On Mon, 10 Sep 2012 23:45:10 Roger Oberholtzer wrote:
I would like to enable remote access to openSUSE systems that are running in road vehicles around the world. The idea is to use tethering via a USB telephone. The thing is that we want to access the devices remotely. It is not that the vehicles need to access anything. We need to access them.
The idea is to use a telephone with a local phone company SIM (supplied by the local owner of the system), connected to the openSUSE box via a USB cable. Obviously the local phone company has to allow tethering in such a way that one can find the telephone. It is not enough that the telephone can find us.
Back around 2000, I work on a setup where around 100 linux servers connected back to base via TCP/IP dialup via Telco sevices that allocated dynamic IP addresses. The call initiation was at the client end and there was no way to connect/call the remote end. So this sounds somewhat similar to your situation - I'll describe the approach we took in case it sparks some ideas. What we did is to install software on the client that would initiate calls, both on a load-determined periodic schedule and when critical events occurred (e.g. if the person at the client end toggled the UPS power, the client would connect to base). We layered IPSEC over the top of the carrier network and a incoming IPSEC server at base would identified each client by its associated IPSEC key and initiate a "session" with a "central host". The central host would only see our higher level VPN addresses, not the carrier level addressing. The host would them drive the whole conversation, pushing and pulling data from the remote end. The idea was to keep the client connection software simple so that it could not stuff up - implemented with shell scripts. Complexity was confined to the application level software (Java). If I were to repeat this with Android, which bits to implement in the phone or on the client would again be dictated by trying to make the implementation of the client side simple - the connection software cannot fail, there is no inexpensive way to fix it if it's not working. Whether I'd use IPSEC would also be revisted - not sure what the state of play is with VPN's these days. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org