I could not find a good tutorial on how iPhone tether via usb so here is my attempt at one. I have tested this with 2.3.2-RELEASE-p1 and an iPhone 6 and iPad 3 gen.
The first step is to load the iPhone ethernet driver into pfsenese. The driver first appeared freebsd 8.2 so I'm not sure why pfsense devs remove it. If you are comfortable you can compile your own drivers. You will need to add the following to your kernel configuration file:
Another way to get the driver is to download the version of freebsd that your pfsense is running. In the case of 2.3.2-RELEASE-p1, freebsd 10.3. You do not need to to install freebsd just need to open the iso and extract the driver. The file you need is under /boot/kernel/ and is name if_ipheth.ko. I have also attached the driver for freebsd 10.3.
Now you have the driver the next step is to load it in pfsense. You need place the driver under /boot/kernel/ with file permissions of 0555 and run "kldload if_ipheth". If the driver loads correctly it should exit without a message.
Now plug in your device with personal hotspot enable in the settings menu. If the drivers are loaded correctly your deivce should ask you to "trust this computer" and you need to for this to work. Now we need to check if pfsense created the interface so run "dmesg" and in the output you should see something like
ugen5.2: <apple inc.="">at usbus5
ipheth0: <apple 0="" 2="" inc.="" iphone,="" class="" 0,="" rev="" 2.00="" 7.02,="" addr="">on usbus5
ue0: <usb ethernet="">on ipheth0
ue0: Ethernet address: 7a:XX:XX:XX:XX:XX
if you only see something similar to
ugen5.2: <apple inc.="">at usbus5
that means some devices may need to be manually configured to use an alternative configuration with the usbconfigutility. A command similar to "usbconfig -d X.Y set_config 3" where X is 5 and Y is 2 in "ugen5.2: <apple inc.="">at usbus5" may be required if the device is not recognised automatically by ipheth after it is connected. So in my case I would run "usbconfig -d 5.2 set_config 3". After running "dmesg" you should now see ipheth created the interface ue0 for you. If you needed to modify usbconfig you will need to turn off the personal hotspot and turn it back on with the device still connected for the hotspot to work.
Now that ipheth has created the interface and iphone or ipad has the blue tether notification we need to assign the interface to an interface in pfsense UI. Under Interfaces>Assign add ue0 and save. Then under Interfaces>(New interface you create) set IPv4 to DCHP and save it. You should now valid tether from your iPhone to pfsense.
The last step is for you to make sure ipheth loads on restart so you need to add if_ipheth_load="YES" to loader.conf under /boot/defaults/ . If you needed to run "usbconfig -d X.Y set_config 3" you will need to run this on load as well. Follow the steps here https://doc.pfsense.org/index.php/Executing_commands_at_boot_time to do so.
Restarting pfsense without tether enabled and connected causes all interfaces to be reset. This seems to be an issue with pfsense. There might be a work around to disable the interface if the iPhone is not connected on boot with a script. This is something I will look into.
Earlier discussion is here: https://forum.pfsense.org/index.php?topic=114559.0
Would love to see a more seamless way to plug an iOS device into pfSense as failover internet for instances where primary WAN connection is down built in. Failover may not even be the right word for what I'm looking for… just if the primary WAN is down I'd like to be able to plug in an iOS device with tethering and have pfSense use it without going through a lot of hastle.
I agree 100%. Thats kind of what I am doing now. I always have my iPad plugged in to my pfsense box and if my wan ever goes down the tether will pick up. Kind of annoying to always having plugged in but thats the point of a failsafe but if you want to discount once you have the tether and gateway groups setup you can. It will work just fine to only plug it in when you need it.
virgiliomi last edited by
I'll agree with others that it would be good to see the iPhone Ethernet driver included in pfSense. I never even thought about using an iOS device as a failover connection, but it makes perfect sense to be honest. There are so many older model devices out there that getting one cheap isn't hard, and using it as a 4G modem for backup connectivity is a great idea IMHO.
For anyone following this you can probably add the config_index setting as a usb quirk. Something like:
hw.usb.quirk.0="idVendor idProduct 0 0xffff UQ_CFG_INDEX_3"
Changing the vendor and product IDs to match your phone. Add that line to /boot/loader.conf.local. It should be applied any time you connect the phone then.
I don't actually have an iPhone to test that with so feedback welcome. :)
I was able to solve it differently,
Using PfSense 2.4.0 was and changed the file in /conf/config.xml, according to the documentation https://doc.pfsense.org/index.php/Executing_commands_at_boot_time it is possible to add command when starting the system.
So my file looks like this:
<pfsense><version>17.0</version> <lastchange></lastchange> <system><optimization>normal</optimization> <hostname>pfSense</hostname> <domain>localdomain</domain> <dnsallowoverride></dnsallowoverride> <earlyshellcmd>usbconfig -d 4.2 set_config 1</earlyshellcmd></system></pfsense>
Then when saving just delete the file in memory rm /tmp/config.cache as https://doc.pfsense.org/index.php/How_can_I_reload_the_config_after_manually_editing_config.xml
Now everytime I turn off or restart the modem, it is already up properly.