[mdlug] Need ideas for a "telepresence" box

Jeff Hanson jhansonxi at gmail.com
Fri Jan 25 14:47:09 EST 2013 

I don't know about communications in Europe but if you can connect the
system to their LAN then there is a way to ignore their IT department (and
security concerns they may have).  Set up an OpenVPN server and certificate
authority on your end and pre-configure a system on the client end to
connect to it.  You have to generate a certificate for the client which
makes it much more secure than just using a password.  Set it to manually
connect so they have to initiate the connection.  When they establish the
VPN, you can connect back through it using SSH, X2Go, VNC, RDP, etc.  Set
you server to use port 443 UDP which their firewall is unlikely to block.
If they don't trust your equipment then they can add a hardware firewall
(your equipment on the WAN port) that forwards 443 UDP to their gateway.
You can still use 443 TCP for hosting a secure web server.  For
establishing the connection the client can use the static IP of the server,
DNS, or DDNS.




On Fri, Jan 25, 2013 at 1:20 PM, David McMillan <skyefire at skyefire.org>wrote:

>
>     My situation is this:  I have a large industrial system that is being
> shipped before long to the end customer in Western Europe. The machine has
> a number of Human-Machine Interfaces that are essentially Windows PCs with
> special GUIs, running on their own fixed-IP LAN.  The customer wants my
> employer to be able to do remote support of this machine on 5min notice,
> but their IT department is being all kinds of obstructionist.  So I'm
> thinking of doing an end run:  divorce this machine from their corporate
> network entirely (it doesn't need to be on their main network for
> production) and simply add a box (preferably Linux, but that might not be
> my call) to the LAN with a cellular modem, DynDNS, VNC, and a few other
> software tools that need to run locally (for example, I'll probably need to
> be able to run two lightweight WinXP virtual machines in parallel for some
> proprietary diagnostic software that, sadly, has no Linux version).
>
>     Of course, the biz being what it is, I'm not going to have a chance to
> test out this rig before it ends up on the other side of the pond.  So I'm
> soliciting opinions on whether this is a workable idea, and what I
> can/should do to have a bulletproof setup from the start, to avoid any mad
> scrambles later in the game.
>
>     For that matter, does anyone know much about cellular modems and
> service in Western Europe?  I keep hearing (mostly from bragging Euroids)
> how much better, faster, and cheaper their Internet is than in the US, but
> I don't know much about the details.  Particularly, what it takes to get a
> good broadband wireless data plan without taking a multi-year contract and
> getting into international financing issues.  If they have pay-as-you-go
> plans that we could refill remotely at need, that might be the way to go.
> ______________________________**_________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/**listinfo/mdlug<http://mdlug.org/mailman/listinfo/mdlug>
>

More information about the mdlug mailing list