Vehicle-Remote access to devices on the LAN with same subnet

We have multiple vehicles that are streaming camera footage and metadata (realtime) over a speedfusion link back to a single fusionhub. Currently the vehicles have onboard Pepwave MAX MBX, each running unique subnets connected to several sensors and cameras (on board) with static private IPs. Operationally this creates headaches for swapping equipment between different vehicle assets as it means longer configuration time frames, changing subnets IP’s etc.

The customer also requires remote access to device GUIs on the LAN which they currently do via port forwarding

Our aim is to reduce the downtime required for reconfiguring equipment and ideally run the same subnet on each router with same IPs for equipment on the LAN (across all vehicles) as well as come up with a more secure way of remotely accessing devices on the LANS.

We have looked at VRF but there doesnt appear to be a straightforward mechanism for remotely accessing devices when using it. We also cant run multiple fusion hub instances because that would bring us back to the configuration time issue

Just wondering if anyone has any suggestions?
We have even thought about using something like team viewer on a rasberry Pi. If anyone has tried this please let us know too.

I would use a Layer2 tunnel in this case. Then all router in your vehicles can have the same Subnet(s).

If you are not sure what to do in detail, You should contact your certified Peplink Partner of your trust.
Where are you located?


1 Like

Although there are ways to do some of what you’re asking, the brutal truth is that the whole solution architecture needs a rethink.

It sounds like what you have there is a clever end product, written by clever application developers who don’t know enough about scaling networks. What you need is an autonomous networking specialist… (cough cough)

Same subnet ranges on all the remote vehicles is fine. Use Virtual Network Mapping to assign a unique virtual network range to each MBX, then let the MBX translate that virtual range (accessible over SpeedFusion) to the local subnet which is the same on each vehicle. The virtual mapping willl follow the MBX configuration, all other equipment can be addressed the same and be swapped between vehicles.

From a security standpoint there are a bunch of different ways, but my favourite is to run a next gen firewall appliance alongside the FusionHub and use that for user VPN / network security. Again though this takes a moment of thinking to make sure you get the best results.

More than happy to have a chat about the options. Send me a message.


I will send you a message. Thanks Martin

1 Like