Cellular Modem for remote access to NVR

[Fastb]

All,

I'm putting together a camera/security system for residential remodeling job sites. The system will be semi-portable, and will move from job to job as remodels get completed.

The General Contractor (GC) said we can use the homeowner's broadband connection. I'm learning about the many pitfalls; security, a customer's possible bandwidth cap, etc. And the risk that anything that goes wrong with the customer's network will be my fault, until I'm proven innocent. Maybe even printer problems (due to empty ink cartridge).

So I'm considering using a cellular modem. I'm hearing the cell network is more dependable than residential internet connections. Plus I'll be able to create one system architecture than can be used on any homeowner's job. I won't have to deal with cable modems, DSL, Dish, etc. And all the different routers of different homeowners.

M2M cellular modems look pretty capable. One knowledgeable person recommended Cradlepoint COR IBR650LPE-VZ or COR IBR600LPE-VZ (with Wifi).
They're robust. But expensive, ~$600

The other end of the spectrum would be a wireless hotspot, ~$200. (neither price includes data)

Data Traffic details:
1) SMS & email, with snapshots, when an event occurs. (Face Detect, Laser tripwire, Optex motion sensor, etc)
2) Remote access to view job site when an event occurs.
3) No remote video storage (ftp, dropbox). NVR will record 24/7.

So I data plan costs should be low.

What cellular modem features do I need?
What modem would be best?

Thanks!

 

[nayr]

I would check out Cradlepoint: https://cradlepoint.com/content/cor-routers
http://www.amazon.com/Cradlepoint-COR-IBR650LPE-GN-Cellular-Multi-Carrier-Certified/dp/B00NVVO43E

I ran one of them for a while for remote sites, worked well and reliable.. has failover support so if you have local network avilable you can use that and have it failover to modem, ultimate flexibility and reliability.

Was chatting with one of the employees of our local bike sharing program one day at work, he opened the bike rack's computer money changer and showed me the inside.. up in the corner was a little cradlepoint providing internet access for inventory monitoring, payment processing, membership tracking, etc.. if they can run it in outdoor kiosks all over Denver they gotta be pretty damn good.. we see both ends of temperature extremes.

Multiple SIM cards seems nice, you could have a backup pre-paid sim for when you run out of data our that provder's coverage is shit at that jobsite.

Local WiFi Access point is optional, get it if you want to use wifi clients locally so its one less piece of hardware you need..

 

[fenderman]

You need to consider that most mobile providers will not give you a routeable external ip address...unless you pay for it..

 

[nayr]

yeah remote access might not be reasonable over a modem connection, you can only really use it for notifications.. a single substream at decent quality is over 1Mbit throughput and your lucky to get uploads much better than that on cellular.

you can site to site VPN Bridge to a home/coprporate network, outbound from the mobile modem.. this will let you get through the NAT and lack of routable IP space the'll give you.. but upstream bandwidth is going to be a choke point for sure.. so if your bound for mobile data then ditch the remote monitoring ability and you'll get a good solution... just make sure your alert/notification/nvr system is up to snuff as its like a lil rover on mars, all by its self having to rely on your programming.

Maybe have it capture snapshots along with video, you could go through a bunch of snapshots alot easier than video over this kind of connection.

 

[CoreyX64]

Sprint's Netgear 341U USB LTE modem, when connected to a Windows computer (does not work with Mac and can't speak for CradlePoint) does provide you with a routable WAN address (1 setting change in the stick itself, but works like cable/DSL). We have 1 combined with 1 from Verizon as a Dual WAN at work since its in a building that not a single provider is willing to connect to service, we literally have no choice and I'm not happy about it). I personally still have the ability to get unlimited data plans at 3 of the big 4 US carriers, so the combined bill for both modems on 2 different carriers comes out to about $130/mo for unlimited data on Sprint and VZW combined. The Verizon device is not AS configurable as the Sprint stick, and haven't dug any further to its routing capabilities as its confined to VoIP which does not require routing inbound traffic.

I wanted a CradlePoint knowing how reliable they are but for roughly the same cost I crafted up a very very tiny Windows box with dual NICs and can drive both modems and pipe them into the rest of the network rack. It's the furthest stretch setup I've ever done to make things work and work properly, but it works so I can't complain.

I can't speak for other carriers, and generally Verizon issues local non-routable addresses unless you're on a business plan in which case static, let alone routable addresses are a paid option. Sprint only wants $3/mo for static. If I didn't get all cozy with dynamic host names, I'd jump on it.

Ideally, if you can manage a routable address through a CradlePoint, that's the single best way to go. It boils down to the modem issued by the carrier, and if that carrier supports WAN passthrough like sprint does.

Just my 2c, based on my forced dealings and experience with carriers and an Internet-less building. (We're barely able to get a fax line/alarm through POTS). I love hardwiring over wireless like nothing else so projects like this, no matter how successful, kill me on the inside.


Sent from my iPhone using Tapatalk

 

[gmedia]

Has anyone used a Novatel T1114? It has the ethernet ports built-in, and you can get them for $50-$100. I was thinking on using this modem, along with a heated NEMA box (18x16x8 Inch 120 VAC Weatherproof Enclosure with Heater and 85° Turn-on Cooling Fans - NB181608-1HF-1) for remote access to an NVR with a few cameras.

Any thoughts and advice? Using the Novatel would save a few hundred per site. I have over 20 sites to do. The Novatel is not a perfect shape, but I think it will all fit in the NEMA box.

Thanks for your help!
Chris

 

[CoreyX64]

Has anyone used a Novatel T1114? It has the ethernet ports built-in, and you can get them for $50-$100. I was thinking on using this modem, along with a heated NEMA box (18x16x8 Inch 120 VAC Weatherproof Enclosure with Heater and 85° Turn-on Cooling Fans - NB181608-1HF-1) for remote access to an NVR with a few cameras.

Any thoughts and advice? Using the Novatel would save a few hundred per site. I have over 20 sites to do. The Novatel is not a perfect shape, but I think it will all fit in the NEMA box.

Thanks for your help!
Chris

The modem itself is going to be the least of your concerns. Verizon Wireless does not grant any customer public-facing WAN addresses direct to device when using LTE service - everything is NAT'd behind a firewall on the cellular network (beyond the reach of CPE devices such as your modem/cell device) and NAT'd again in the modem itself. When this steps down to 3G, that is not the case however. You can opt to pay $500 for a static, routable IP from Verizon per site, but I feel that would negate your savings argument.

 

[gmedia]

I think I can talk them into static IP's. Even if I had to pay a one-time fee of $500, I would still be ahead from buying all of the bridges or the Peepwave router I think. We're talking over 20 sites. I'm pretty sure the $500 is per account not per modem. I'll see if we can get it waved either way. After we get the static, then can we port forward as well?

Also, any first-hand knowledge (anyone) of the Novatel T1114 would be amazing!

Chris

 

[micoinde]

We build rugged remote camera (8-10 FPS) systems using the Sierra Wireless AirLink® GX450: LTE Wireless Gateway (provisioned for the Verizon network) used for video overwatch and ALPR, and as stated earlier, pricey and we PAY for it.

Good luck in your endeavor.

 

[CoreyX64]

I think I can talk them into static IP's. Even if I had to pay a one-time fee of $500, I would still be ahead from buying all of the bridges or the Peepwave router I think. We're talking over 20 sites. I'm pretty sure the $500 is per account not per modem. I'll see if we can get it waved either way. After we get the static, then can we port forward as well?

Also, any first-hand knowledge (anyone) of the Novatel T1114 would be amazing!

Chris

I have never had to issue statics over a wireless carrier, only wireline/fixed carriers (Spectrum/Comcast primarily), but since the point you’re requesting one is to be able to receive and process inbound traffic to an NVR, then yes you would be able to take care of the port forwarding once you’re reachable from the outside. I won’t discuss the security issues with port forwarding vs. using a more recommended VPN solution because that’s not the point of your inquiry, but do be aware open ports in general is like leaving a door cracked open in your house all year - anyone or anything can get in.

I’ve worked with Novatel devices a handful of times, and it was that specific one actually and a MiFi 5510L. It’s been a few years but with that being said, any Verizon issued device of router nature is going to work almost exactly the same. Regardless of manufacturer, the firmware is written to Verizon’s liking, not the manufacturer. This goes for any carrier typically. It should be fairly straightforward to setup port forwarding once you iron out the static issues. Don’t expect a DD-WRT, Cisco IOS, or pfSense level of routing/firewall abilities, but for basic networking it should suit your needs fine.


Sent from my iPhone using Tapatalk

 

[river100]

I thought I'd throw in my recent experience one this.
I needed to view a cheap DVR at a camp.
Bought a used Cradlepoint MBR1200B along with a Verizon USB dongle that uses a SIM card. Put an ASUS router behind it running Tomatousb VPN 64k as a client.
The VPN server is ASUS with same firmware. I've tested it in various locations with the DVR and a Dahua IP cam and it does well for the most part. The access to the DVR is port forwarded at the VPN server using the server LAN IP as the gateway for the DVR. I'm using TAP since the camp only has a few devices and I wanted to give them better access to the devices at home where the server is. Should have tried TUN but didn't have the time.

 

[gpower07]

I did a taco truck with wireless router from Verizon. they charge 500$ for switch to external IP for all line.(one time fee).

 

[CoreyX64]

I did a taco truck with wireless router from Verizon. they charge 500$ for switch to external IP for all line.(one time fee).

By all line I’m guessing you mean $500 per account, not per device/line of service? Also was this Verizon Business or personal?


Sent from my iPhone using Tapatalk

 

[gpower07]

By all line I’m guessing you mean $500 per account, not per device/line of service? Also was this Verizon Business or personal?


Sent from my iPhone using Tapatalk

you right...per account. personal switch to business with external IP.

 

[river100]

The setup I mentioned was a standard Verizon account. No Static IP.
The VPN is what enables the access to the DVR.

 

[Fastb]

The setup I mentioned was a standard Verizon account. No Static IP.
The VPN is what enables the access to the DVR.

Without a static ip, the cellular modem works for surfing out to the internet. But w/o a static ip, how can you surf in to cellular modem and NVR, with or without VPN?

For the static external ip address, Verizon wanted $500 to set me up. However, they would provide multiple IP addresses, so I could support multiple systems in many locations. I forget the per-ip charge, but it was reasonable. I'm positive it wouldn't have been $500 for every location where my business would have a cellular modem....

 

[CoreyX64]

Without a static ip, the cellular modem works for surfing out to the internet. But w/o a static ip, how can you surf in to cellular modem and NVR, with or without VPN?

For the static external ip address, Verizon wanted $500 to set me up. However, they would provide multiple IP addresses, so I could support multiple systems in many locations. I forget the per-ip charge, but it was reasonable. I'm positive it wouldn't have been $500 for every location where my business would have a cellular modem....

A VPN tunnels out, not in. Your external access is controlled beyond the Verizon network. Your remote NVR location merely becomes a client to the network outside of Verizon, and that network is where you have the freedom to port forward and such.

$500 is a per-account charge for statics on any data lines. As far as the limit on the number of statics, that I am unsure of.


Sent from my iPhone using Tapatalk