Second auth layer for HTTP control panel with IoT concept in IoT Engineering Posted June 24, 2017 · Report reply You could run a VPN server on an embedded PC, such as a Raspberry Pi or Beaglebone Black or a small x86 PC running linux or windows. If you have a firewall/router then a single Ethernet port is all the Rpi/BBB needs. Forward the appropriate port for the VPN you select (e.g. 1194 for OpenVPN) to the Rpi/BBB, and it will then send back local LAN traffic to your modulator. If you don't have a router, you could add a USB Ethernet port or USB 3G dongle, and use the Rpi/BBB as the firewall too. I think this is a bit riskier since there is a single point of failure for a config muckup. I run option 1, where my firewall does the bulk of the internet filtering and only forwards the selected VPN ports to the Rpi/BBB. The only service running on the Rpi/BBB is the VPN server. I use SoftEther, as it is really good and yet free + source code is available: www.softether.org. The config is straightforward once you have the software setup on the server (it has binaries for x86, MIPS, PowerPC and ARM). Management is done with a command line or a nice Windows GUI (which runs fine on Linux with WINE) or MacOS GUI. I connect with the built in VPN clients on Windows 10 and Android, but there is a dedicated client available for Windows, Mac and Linux. The Netgate (thanks Heath) looks like a very nice turnkey product, and might be a better way to go if you don't want to play on the command line. Less chance of a catastrophic config error letting everything in too. If you have a spare Rpi or BBB lying around though, it won't cost you anything to have a go.