SITUATION
I have a TP-LINK TL-MR6400 router, connected to internet by means of an LTE sim.
This is a very rough network diagram of my current situation.
My IoT services sit behind the TL-MR6400.
Unfortunately my mobile provider is NATting my external dynamic IP address from my router and therefore I can't expose nor my MQTT server, neither my cams, while of course, surfing the web from a PC is not a problem.
I found somewhere that this situation can be overcome by creating a VPN tunnel with a fixed IP address server. Therefore I created a micro instance with Google Cloud Platform (GCP) with a static IP address.
In my mind the VPN client should call the GCP VPN server and create the tunnel. At this point the server firewall rules should forward the MQTT and webcam addresses and ports to my static IP address on different ports, in order to control my MQTT topics with a dedicated app or access the remote server via ssh.
PROBLEM
Unfortunately this router's firmware does not support IPSEC L2TP
ADDITIONAL NOTE
A cloud MQTT service is not an option as it needs to be always on, independently from the availability of the internet. The business logic is hosted on the same RPi as the MQTT and it's dialoguing constantly with sensors and actuators on the local network.
If internet is down, I can't control from remote but fallback procedures would still work locally.
Maybe you can recommend:
- a different 4G LTE router
- a different protocol to install on my GCP server supported by the MR6400
- a different firmware like OPENWRT on the TL-MR6400