USB LTE WAN failover configuration for handful of local devices to save 4G data
-
I have just started my journey with pfsense and learning a lot already. I have it set up and singing right now with port forwarding, static IPs and some firewall rules. One of the reasons I wanted to get pfsense was for USB dongle failover. I read in a few places and its supported before I got everything working. Anyhoo, I am now trying very hard to search for a full on A-Z tutorial to set up a LTE USB dongle, connect and test and then set a failover once the main internet goes down. Furthermore, it would be nice to know how I can only allow a handful of devices to work off the LTE failover once it switches over (without using additional LAN interfaces if possible).
Can anyone please point me to a tutorial where I can learn this? There are some ancient Youtube vidoes which I dont beleive are relevant anymore as a lot of the functionality has been updated on pfsense.
The modem I have is a Huawei E3372h LTE USB-stick. This apparently just shows up as an ethernet device which is awesome https://docs.netgate.com/pfsense/en/latest/cellular/known-working-3g-4g-modems.html
How do I set it up in pfsense is the big question.
Thank you kindly.
-
@alitech you might have better luck breaking it out into multiple questions with a caveat that this is your long term goal. I see 3 questions in here:
- Get PFSense to recognize USB LTE stick as network port.
- How to setup & configure multiwan.
- How to treat multiwan ports differently.
For #1, I'd try searching for just that piece? I don't have any specific experience with USB dongles (so take this with a grain of salt) but I'd expect that PFSense recognizes it once you get it to be an assignable interface. From there, it's up to you as the PFSense admin to tell PFSense what to do with that port.
For 2 & 3 there's an entire multiwan forums. I'd expect much of the information is in there but it may take some searching as people may ask the question different ways.
I'd be very curious to see what you find about #3. I love the idea of specifying that you're on the backup/failover network, so don't be going crazy with data! But your router has limited management abilities, it can't tell programs to not use internet (though it could maybe tell different machines?). It could certainly run a script on a node change.
All of that said, this seems like it would be a great how-to for the PFSense docs/book! Maybe you can write it once you get this working? ;)
-
Thank you for responding @coatmaker618
Yes, I guess there are three questions in there so thanks for splitting the questions up for me.
I think I have gotten a little further towards getting some information on this. I have got my pfsense to recognize a USB device as a WAN port which I can configure. I now have to configure the multi wan part now.
As for the third question, yes that's the interesting one and I am not having any joy finding any help on that one.
The scenario is as you describe. I don't want all my devices to take advantage of the failover WAN because it will be a 4G device with just a tiny amount of data allowance on it. I will keep it topped up for the eventuality of someone cutting up my cable internet while I am not at home so the home can still talk to me and let me know what is going on.
For the failover, out of the 50 or so devices that currently use the internet, I only want to allow my IP Camera NVR, my home security system and smart door lock to have access (all with dedicated local IPs). This is to get notifications of any issues while I am out of the house and also jump onto my IP camera feeds if needed just to see whats going on.
Hope this paints a good picture of what I intend to do.
So if there is anyone out there who knows how to handle multi wan ports in this configuration, please let me know.