4G failover options for pfSense?
-
Hello
I'm looking to use a 4G connection for failover on a pfSense and I need to ask what hardware should I get (in Europe)
I saw the list but most products are not available in Europe
I also have 2 options
USB dongle - I would plug it into my ESXi host, passthru to the pfSense VM and I imagine some how configure it.
Router in bridge mode - This one seems easier as I know how configure this. That being said, the router in bridge mode would always think it is a active connection and It would be wasting data. It needs to have 1 Gb ports.
This 4G failover is for emergencies and all traffic will be blocked except alerting and one box in order to manage the situation. It is not a failover per say for my entire infrastructure.
That being said, let's focus first on the hardware: USB dongle or router in bridge mode?
-
I have no opinion other than to say that, if you decide to go the hardware route, that you make sure it is compatible with FreeBSD.
https://www.freebsd.org/releases/11.2R/hardware.html
-
You say both "for emergencies" and "active connection would be wasting data", so this problem is a little tricky.
What I would do, here in the States, is add a little travel router that can tether to your smart phone, and thru this travel router, plug an ethernet cable into your backup/failover WAN port on your pfsense box. Boom, backup 4G internet.
Here's a travel router that I use to do this:
https://www.amazon.com/GL-iNet-GL-AR750-300Mbps-pre-Installed-Included/dp/B07712LKJMHere's why I say it will be tricky... You don't want to run this all the time, because of cell data usage and maybe high costs. What I would do is teach somebody on-staff or on-premesis on how to tether a phone to this box, power on the travel router, and check to make sure it all works.
There are some higher-end 4G modem/router boxes by Cradlepoint, like the COR IBR200 that can also do this.
https://cradlepoint.com/products/cor-ibr200
Find out from your cell provider if they've got a low cost M2M or IOT data plans for this type of connection.
Jeff
-
Something that terminates in Ethernet will be far better, more reliable.
I use an internal Sierra modem but that requires a PPP connection so no 4G.
Netgears LTE devices seem to attract positive reviews though I've not used one myself.
Steve
-
@riahc3 said in 4G failover options for pfSense?:
I'm looking to use a 4G connection for failover on a pfSense and I need to ask what hardware should I get (in Europe)
The way this is generally done is with a cell network modem, that provides an Internet connection. Then you need some means to detect failure of the main connection and then switch over. If you can manage to get OSPF going over a cell connection, then you can use that to switch to the cell backup. However, I don't know that the cell networks support that.
-
@akuma1x said in 4G failover options for pfSense?:
You say both "for emergencies" and "active connection would be wasting data", so this problem is a little tricky.
What I would do, here in the States, is add a little travel router that can tether to your smart phone, and thru this travel router, plug an ethernet cable into your backup/failover WAN port on your pfsense box. Boom, backup 4G internet.
Here's a travel router that I use to do this:
https://www.amazon.com/GL-iNet-GL-AR750-300Mbps-pre-Installed-Included/dp/B07712LKJMHere's why I say it will be tricky... You don't want to run this all the time, because of cell data usage and maybe high costs. What I would do is teach somebody on-staff or on-premesis on how to tether a phone to this box, power on the travel router, and check to make sure it all works.
There are some higher-end 4G modem/router boxes by Cradlepoint, like the COR IBR200 that can also do this.
https://cradlepoint.com/products/cor-ibr200
Find out from your cell provider if they've got a low cost M2M or IOT data plans for this type of connection.
Jeff
Yeah, no
-
@stephenw10 said in 4G failover options for pfSense?:
Something that terminates in Ethernet will be far better, more reliable.
I use an internal Sierra modem but that requires a PPP connection so no 4G.
Netgears LTE devices seem to attract positive reviews though I've not used one myself.
Steve
Wow, those Netgeat LTE devices seem kind of expensive for what they are...
Maybe I am better off getting a USB dongle.
-
Well if you do hosting it on one of those tiny OpenWRT boxes such as the GL-iNET linked above is a good idea.
If you connect it directly in pfSense and it gets unplugged or goes to sleep or just fails then pfSense no longer boot without assistance.
Steve
-
@riahc3 said in 4G failover options for pfSense?:
Yeah, no
Yeah, no, what? This is how 4G failover/backup network connections are done.
Have you ever tethered your phone to a computer or router like this, to get internet in a pinch? It works very well, if you have somewhat decent cell service.
Ok, so the only other way I didn't talk about is a USB dongle. It first has to work with pfsense and/or your VM host. There might be 1 or 2 of them tested in the real world and working, maybe. Then it still has to have some kind of data plan attached to it to get cell service.
What kind of budget do you have for this?
Jeff
-
I have set up such a thing for Starbucks. In addition to ADSL for the main connection, they used a cell network modem for the fall back. They also used a Juniper router to manage the fall back. As I recall, they had to test the main connection periodically to ensure it was still up or fall back to the cell network.
-
@JKnott said in 4G failover options for pfSense?:
@riahc3 said in 4G failover options for pfSense?:
I'm looking to use a 4G connection for failover on a pfSense and I need to ask what hardware should I get (in Europe)
The way this is generally done is with a cell network modem, that provides an Internet connection. Then you need some means to detect failure of the main connection and then switch over. If you can manage to get OSPF going over a cell connection, then you can use that to switch to the cell backup. However, I don't know that the cell networks support that.
Detecting a failover shouldnt be that difficult; Even if pfSense itself cant do it, Im willing to bet someone will script it for me.
-
@stephenw10 said in 4G failover options for pfSense?:
Well if you do hosting it on one of those tiny OpenWRT boxes such as the GL-iNET linked above is a good idea.
If you connect it directly in pfSense and it gets unplugged or goes to sleep or just fails then pfSense no longer boot without assistance.
Steve
Those look ideal but Im not too keen on the idea of putting a 100 Mb device on my network...
-
@akuma1x said in 4G failover options for pfSense?:
@riahc3 said in 4G failover options for pfSense?:
Yeah, no
Yeah, no, what? This is how 4G failover/backup network connections are done.
Have you ever tethered your phone to a computer or router like this, to get internet in a pinch? It works very well, if you have somewhat decent cell service.
Ok, so the only other way I didn't talk about is a USB dongle. It first has to work with pfsense and/or your VM host. There might be 1 or 2 of them tested in the real world and working, maybe. Then it still has to have some kind of data plan attached to it to get cell service.
What kind of budget do you have for this?
Jeff
Noone in their right mind attaches a smartphone to a router and uses that as backup. NOONE.
SIM and/or USB dongle to router and work from there...
-
@riahc3 said in 4G failover options for pfSense?:
Those look ideal but Im not too keen on the idea of putting a 100 Mb device on my network...
It's on a backup/fallback WAN port, what's the big deal?
And, since we're arguing about how to get that box connected to the internet, here's how GL-INET suggests you do it.
https://docs.gl-inet.com/en/2/setup/internet_setting/
Jeff
-
@akuma1x said in 4G failover options for pfSense?:
@riahc3 said in 4G failover options for pfSense?:
Those look ideal but Im not too keen on the idea of putting a 100 Mb device on my network...
It's on a backup/fallback WAN port, what's the big deal?
And, since we're arguing about how to get that box connected to the internet, here's how GL-INET suggests you do it.
https://docs.gl-inet.com/en/2/setup/internet_setting/
Jeff
Like I mention I am not a big fan at all of putting any 100 Mb device on my network.
Plus, correct me if I am wrong, but LTE hits over 100 Mb correct? Which would be limited then...
-
@riahc3 said in 4G failover options for pfSense?:
Plus, correct me if I am wrong, but LTE hits over 100 Mb correct? Which would be limited then...
You're in Europe, so you'd have to check with your carrier. Here's some US 4G LTE data. That's why I said it's no big deal.
https://www.tomsguide.com/us/best-mobile-network,review-2942.html
Jeff
-
@akuma1x said in 4G failover options for pfSense?:
@riahc3 said in 4G failover options for pfSense?:
Plus, correct me if I am wrong, but LTE hits over 100 Mb correct? Which would be limited then...
You're in Europe, so you'd have to check with your carrier. Here's some US 4G LTE data. That's why I said it's no big deal.
https://www.tomsguide.com/us/best-mobile-network,review-2942.html
Jeff
Data that means nothing to me.
So now I need a 4G device (dongle/router/etc) that can do 1 Gb
-
Where do you think your going to get such speeds on LTE? While EU is ahead of much of the world.. Sorry but not close to 100mbps yet..
https://www.opensignal.com/reports/2018/02/state-of-lte
Its a bit over a year old - but 1 year has not tripled LTE speeds.
but LTE hits over 100 Mb correct?
There is a big difference between theory limit and what actually real world..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.7.2, 24.11 -
@riahc3 said in 4G failover options for pfSense?:
So now I need a 4G device (dongle/router/etc) that can do 1 Gb
LOL
Jeff
-
I assume you mean 'has Gigagbit Ethernet' there? Otherwise wait for 5G!
