentioned regarding OpenVPN setup, but it took me a
while to understand how it works. I choose certificate based
authentication. So I had to create and deploy certificates for and to the
clients I use. This way the client can connect without providing password.

Another use of this is when I travel - from the companies Windows Notebook
or my linux notebook I can connect on demand to the VPN at home. This setup
is more than 10y old - I'm not sure but I think I did it in 2008 or 2009 -
never failed - except be careful when you update the system of course :)

regards

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.