Logo

Satellite Internet Forum.
Please note that this forum is now READ ONLY and closed for login and changes
The new forum is here Space and Satellite Communications forum

Welcome, Guest.
Welcome to this satellite broadband discussion forum.  Wherever you are and whatever your problem we are here to help each other. Connecting to the internet via satellite is not always easy but is critically important to those in remote places or with poor terrestrial infrastructure.  Both service providers and customers are encouraged to contribute.  Read the Forum rules.
      Satellite internet forum          

Remote Network Management via Satellite

(Read 6313 times)
inquisative
Ex Member


May 13th, 2008 at 6:14pm  
I'm a small ISP. I have approx 40 subscribers. My backhaul is via satellite. The LAN side of the Satellite is Wireless ( Router linked to satellite modem, Wireless access point linked to Router via ethernet, CPE's associate wirelessly with AP and customers PC's are linked to CPE via ethernet.)

Problem: The network is 5.5 hours drive from where I live, so supporting the network is difficult. I want to be able to access the network remotely from home .i.e be able to see the LAN ( Router, AP and customer CPE's) through the satellite so that I can solve problems and manage the LAN remotely.

My question is: What do I have to do or How do I set up the system to be able to manage it remotely, given that I have to go through the satellite?
Back to top
 
 
IP Logged
 
Eric Johnston
Senior Member
***
Offline


Personal text from Profile,
Options, Top line

Posts: 2107
Reply #1 - May 13th, 2008 at 7:26pm  
I would guess that your satellite modem provides you with a gateway IP address for your LAN and that this IP address is a private IP address (part of the satellite service providers network).  If this is the case you need to ask them to forward a public IP address through your satellite modem to the private IP address you are using for your wireless router. (Note you will have your own invented range of IP addresses for your wireless customer LAN, but this is not relevent since you are not trying to access one of their PCs.)

You can then go from your home to the wireless router using telenet abc.abc.abc.abc, or to the web interface of the wireless routher using http://abc.abc.abc.abc

Be extremely careful about security and use the longest possible management password on your wireless router and change it regularly.  If your router has enhanced security use it.  It may be possible to permit only your home IP address to get through.  Your satellite service provider can help here with a similar routing restriction put into their VSAT hub router. Talk to them as see what they suggest.  They may be able to do a 'port forward' so that you can get to your wireless router by using say
http://aaa.bbb.ccc.ddd:12345   The aaa.bbb.ccc.ddd might be the public IP address of the VSAT hub router.

I hope more people here will add their comments.  Setting up routers is a skilled job and needs to be done really carefully to avoid opening up security holes.

If the above does not sound as though it will solve your problem there is the possibility of an encrypted GRE tunnel.  This allows you have a LAN at your home and the same LAN at your remote site. e.g 192.168.21.xxx at your home and 192.168.22.xxx at your wireless router.  Using a GRE tunnel, the items at the end of the satellite link appear to be close by, all within the same LAN 192.168.xxx.xxx

As above, this needs setting up by an expert. Similar proper Cisco routers at each end are recommended.

Best regards, Eric.
Back to top
« Last Edit: Oct 13th, 2010 at 11:17am by Admin1 »  
 
IP Logged
 
inquisative
Ex Member


Reply #2 - May 13th, 2008 at 10:44pm  
Thanks Eric.

Yes, the Vsat modem is the gateway to the net, it's IP is 192.168.1.1. The LAN Routers IP is 10.1.1.1, GW 192.168.1.1. It's not a wireless router. The AP's(Access points) are ethernet to the Router. Wireless link then from AP's to subscribers CPE's. The CPE's have static IP's on the Wireless side and dish out DHCP to customer PC's.

Majority of my problems are with the CPE's or occassionally the AP's. These are what I want to be able to see into. I'm not interested in seeing into the customers PC.

A Public IP would solve the problem, however Satellite NOC for some reason refuse to give me a public IP. I have to bypass the satellite somehow.

I'm wondering if I connected a modem to the router, then I might be able to use a dial-up connection to connect to the router and access the AP's and CPE's that way.

Any help appreciated.
Back to top
« Last Edit: Oct 13th, 2010 at 11:19am by Admin1 »  
 
IP Logged
 
Eric Johnston
Senior Member
***
Offline


Personal text from Profile,
Options, Top line

Posts: 2107
Reply #3 - May 14th, 2008 at 9:34am  
I don't know how to connect a dial up modem to a router. 

A PC however might have both a dial up modem (so you can get in) and an ethernet connected to your LAN.

You could then, using your home PC, dial up the LAN PC and control it using VNC perhaps ?

Please would other help with advice and ideas ?

Best regards, Eric.
Back to top
 
 
IP Logged
 
Oasis Networks
Ex Member


Reply #4 - May 14th, 2008 at 10:49am  
just to get it clear:
Would you like to access the network through the satellite link or through the wireless network? (from the internet or from any wireless CPE)?
Back to top
 
 
IP Logged
 
HVYMTL
Ex Member


Reply #5 - Jul 18th, 2008 at 4:05am  
As suggested, a local computer, something simple, connected to your vsat source would be the best choice in my opinion to support anything on your network. There are many choices for security, construct your own and use a vpn and VNC as suggested, or enlist the use of a web connection VPN service like logmein or one of many available.  a local computer under your control through a VPN would be my best solution. you might find someone locally willing to share a their computer as a host for your occasional admin work, but your limited to their non use times. Take a look at the small Linux palm size computers running a solid state HD, no fan, very compact around 6x6x2". I have a Zonbu unit, and there are many others that fit in palm of hand that would function as a remote host for your needs. Many have installed Win product OS on these same small box products, about the same size as a AP or router appliance.
Back to top
 
 
IP Logged
 
spacesegment
Ex Member


Reply #6 - May 26th, 2010 at 10:48am  
Our MSP network appliance will be the ideal product for your ISP that will solve many of your management issues. If interested, mail me mvdlinde@sholga.com

Kind regards

mark van der Linde
Back to top
 
 
IP Logged