Looking for ideas to give me remote access for this long distance wireless project

[YeOldeStonecat]

Just hoping someone will think outside the box and pitch in a fresh idea....I'm struggling with coming up with conventional methods to remotely manage this.

Some of you probably remember a post I made not long ago about a long distance wireless project. A school out on an island needs faster internet than the current phone company on the island can give them via the DSL which is beamed out to the island via a little local cable ISP on the mainland..that little 44 meg Motorola Canopy pipe is spread across the whole island via DSL.

So the school said they have a grant for $XX,XXX.XX if they can get at least a hundred meg internet connection. So I came up with a plan to snag a Comcast 150 meg biz account...and beam it over there using Ubiquiti hardware.

I'm set on using Ubiquiti AirFiber 5 units. Will support over a gigabit ultra low latency for over 100km. I only have to push 150 megs (now..will upgrade to 300 megs by next spring) about 8 miles.

The school already has a 30' tower on the roof.
I figured I'd find a spot on mainland. I know the current small ISP uses a tower from a local town police department which is up on a hill. So I reached out through some people and lined up a meeting with the guy that heads up the towns emergency communications system..he manages the tower. Below are pics. So I'm going to lease a space on the tower and the police departments little data center...have Comcast run in a 150 meg pipe, install a COM rack...and get those two AirFiber 5 units connected and give the school some nice bandwidth.

My question that I'm wanting ideas on. The Comcast connection will be their usual modem/gateway..the SMC/Netgear unit that is a combo modem/router, that I usually flip the public IP passthrough mode on. I'll get a full static block.

So the AirFiber units are controlled by the AirOS which is embedded in the firmware, accessible via browser on an IP interface (much like a typical broadband router). So I have to admin them from a local presence. You can hit them via the private IP on the NIC...or they have a second ethernet interface for out of bandwidth management. Which is what is recommended to be used.

So I think what I'll do...for the police station...is have a little mini desktop I remote into, behind the Comcast gateway..sitting on that 10.1.10.xxx address..and I'll have the out of bandwidth management port of the transmitter AirFiber unit plugged into that also..so it gets a 10.1.10.xxx address. I just need to find a little stable small PC to remote into....something that can run for months on end without issues. Makes me think not a Windows rig...but ideally would like something I can remote into from N-Able. I can at least setup alerts and I guess I'll just set a maintenance window to reboot it monthly.

I also plan on having a WattBox there....(a managed surge strip that I can remote into ..has an ethernet interface) and power cycle things plugged into it).

Now for the other end...the school, I'll have it's recieving AirFiber 5 up on the roof...and it will plug into one of the WAN ports of the NG-100 Untangle appliance I have out there, as a secondary connection. Passing the public Comcast IP to it. This part stumps me more...how can I have an interface along the way there? Need to connect something to that out of bandwidth port of the AirFiber....to connect to some device which I can connect to from the internet if the AirFiber link is down.

I will probably have the school keep their DSL connection...so if for some reason Comcast is down, and/or the AirFiber link is down...something over there can still be connected to the internet through the islands DSL connection. Maybe I can get a little mini PC over there similar to the one on the mainland...and plug it..and the out of bandwidth port on the AirFiber...to a 3rd or 4th interface on Untangle and bridge them. Or I can VPN in from Untangle via the DSL backup and get in. Hmmmm...anyways..below are pics of the tower and little server room at the police station.

 

[YeOldeStonecat]

 

[BlackLabTechs]

Sounds like a nice project! Have you tried out the Ubiquiti mFi Power Strips? Used a couple and seem pretty slick. Set server/workstation to power on after power failure and just turn the outlet off / on. Should be able to set the mFi management in the cloud just as the UniFi setup.

Maybe someone local around there would let you beam a connection off their dsl to be used only when AirFiber link is down and not cost the school for dsl for the whole year.

 

[YeOldeStonecat]

AirFiber
https://ubcdn.co/media/images/productgroup/airfiber-5/airFiber_5_small@2x.png

https://community.ubnt.com/t5/image/serverpage/image-id/23252i94FA1244D0EC86B3?v=mpbl-1

 

[YeOldeStonecat]

Have you tried out the Ubiquiti mFi Power Strips? Used a couple and seem pretty slick. Set server/workstation to power on after power failure and just turn the outlet off / on. Should be able to set the mFi management in the cloud just as the UniFi setup..

Ya know...I've seen the mFi on their site...peeked at it...but haven't really studied them yet....perhaps I should order some to play with. From your brief description they sound similar to a WattBox or some of APCs remote power management products.

For the COM rack I plan on having an APC SUA1500...and a shelf or two.

 

[phaZed]

Check out the Intel NUC for your little machine in-between.

 

[BlackLabTechs]

From your brief description they sound similar to a WattBox or some of APCs remote power management products.

Haven't used either of those but I can tell you I've used the 1,3 and 8 port mFi's for over 1 year now and not a problem with any of them. Using them in conjunction with the other mFi products (temp sensor, etc.) to monitor server room. The rules you can setup are almost endless. Turn on outlet when temp reaches set degrees, email on motion, etc...... The mPower's also monitor wattage/voltage.

Just the fact I can hard power cycle equipment from far away was my initial purchase reason. The rest is just bonus!

 

[YeOldeStonecat]

Thanks BLT....I think I'll order an mPowerPro to dork around with.

 

[BlackLabTechs]

I should mention that the 1 and 3 outlet models require wireless to control. I believe the 8 port can be hard wired (ethernet) for control / management. Might want to double check before ordering (I don't have it right in front of me.) I'm thinking you would want a hard wired model in the above scenario.....

 

[YeOldeStonecat]

You are correct..I saw those differences...and I'd want hard wired for maximum uptime for a remote location. I would be given keycode for access to the police departments little data center for 24x7 access...but I'd rather not, it's over a half hour drive from my house. To have reliable remote access would be more desired.

 

[Markverhyden]

Been a long day so I'll try to toss in some food for thought and, hopefully, not muddy the waters.

The access limits I see are on the island side. Do you want to keep the DSL alive at the school just for access? Or to provide a limited backbone functionality as well in the event of a primary ISP failure?

Do you have any data on 2G/3G/4G/LTE signal strength on the island? I've done plenty of installs where those devices are the backup circuit. Customers have even complained that the primary circuit is slower than the backup.

On a remote access machine. @phaZed hit it on the head. There are plenty of devices that can be solid state. Jetway makes them as well.

 

[YeOldeStonecat]

Agreed Mark....access limits basically on the island side. It's a 1x hour ferry boat ride over there to Fishers Island....which is technically part of New York....even though it's right up snug along the Connecticut coast.

Cell signal is "OK" where the school is located...even though it's not very strong, and it's spotty in various other locations on the island..but the poor areas are more towards the eastern end. I like the idea of mixing up ISP technology for "dual WAN"...especially from different ISPs. Increases chance of the failover connection being up, if the primary is down. However....the islands DSL still gets shot over air and suffers with really foul weather.

On the school end...if the DSL is still up, I can get to their Untangle box. Perhaps I don't need a little computer on that side....as I can VPN to Untangle through the DSL...and from there fire up a browser and hit the AirFiber and mFi or WattBox. But having some 4G appliance to hit....as a backup method to tunnel in....I'm curious about that, and what options there are out there. Adds another monthly cost though.

I like the idea of those little Intel NUCs...looks similar to the little computer chassis that Datto uses for their Alto backup devices (not the same brand..I forget who OEMs those for Datto). Suppose a little Win7 install on those would be OK...I'd just have a N-Able agent on it and schedule a reboot once a month to ensure she's fresh and responsive for me to remote into. All I need is a browser and to be able to edit network settings.

 

[altrenda]

I've used the little HP Tupperware computers, nice cheap computers. $180 with keyboard and mouse.

I just saw these made by Elite, the motherboard maker that are even less expensive, that look interesting for something like this. Anandtech review here.

Of course MS is coming out with Windows 10 for Raspberry PI, which would make a cheap, low power monitoring computer.

 

[TAPtech]

Intel NUC, as mentioned, is a nice little box. However, for something dead reliable I would want some sort of hardware network device with VPN.

 

[Knightsman]

You can use a cradle point to pull the 4G signal in through ha cat5 cable, The TZ series sonicwalls have a modem port as well for failover. The Cradle points work perfectly, have installed a few of these at restaurants.

 

[frostbyte5014]

There are so many options for the small pc but I also feel the NUC would be the most reliable choice. Their performance also beat out any other choice in a small form factor. I would set it up to reboot each night to keep it from getting bogged down. I am curious to see which direction you go on the remote managed power strips. I am interested in some for one of my projects. I also look forward to seeing your results with the wireless project. Best of luck!

 

[cstech]

I will admit I haven't read everything in the post. I did see mention the WattBox and wanted to throw a huge endorsement for this product. I primarly install networking equipment, AV equipment and IP camera systems now with my current job and I typically try and install one of these as the main power strip for the equipment. The web interface for it enabling me to remotely turn on and off devices as well as the automatic reset if it cannot reach a set address by ping is awesome for those "my internet is not working.... Have you tried turning it off and back on?" issues.

As for the small box I also like the NUC or something similar. Too bad there isn't a reliable way to remote into a chromebox. Another idea would be setting up an untangle server with the openVPN setup and just use a VPN tunnel into the network.

 

[TAPtech]

StoneCat,

I think you're using N-Able- I don't use them but I'm pretty sure they have native support for Intel AMT. I would suggest your little box has Intel AMT so that you get those shutdown/restart options without needing an OS based software, in case things get borked. There are NUC's with i5 cpu's available that have Intel AMT.

 

[YeOldeStonecat]

After a long stint...where I thought the project died...it's back!
Doing paperwork for USAC site now.