VPN between GL-iNet router and Cloud VM PC

I have about 100 sites that have a uniform WiFi setup. I need to control specific devices with static private ethernet addresses at these remote sites. Some devices have web interface portals, some are controlled with proprietary ethernet based client software through a defined TCP port.

To support these devices, I’d like to send preconfigured routers.

Most of the remote sites have DSL without static public IP addresses.

To support them, I will create a Windows 10 VM in the Cloud (the proprietary software is Win based)

How do I best set this up?

The target systems will be disconnected from their LAN and connected to the router only for the period of support.

as stated before - the remote sites have no static public IP - the least amount of configuration of their router/gateways is preferable

WiFi is the preferred connection to internet – LTE is an option

do we use ddns, open VPN, wire guard , Good cloud, what else?

currently I am working with a mt300N-v2 “mango”, but I’m glad to upgrade to a more capable router.

I think I’d like to do this with a VPN router - I could do this with an embedded Win PC running a remote client if that is a better solution.

Can’t wait to learn from you.


Wireguard and OPENVPN are available for your needs, or you can use our site2site directly

Don’t these solutions require a public IP address on the router? The VM Windows will have a public IP. The router though will be only a temporary member of the WiFi LAN and its gateway will be getting a temporary public address via DHCP -

And will Good Cloud work for a VM client in the cloud? As I understand site-to-site it requires two routers. I want the Windows VPN client in the Amazon cloud.

If you don’t have public IP, you can set up a port forwarding on your ISP router

Oh, I understand that - trouble is the configuration at these sites is subject to change & I don’t have direct access to their routers & firewalls. No trouble opening ports, but assigning a static wireless address, port forwarding to it, etc would not thrill their IT department x 100 sites.

My other option is to set up a small PC (Raspberry or other) running Windows and a remote software - VNC or Teamviewer or other. I prefer the thought of using routers, I’ve had uneven experiences with DDNS. The autodiscovery of these routers behind firewalls gave me hope, but won’t work for me because I need to have the other end of the VPN in a software client.

If we think this is just too difficult to set up, I can accept that, Technically it should be feasible.