This project is for monitoring waste water’s pollution management system.
OpenControl designed the architecture without wired cable inside fields, data center, and monitoring devices.
Because every area is not able to connect wired LAN, this step is first our province, but sooner my user is going to expend other provinces.
Attached LTE device supported fixed IP address in Ignition PC and PLC, then users can access the monitoring system.
Here is the simple configuration 
I would work on adding MQTT to this architecture. You most likely want subscribe/publish for each of your remote sites. I do not see encryption/firewalls to isolate this equipment from the internet. I realize this a simple diagram, but the architecture looks maybe oversimplified. MQTT can provide an encrypted payload and prevent you from exposing your PLC to the internet.
https://www.hivemq.com/blog/mqtt-security-fundamentals-payload-encryption/
I am not saying that you did not include it, but the architecture diagram screams insecurity. i would hate to place my PLC on the internet without it sitting behind a firewall. PLC’s have a bad rep as far as security.
Thank you for your advice.
Yes, the PLC is not secured inside Internet, because it links Modbus TCP.
I’ll have to second thought when it expands more Site.