I would like to ask you for your help
I need to connect company LAN to several remote sites, as I tried to show in the picture. Every remote site contains one industrial unit, controlled via its own web server/interface. To access it by default, PC user logs on locally using web browser, initial page starts plugin which has to be pre-installed on the PC (so it’s not only http traffic, several TCP/UDP ports are involved). Unit IP address is configurable, but only in the private, 192.168.120.0/21 range (default 192.168.123.10).
“Need to connect” I mentioned before specifically means: in order to remotely monitor/control remote units, users need to access their web interface from company LAN.
Internet connection for remote sites is provided via GSM network, using industrial grade high speed, Linux based, GSM routers (not Mikrotik). GSM ISP provides dynamic, private IP addresses only (10.38.0.0/16 range). It seems to me that some kind of VPN tunnel from each GSM router to HQ would be the way to go. These routers have GRE, IPSec, OpenVPN, PPTP and L2TP sections in their VPN options.
I was wondering if anyone here perhaps has situation like this already in operation? And how was it configured?
If not, what would be the best (or easiest) way to implement something like this.