For remote access, Teleport for IOT supports a similar use case using SSH, where an agent can be run on an embedded device, optionally or always enabled that phones home, and allows SSH connections to be reverse tunneled back to the device behind a firewall.
https://gravitational.com/blog/iot_security_teleport/
Disclaimer: I work for gravitational but not on teleport.
Disclaimer: I work for gravitational but not on teleport.