Huawei B535 specific use case with pfsense
New user, similar (but not identical) query to the above.
A few months ago i migrated from a slow and unreliable FTTC connection to solely 4G using a Huawei B535 in to an Unifi USG. Also using the L2TP service from AAISP to bypass CGNAT and give me a fixed IP. It’s been fast, reliable and cheaper!
However, I’m having problems exposing ports of internal devices. B535 is used for the AAISP VPN client and has DMZ set to the WAN interface IP of the USG. USG does the port forwarding etc. This setup worked great with my old router.
Except it isn't working!
Difficult to fault trace on the B535 as logs and tools are limited. After monitoring port traffic on the USG I believe the packets are not being forwarded to the USG.
I therefore believe the B535 does not forward VPN traffic, either by design or a bug. Clearly i need the VPN otherwise no external IP.
If i put the B535 in bridge mode that should work. Except bridge mode disables the VPN. So run that on the USG, except the USG doesn’t support L2TP client! Catch 22!
I understand pfsense would allow the B535 to be placed in bridge mode and for it to initiate the VPN as required. So, thinking of replacing the USG with a Netgate SG-1100.
Anyone use something similar in this configuration?
@ibeadam To answer my own query as it may just help others.
Found an old Microserver. Installed pfsense. Put Huawei in to bridge mode. Internet just worked. Set up L2TP client on pfsense. Set routing default to use it. External IP address as if by magic.