4G on Pfsense - Will it ever work at the right speed?
-
Hi all,
I have been trying to get a 4G solution for my Pfsense boxes but with no success. Having looked on the forum it seems that there are ways to "workaround" getting 4G modems to even register on Pfsense as useable interfaces, however, these largely seem to be by making them recognized as 3G modems.
So my question is, does Pfsense allow 4G modems to work at their intended speed at all?
I (having consulted the known working 3g/4g modems page https://doc.pfsense.org/index.php/Known_Working_3G-4G_Modems) procured a Huawei E392 to test. And it does in fact detect it as a storage device, but the topics I have found on this forum seem to suggest the only way to get it to work is to usb_modeswitch function it and it will then be detected as a 3g modem. Which, kind of defeats the object of trying to get 4g to work to take over from my current 3g firewalls.
Are there other 4g dongle/modems that will in fact be detected without any scripting and at the advertised speed (if so could you please let me know which make/model)? Or am I really just hoping for too much here?
-
Get a device that shows up as a USB NIC. That's what I use on mine for remote offices.
-
Jason, Would you care to elaborate on your setup. I have a couple of internal Novatel and Huewei 4G modems that show up as USB ethernet devices(ue0) but i couldn't figure out where to set the APN for 3/4G. Are you speaking of USB tethered mifi type devices like Verizon Jetpack? Or thumbstick style usb modems? Any info is appreciated. Where do you enter APN and are you using PPPoe or PPP or what? I am guessing DHCP client on the interface and your device handles the connection?
Thanks for helping.
For reference i am using Sierra MC7700 on ATT and see around 4 Megabytes/sec with pfSense and Sierra Watcher.
Much quicker than the Sierra MC8775 and MC8790 i had working previously. -
Thanks Jason. But could you elaborate on what devices you use?
We use Ipsec tunnels to make connection back to our HQ. So we would usually for a 3g, plug in the dongle/modem, create a PPP interface and set that on the WAN. Which then combined with our IPSEC tunnels would connect back our HQ with no issues.
So if you could give me some more info on your setup that would be greatly appreciated as I can then try work that into the way we do it for 3g to hopefully get something going.
-
I'm using USB-tethered Verizon Jetpack 4620LEs. You don't need to type in an APN because the MiFi takes care of everything.
-
Ahh. Do you even use tunnels on your setup? If so does your Jetpack allow you to configure any kind of VPN tunnel? Or do you get your pfsense to make the connection?
-
Ahh. Do you even use tunnels on your setup? If so does your Jetpack allow you to configure any kind of VPN tunnel? Or do you get your pfsense to make the connection?
The pfSense boxes are connecting back to the main office using IPSec.
-
Where did you see that the modeswitch will make it detected as 3G only? I'm guessing that was someone using 3G/4G/LTE interchangeably, as in "it's no longer coming up as a storage device, it's now a modem."
I've never had a card that required a modeswitch so not sure. The Verizon UML290 I have works at LTE speeds the same as when plugged directly into a Mac or Windows machine.
-
I got around this problem by using a mr3020 with openwrt and bridging it to the wan nic of pfsense.
-
@cmb:
Where did you see that the modeswitch will make it detected as 3G only? I'm guessing that was someone using 3G/4G/LTE interchangeably, as in "it's no longer coming up as a storage device, it's now a modem."
I've never had a card that required a modeswitch so not sure. The Verizon UML290 I have works at LTE speeds the same as when plugged directly into a Mac or Windows machine.
Just going from these other topics on this forum.
https://forum.pfsense.org/index.php?topic=49549.msg263609#msg263609https://forum.pfsense.org/index.php?topic=78304.msg427065#msg427065
-
Ahh. Do you even use tunnels on your setup? If so does your Jetpack allow you to configure any kind of VPN tunnel? Or do you get your pfsense to make the connection?
The pfSense boxes are connecting back to the main office using IPSec.
May I ask what sorts of speeds you are able to achieve with that method?
-
Ahh. Do you even use tunnels on your setup? If so does your Jetpack allow you to configure any kind of VPN tunnel? Or do you get your pfsense to make the connection?
The pfSense boxes are connecting back to the main office using IPSec.
May I ask what sorts of speeds you are able to achieve with that method?
About 6-8Mbit/s down and 2-3Mbit/s up, but that has more to do with the locations all have the MiFi indoors in metal warehouses or on the first floor in the middle of a multi-floor office building. If you take them outside you get 30-40Mbit/s down and 10-15 Mbit/s up.
-
About 6-8Mbit/s down and 2-3Mbit/s up, but that has more to do with the locations all have the MiFi indoors in metal warehouses or on the first floor in the middle of a multi-floor office building. If you take them outside you get 30-40Mbit/s down and 10-15 Mbit/s up.
That sounds pretty good. What variable do you use for the local identifier? I have tried with an User distinguished name but it never seems to work.
Also, what are you connecting back at your main office? Is it pfsense to pfsense? Or pfsense to something else?
-
About 6-8Mbit/s down and 2-3Mbit/s up, but that has more to do with the locations all have the MiFi indoors in metal warehouses or on the first floor in the middle of a multi-floor office building. If you take them outside you get 30-40Mbit/s down and 10-15 Mbit/s up.
That sounds pretty good. What variable do you use for the local identifier? I have tried with an User distinguished name but it never seems to work.
Also, what are you connecting back at your main office? Is it pfsense to pfsense? Or pfsense to something else?
IP Address on both ends + PSK.
-
About 6-8Mbit/s down and 2-3Mbit/s up, but that has more to do with the locations all have the MiFi indoors in metal warehouses or on the first floor in the middle of a multi-floor office building. If you take them outside you get 30-40Mbit/s down and 10-15 Mbit/s up.
That sounds pretty good. What variable do you use for the local identifier? I have tried with an User distinguished name but it never seems to work.
Also, what are you connecting back at your main office? Is it pfsense to pfsense? Or pfsense to something else?
IP Address on both ends + PSK.
You have a fixed IP on 4G?
-
No, it doesn't need to be.