Menu
What's new

Recommendation for a cheapish 4g modem router with inbuilt VPN.

F

Fred2016

n3wb
Joined
Jul 23, 2023
Messages
4
Reaction score
6
Location
NZ
Hi, Im after a recommendation for a cheapish 4g modem router with inbuilt VPN. I need to setup a system at a property with no fixed line internet and i obviously need remote access. Is this the best way of doing this or if there is a better/easier way then what else would
you recommend?
 
C

camdensnyder

Pulling my weight
Joined
Apr 22, 2023
Messages
105
Reaction score
118
Location
Kansas
I have found that Asus routers are the easiest to setup a VPN on utilizing Open VPN. It is super simple and works as it should!
 
E

elvisimprsntr

Pulling my weight
Joined
Dec 26, 2022
Messages
84
Reaction score
161
Location
Florida
@Fred2016

Whatever LTE modem/provider you use, you will likely need a VPN that will traverse Carrier Grade Network Address Translation (CGNAT) for remote access. LTE providers do not normally provide a public IP address.

Tailscale MESH VPN is far far the easiest solution to traverse CGNAT. Tailscale has a free tier with up to 3 users and 100 nodes, uses any number of existing identity managers, and has clients for every distribution on the planet. Tailscale · Best VPN Service for Secure Networks

You can run Tailscale one of two ways:

1. Run a Tailscale client on a computer that runs 24/7/365 at the remote site and advertise sub-net routes. This can include an AppleTV 4K running at least tvOS 17.3
2. Run Tailscale on a supported firewall distribution. Using Tailscale with your firewall

My personal preference is open source enterprise class firewall software pfSense. pfSense® - World's Most Trusted Open Source Firewall
I have two sites, both running pfSense and Tailscale, both on low power fanless Mini PCs running 24/7/365. I can access any device (even embedded devices) on either site remotely without running a separate Tailscale client. Great for remote access and off-site backups. Works automagically!.

www.netgate.com

Tailscale on pfSense Software!

In this video, we introduce Tailscale running on pfSense and demonstrate a common site-to-site deployment scenario.
www.netgate.com www.netgate.com

LTE Modems:

Obviously, you will need to find a solution that is compatible with your providers LTE bands.

1. Netgear makes an external LTE modem. Cellular Modems: 4G LTE | NETGEAR
2. Or purchase a firewall appliance that includes the option to add a LTE modem. Protectli: Trusted Firewall Appliances with Firmware Protection
 
Last edited:
T

The Automation Guy

Known around here
Joined
Feb 7, 2019
Messages
1,415
Reaction score
2,815
Location
USA
There are really two ways to accomplish this IMHO:
1) Use a 4g/5g cellular modem and then use it as your internet provider connected to "regular" networking equipment. This isn't an "all in one" solution, but it provides a lot of flexibility to the system. You can definitely get cellular modems with ethernet connections (although there are also a lot that are WiFi based) to attach your other networking equipment to. Ultimately this works exactly the same as using a cable modem, etc except you are using a cellular modem instead of another type of modem/internet connection.

2) Get an "all in one" solution that includes a cellular modem and a firewall/router all built into one. However I am not sure "cheap" is a description I would give these devices.

While I use an pfSense/OPNsense firewall device for my home network, I have also used networking devices from GL.iNet and would second the recommendation to look at those devices if you want something inexpensive that works well.
 
F

Fred2016

n3wb
Joined
Jul 23, 2023
Messages
4
Reaction score
6
Location
NZ
elvisimprsntr said:
@Fred2016

Whatever LTE modem/provider you use, you will likely need a VPN that will traverse Carrier Grade Network Address Translation (CGNAT) for remote access. LTE providers do not normally provide a public IP address.

Tailscale MESH VPN is far far the easiest solution to traverse CGNAT. Tailscale has a free tier with up to 3 users and 100 nodes, uses any number of existing identity managers, and has clients for every distribution on the planet. Tailscale · Best VPN Service for Secure Networks

You can run Tailscale one of two ways:

1. Run a Tailscale client on a computer that runs 24/7/365 at the remote site and advertise sub-net routes. This can include an AppleTV 4K running at least tvOS 17.3
2. Run Tailscale on a supported firewall distribution. Using Tailscale with your firewall

My personal preference is open source enterprise class firewall software pfSense. pfSense® - World's Most Trusted Open Source Firewall
I have two sites, both running pfSense and Tailscale, both on low power fanless Mini PCs running 24/7/365. I can access any device (even embedded devices) on either site remotely without running a separate Tailscale client. Great for remote access and off-site backups. Works automagically!.

www.netgate.com

Tailscale on pfSense Software!

In this video, we introduce Tailscale running on pfSense and demonstrate a common site-to-site deployment scenario.
www.netgate.com www.netgate.com

LTE Modems:

Obviously, you will need to find a solution that is compatible with your providers LTE bands.

1. Netgear makes an external LTE modem. Cellular Modems: 4G LTE | NETGEAR
2. Or purchase a firewall appliance that includes the option to add a LTE modem. Protectli: Trusted Firewall Appliances with Firmware Protection
Click to expand...
Thanks very much for your detailed reply. I think your tailscale suggestion is the way forward. I'm learning all about it at the moment and will give it a go. I have a computer setup with BI ready to go. I just need to get the remote access working and I'm happy. Such a massive learning curve for someone with no I.T. background. Cheers
 
You must log in or register to reply here.
Top