Read up on hologram. They have a solution to reach any device on their Network.
On Wed, Jan 31, 2018, 6:30 PM Eric Kuhnke <[email protected]> wrote: > you don't, you set up a really small system at the site which can run > openvpn. In Linux terminology it would have three interfaces, eth0 (private > IP space hardwired to your serial console/core router/POP management > equipment), the LTE network interface, and tun0. Have it initiate, from > inside the cellular carrier's NAT, an openvpn connection to a server you > control on a static IP somewhere. tun0 would have a static IP in private IP > range used by just the openvpn server and client. When you get to get into > the OOB you SSH through your openvpn server to reach the client machine. > > > On Wed, Jan 31, 2018 at 4:25 PM, TJ Trout <[email protected]> wrote: > >> same as twilio which we use, problem is all LTE is NAT, how do i login to >> a device behind nat when I cannot force the carrier to give me a port >> forward? >> > On Wed, Jan 31, 2018 at 4:16 PM, Lewis Bergman <[email protected]> >> wrote: >> > Hologram network and set up their site to do it for you. Pretty slick. I >>> also like that is really cheap if you don't use it. As a warning, don't let >>> the MT put a default route in for it or you will pay huge if your primary >>> goes down. Otherwise it is so close to free it is crazy. >>> >>> On Wed, Jan 31, 2018 at 2:30 PM TJ Trout <[email protected]> wrote: >>> >> Never, but it's not a bad idea to have out of band management? I can get >>>> the LTE service for $2 a month + data used (ssh data = zero) >>>> >>>> TJ >>>> >>>> On Wed, Jan 31, 2018 at 12:09 PM, Sean Heskett <[email protected]> wrote: >>>> >>>>> Um how often are you loosing contact with your sites to necessitate >>>>> this LTE backdoor? >>>>> >>>>> Seems like a lot of overkill to make routing changes??? >>>>> >>>>> Am I missing something? >>>>> >>>>> -sean >>>>> >>>>> >>>>> >>>>> On Wed, Jan 31, 2018 at 11:48 AM TJ Trout <[email protected]> wrote: >>>>> >>>>>> Does anyone want to trade a PPTP connection (prefer you are >>>>>> multihomed) for the purpose of getting through LTE NAT? AKA I assign you >>>>>> a >>>>>> PPTP account with a static IPV4 and you do the same, so that if either of >>>>>> our networks go down we can use the others to tunnel back thru LTE to >>>>>> preform OOBM functions? We can shape @ 1mbps? >>>>>> >>>>>> This is a simple was around paying high fees for a static IP from the >>>>>> wireless carriers that even offer it... >>>>>> >>>>>> I don't really want to subscribe to some russian vpn service if I >>>>>> don't have to, or pay some cloud based OOBM company which will both cost >>>>>> way big$$$ >>>>>> >>>>>> TJ >>>>>> >>>>>> On Wed, Jan 31, 2018 at 10:32 AM, Adam Moffett <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> You can use PPTP through NAT on LTE. You can assign a static >>>>>>> private IP to both ends of that tunnel. >>>>>>> If PPTP won't pass something you need, you can run an EoIP tunnel >>>>>>> using the PPTP IP's as the endpoints of the EoIP tunnel. You end up >>>>>>> with a >>>>>>> tunnel inside of a tunnel. It'll have a lowish real MTU, but you can >>>>>>> pass >>>>>>> 1500 bytes within the EoIP tunnel and it'll just be fragmented. >>>>>>> >>>>>>> >>>>>>> ------ Original Message ------ >>>>>>> From: "TJ Trout" <[email protected]> >>>>>>> To: [email protected] >>>>>>> Sent: 1/31/2018 12:51:40 PM >>>>>>> Subject: [AFMUG] OOBE mikrotik >>>>>>> >>>>>>> I was wanting to add out of band management via LTE to some of our >>>>>>> core routers, but I think most/all cellular networks are NAT now so you >>>>>>> cannot access your LTE devices inbound unless you have it tunnel out to >>>>>>> a >>>>>>> public ip over VPN somewhere right? >>>>>>> >>>>>>> How is everyone handling OOBE? >>>>>>> >>>>>>> I'm half tempted to do it via VHF low throughput radios! >>>>>>> >>>>>>> TJ >>>>>>> >>>>>>> >>>>>> >>>>
