Network related for an ambulance but don't know where else to ask

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.
V

voxadam

Member
Apr 21, 2016
107
14
18
Portland, Oregon
There might be another way to solve your part-time multiple connection issue, Multipath TCP (MPTCP). It's a fairly young and admittedly experimental extension to TCP but from what I've been reading it's worked pretty well in a number of places, not the least of which is iOS where its used to transparently switch between two notoriously flaky network connections (cellular and wifi) without the user intervening or even noticing.

I'm not at all familiar with MPTCP on Windows so if it were me I'd probably start with an AP running OpenWRT or maybe a MikroTik board in the ambulance. Then setup two vtun (or similar) tunnels on that router, one over the cellular connection, and one over the intermittent wifi link. Then using ConnMan, NetworkManager, netcfg, or what have you to route traffic between the ambulance's mobile AP/router and the station's secure over the wifi connection whenever available thus avoiding unnecessary cellular traffic.

It's late here so I'll leave you with a small pile of quasi-related links to go with the above half-baked idea.

MultiPath TCP - Linux Kernel implementation : Main - Home Page browse
Multipath TCP lets Siri seamlessly switch between Wi-Fi and 3G/LTE
draft-wei-mptcp-proxy-mechanism-02 - MPTCP proxy mechanisms
MultiPath TCP - Linux Kernel implementation : Users - Configure Routing browse
GitHub - ovh/overthebox: OverTheBox
VTun - Features
2 Cable modems = Double Internet Speed? Well… not really… Part 1
MPTCP, SSH, Squid, OpenVPN (and 2 Cable modems) = Double Speed? Not quite… Part 2
 
M

MikhailCompo

Member
Feb 14, 2017
41
0
6
44
Hi

Sorry if this has been mentioned before, but I've been involved with the setup of two systems one for a very secure defence network, and another for a public services solution (child protection level secure). Both could use any WiFi it could see, and the software to create the VPN tunnel using certificates to authenticate.

The benefit of this system in terms of infra., is that any internet connection works - cellular (you mean mobile dont you :p ) WiFi at home or work or using a cable, and the software will dynamically tunnel when required, or use the corporate network when connecting to your infra that sits behind the firewall (depending on the gateway it can/cannot see).

The software we used was Checkpoint + Cisco for one and F5 BigIP and McAfee for the other [Slightly off on a tangent; the McAfee part was purely so that it would switch between using a use a web-hosted proxy/web filter and the corporate proxy firewall to prevent employees accessing porn etc., as we had a legal responsibility for that. This is necessary, when someone connects to public WiFi (Starbucks etc.) and needs to login to access the internet. If you are pointed at your corporate proxy, your browser cant access the login page, so for that stage, you need no proxy but then you have unfiltered internet access, so instead you are pointed at the McAfee hosted web proxy which can handle these login pages and when the corporate network is available, via the VPN tunnel, all the network traffic including web, goes through that.

Also, Windows 10 has a number of VPN clients built in now, F5 was onboard with MS very early on, and has been included since Windows 8 I believe, so that was a pretty slick solution.

Message me if you need more info.
 
S

seang86s

Member
Feb 19, 2013
164
16
18
Pr3dict said:
We are using a sonicwall vpn appliance at this time. I'm not against using something else as long as it doesnt break the bank. So far it seems that junos makes the best solution but thats a pretty penny.
Click to expand...
I'm a little late to this thread but FWIW, I use a Sonicwall 2400 NSA at home and a Sonicwall TZ 190 equipped with a cellular card in my Subaru Outback. When I start the car, the 190 powers up and creates a site to site VPN tunnel to my home. Although I rarely use the VPN tunnel, it does work reliably (but slowly) as long as the signal is sufficient. My family mostly uses the Sonicwall for internet access on road trips.

My setup is only 3G capable (and almost 6 years old now). I used old hardware that wouldn't cost me anything, including the 3G service so you can definitely do something better performance-wise with modern hardware.
 
You must log in or register to reply here.
Top Bottom