Using a Mobile 4G Router as a Modem with pfSense?
-
I will have to work for some time from a remote location without broadband access but with 4G mobile network connectivity in the area.
I am currently using a TP-Link mobile mini router with 1 ethernet port and 1 USB connector for a 4G LTE USB modem. This setup works ok with my laptop. However, the configuration options of this TP-Link router and the internal firewall is quite limited and it does not give you much visibility of what is happening in the network.
So I thought about connecting the TP-Link router with the 4G modem to a small pfSense box on the WAN port to get mobile Internet, give it a fixed IP and then let pfSense act as a DHCP server and main firewall. The pfSense box would then be connected on the LAN port to a small switch to connect the laptop, while the TP-Link mobile router just acts as a modem.
Would that be a valid approach?
I appreciate your feedback.
-
@telmap85 Absolutely. I do this quite often. See if the modem can be put in bridge mode if you can. If not just verify that the LAN of the modem is a different subnet than the pfSense router LAN.
-
@chpalmer The portable TP-Link 4G router seems to have 3 modes of operation:
- 3G/4G Router
- WISP Client Router
- Access Point (AP or Repeater/Bridge)
Now the problem with the bridge mode as an access point is that it only seems to allow to extend an existing wireless network (wifi) and then connect a wired-only device to the internet. But I actually need the 4G connection from the modem, which does not appear to allow a bridge mode.
So I guess I need to operate the TP-Link router in the "3G/4G Router" mode but with DHCP disabled on a different subnet than the pfSense box and with a fixed IP assigned by pfSense?
-
@telmap85 It wouldn't be a WIFI option.. You simply want to take the router function out of the modem.. if it is an option on that model.. otherwise it will still work but you would be double NAT..
https://labjack.com/support/suggested-travel-routerswifi-bridges
-
@chpalmer it's this model:
https://www.tp-link.com/uk/support/download/tl-mr3020/
If there is no bridge mode, what are the performance and security disadvantages of a double NAT setup?
-
Minimal. Somethings don't work well (or at all) behind double NAT. Mostly things that require NAT workarounds like UPnP.
Has no impact on security (arguably improves it!) and performance impact is usually minimal as long as the upstream router does not restrict the throughput. Some SOHO routers have very limit state tables for example.Steve