RNDIS, Bluetooth & HDD issues…

  • Hello all!

    I got pfSense, x86, checked the MD5 and installed on a HDD.

    The installation seemed fine.

    But the bios complained of not finding a bootable system disk.

    I got it running via Live CD.

    On a separate box I have a fresh install of PC-BSD, but so far, I was unable to get it to link

    On a seperate HDD in my desktop, I have my old Ubuntu 10.04 install, which lost network connectivity, via usb rndis or bluetooth.  It does, however link to to get the pfSense web GUI.

    HOWEVER, I see no reference to rndis in the documentation.  USB is preferable to bluetooth, for speed, power/battery and security.  Either would be fine now, since it's not failover/failback, but my only link to the internet.

    I'm OFFLINE at home now, using a public computer.

    I could use a little help.


  • I see the sticky at the top of this board…

    I DID search the forum, the blog and the tutorials.

    Every time, somebody said, JUST RUN WIFI!

    Some may be okay with that, if using EMBEDDED router hardware, especially if it has no USB ports.
    for the x86/i686 versions on desktops, now you're asking someone to go buy a WiFi card.

    Then, there's the extra power consumption, battery.

    The only WiFi app I've found for my phone RUNS WEP!!!!

    USB is better, but bluetooth might do.

    Honestly, I'd rather see bluetooth traffic run through a router, than on my desktop host, anytime!

    Does ANYBODY have a clue?

  • Netgate Administrator

    It's not clear what you're asking.
    There is no Bluetooth support AFAIK. NDIS and RNDIS are Microsoft protocols not supported by FreeBSD.

    What hardware have you installed pfSense on? How are you trying to connect to it?


    Edit: typo

  • Rebel Alliance Developer Netgate

    While I cannot tell you how, I can tell you that it is possible to take all of the Bluetooth binaries, libraries, and modules from FreeBSD and copy them to pfSense and it can talk to supported Bluetooth devices. It's about 30 files total.

    That said, you are not likely to end up with a working network connection without a lot of manual work, and even then it wouldn't show up and be manageable in the GUI in any meaningful way.

  • Well…

    I understand that a good many USB 3G/4G dongles operate first as a mass storage, tnen switch to RNDIS, after, on a windows box, the drivers are installed.

    I'm coming over from Ubuntu Linux, and there, you might have to use a package called USBModeSwitch, to get it to jump to RNDIS, every time you plug it in.

    For my one and only OLD smartphone, running Windows Mobile, a  "pocket pc" which I use via tethering, for my only internet access at home, on my DESKTOP; Ubuntu Linux 10.04 has RNDIS support in the kernel.

    I tried PC-BSD, but it wouldn't "jump up and dance".

    Bluetooth, at least bluetooth networking, would be a good idea.

    I can see separating pfSense from FreeNAS.  As far as bluetooth's other capabilities, I'd rather see them run through security rigors, before getting to a media/file server on my lan.  For example, by going through fpSense, and virus/malware screening.  One security advantage bluetooth has over usb is that you're not automatically opening up full bidirectional access.  I hate plugging in a usb drive, then having some "helpful" windows program display all of my pictures, and try to download them to the local HDD.

    So, how do we solve this problem, since, it's not just failover/failback, but my primary and only internet access, that needs RNDIS?

    I hate to say, that, per the forum, my immediate solution is "tech by wallet", which sad, since there should be a software solution.  It seems I'll be forced to buy a 3g to ethernet device, such as a TP Link TL-MR3020:



    Does anyone know FOR CERTAIN, if this will, or will NOT work for me?  Unlike the poster in the sticky on this board, plunking down $200 for a Wal-Mart computer is not an option.

    To answer another poster's question, it's a desktop; an old e-machines with an IDE drive.  I'll have to take down the pfSense firewall host to check the service tag, mothterboard model, HDD model, etcetera.  It may help to clarify the bios not recognizing the HDD with pfSense installed...

  • Netgate Administrator

    So, just to be clear, you are using a Windows Mobile device as your WAN connection. This has a USB connection that appears as a USB-Ethernet device when connected. What does pfSense show in the logs when you connect the phone? What driver, if any, is it using?
    I have experimented with a couple of similar devices in the past and have abandoned the attempt both times. If I recall both devices did not have a readable MAC when using the FreeBSD drivers which resulted in a random generated MAC being used. This was not a problem initially but if it ever became disconnected, or went into standby!, it came back up with a new MAC which caused pfSense to see it as a new interface and that causes many problems.
    I wouldn't even think about using Bluetooth. As JimP said you may be able to copy across all the required components from FreeBSD but even if you get it working it will all be outside the webgui and the config files.

    Can your device run a wifi hotspot? You may be able connect via wifi.

    There is no need to buy a 3g router device since pfSense can do that already. Just make sure you get one of the 3g dongles listed here: https://doc.pfsense.org/index.php/Known_Working_3G-4G_Modems AND search the forum to make sure someone else has reported it working.


  • Thanks Steve, and JimP!

    Well, I'm using my WinMo 6.1 o.s. device now, on Ubuntu 10.04, via USB / RNDIS, with WMWifiRouter.  It basically acts like an ethernet connection.

    The thing with the TP Link device I mentioned is not the router capability, which I'd not really use; but that it converts/bridges from USB-RNDIS to Ethernet.  As written herein, the protocol is not supported on pfSense/freeBSD; which I don't understand, considering, if I'm not mistaken, that many USB 3G/4G dongles use the protocol.  It's unavoidable, since Windows has dominated the desks and devices of those who know not a better way.

    Maybe the M.A.C. address issue you mention, is related to my recent troubles, which I've been blaming on Ubuntu package Firestarter…

    On my desktop, I have Ubuntu 10.04 on one HDD, and a fresh install of PC-BSD 9.2.  The BSD does not seem to support RNDIS, nor am I able to get bluetooth networking to work with the phone.  I don't recall what happened when tried via wifi, onboard radio, or my Netgear WNCE2001 (WiFi to ethernet hardware), but WMWifiRouter only supports WEP.

    Budget is a problem.  Even if I go scoop an old 3G USB dongle, it won't have my current carrier's low rates.

    I'm hoping to work something out with one or more people who have WiFi, as I have three of the WNCE2001 devices, and keep the USB-RNDIS connection, failback/failover.  That way, when, for whatever reason, I lose those connections, I'll be seamless.

    My phone is said to be able to be flashed, or dual booted to Android, but that's NOT without difficulty, and a matter for another, less friendly forum...

    It looks like my short term solution is to shell out for one of the TP Link devices that go from 3G to Ethernet.  I'm surpriesed I even found such, as internet searches will dump you into what most people are buying.

    Also, worth mentioning, it's not as easy as one would expect, migrating from Ubuntu Linux to PC-BSD.  Ext3/Ext4 filesystems are NOT compatible with UFS/ZFS, so I have to copy everything to a FAT32 filesystem, FIRST.  ZFS, RAIDZ and other "under the hood" aspects of BSD seem to be better than Ubuntu Linux, but I just wish RNDIS were supported, and that it would have connected with what I have running as a pfSense host, without difficulty.  Running Ubuntu Linux 10.04, I get the pfSense GUI, if I disconnect from my eth(x) RNDIS connection and connect to the eth(x) device which goes to my pfSense host.

    I'll have to see if there's a user's group/support forum for TP-Link.  I'm ASSUMING it supports RNDIS, and ethernet is ALMOST guaranteed; ALMOST...  I just don't have the money to buy a power consuming paperweight, that has a couple nice looking L.E.D. blinker.

    :-/  :

  • Netgate Administrator

    Using the term RNDIS is not really helpful here because it implies some Microsoft proprietary protocol whereas in fact most of these chips are supported by various other drivers. Fior example both the devices I tried (HTC BlueAngel and Sharp Zaurus) were supported by the cdce(4) driver and have been for years. I would have thought there is a good chance your phone would be recognised by pfSense when you connect it (see the logs) but would prove unreliable in use.

    Most 3G modems present themselves as a serial device not ethernet. That is changing recently with many 4G modems appearing as ethernet devices. Many devices can present in either mode depending on how they're initialised. It would not surprise me to find that that TP-Link device does not recognise your phone, it may be only looking for serial devices. You'd need to be very sure before you bought it. If it doesn't work you can flash it with OpenWRT which gives you far more options: http://wiki.openwrt.org/toh/tp-link/tl-mr3020
    Currently pfSense is only really setup to handle serial modems.

    Can you not get an older 3g dongle and transer your SIM card to it?

  • Unfortunately it's a CDMA handset.  It's an HTC Touch Pro2 / HTC Touch Pro 2 / HTC Touch Pro II (I parsed it out for those doing keyword searches), It's a Rhodium T7380.

    It has a 528Mhz qualcomm processor, but it's called a "Pocket PC", instead of a smart-phone.  If nothing else, it's a good E.S.N. donor, for a newer native Android handset; when I'm able to afford one.

    Supposedly, the R.O.M. can be flashed to an older 'driod, or dual booted via a file called Haret.  It needs "World Unlock", and other cracks, before running Android.  Also, it's said to have an 88 - 108Mhz F.M. broadcast band receiver, and there is software.  Some web sites claim it has 2100Mhz / 2.1Ghz "4G" radio hardware, and I've seen reference to that in some of the "phone" option screens, while WM 6.1 was under the influence of WMWifiRouter…

    I tried to do my homework FIRST, but didn't have much access to the internet, at the time I purchased that.  Microsoft was "kind" enough to pull the marketplace with the .cab files, shortly after my purchace, but before I could pull any off such a "trustworthy" source.  I see they're doing that to XP users, too.

    Last I knew the "cooked rom" of one, known as TimberWolf671 on XDA Developers (dot) com was the best WM / WinMo / Win Mo / Windows Mobile choice for the device, where I might dual boot Android, if it's still true that Bluetooth, Camera, and other hardware issues were never worked out.

    Unfortunately, that forum is not so user friendly, even blocking posting from I.P.s such as colleges, public libraries AND, MOBILE / Wireless Internet Service Providers.  That "makes sense" to me...  Block mobile I.P.s on a site FOR MOBILE DEVICES...  I can't even post in the section/board for my handset, UNTIL I 'contribute useful content'.  As if I would be able to do so... sigh

    Thanks for giving me pause on the TP Link / TP-Link.  I can NOT afford another paperweight, or a brick, for that matter.

    I've tried to follow OpenWRT...  Aside from the embedded images, I think there is an x86 image, but I haven't seen one in a live CD / CD install form.  I have a WRT54G Version 8, which someone flashed to DD-WRT, and a WRT54G Version 1.1, stock.  Maybe it's time to learn to TFTP, but I'm not prepared to play with JTAG, just yet.

    Neither have USB ports, but methinks there is a mod to install a serial port.  Great!  Another protocol bridge to give hair-pulling "experience"...

    I need to pull myself up by the bootstraps ;-) before I try to debrick.

    You know...  Cradlepoint has a few failback/failover routers, WITH USB ports for 3G/4G W.I.S.P devices.  However, they've not been anything I can touch, price wise.  I might as well drool over a commercial Cisco router.

    Well, maybe I'll look at setting up a FreeNAS box, and read the pfSense tutorials.

    Every time I boot, if I want to run Ubuntu, I have to go into the bios and turn off the disk with PC-BSD, as the respective bootloaders don't even play nice.  As far as copying my files to my PC-BSD o.s., I have a FAT32 partition on the Ubuntu HDD, which PC-BSD reads, but a FreeNAS box RUNNING BEHIND/THROUGH A pfSense box, would be nice.

    I should be able to get to the lan and my WinMo gateway separately, but it would be nice for the internet traffic to ALSO go through the pfSense box.

    Technological proprietary-ism and incompatibility...  To quote Rodney King: "Can't we all just get along?"

  • Netgate Administrator

    Sounds like you're up to your neck in technology that almost works together.  ;)

    It's a while since I've been on the XDA forums but back in the day it was a relatively friendly place. I guess they (like everyone) have been over run by spammers. They have the additional headache of single post users demanding someone fix the phone they bricked because they didn't do any research.  ::)

    Do you use your phone for calls still? Do you need to disconnect it regularly? If not then try it with pfSense directly you never know it might work fine.
    Boot the pfSense box, plug in the phone, look at the last few lines of the system log. Paste them here for comment. It may be similar to what I saw here: https://forum.pfsense.org/index.php/topic,26563.msg138379.html#msg138379


  • Well…

    Thanks for having a look.

    When I tried via the "console", or on the box running pfSense, it would give an "up" message for my BLUETOOTH dongle.  However, no reaction for my phone.

    I just tried, and copied system -> general log, which is attached.

    After you see the login.

    I first tried, without running anything on the phone.

    Then, I tried WMWifiRouter, in 3G to USB mode, which uses RNDIS.

    Then I tried the O.S.es "Internet Sharing" utility, which usually never works.

    I plugged in each time, but nothing got a reaction on the phone when I plugged in.  Usually I get a prompt.

    When I wanted to post here, I'm surprised I got to get to use the phone as a gateway without rebooting.  Although I quit the Firestarter firewall GUI, a couple times, AFTER killing and unplugging the ethernet to the pfSense box...  I have this command on my cheat-sheet hotlist: sudo /etc/init.d/networking restart

    Now I know how superstitious types feel, as I try a bunch of thngs; but never really know what causes problems, nor what get results.



  • Netgate Administrator

    Hmm, well I'm surprised that you see nothing at all. I dusted off my BlueAngel and connected it. Even though it's not supported by any driver in 2.1 it still shows in the system log when I connect it:

    kernel: ugen0.3: <htc> at usbus0</htc>

    I can then run usbconfig at the console to find out more about it:

    [2.1-RELEASE][root@pfsense.localdomain]/root(6): usbconfig -d ugen0.3 dump_device_desc
    ugen0.3: <generic rndis="" -="" blue="" angel="" htc="">at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON
      bLength = 0x0012 
      bDescriptorType = 0x0001 
      bcdUSB = 0x0200 
      bDeviceClass = 0x00ef 
      bDeviceSubClass = 0x0001 
      bDeviceProtocol = 0x0001 
      bMaxPacketSize0 = 0x0010 
      idVendor = 0x045e 
      idProduct = 0x0301 
      bcdDevice = 0x0000 
      iManufacturer = 0x0001  <htc>iProduct = 0x0002  <generic rndis="" -="" blue="" angel="">iSerialNumber = 0x0000  <no string="">bNumConfigurations = 0x0001</no></generic></htc></generic> 

    Interestingly I thought this device was recognised by a driver last time I tried it, which was quite a while ago.
    Your phone should show as something even if nothing can use it, the USB subsystem will still read the USB vendor and product IDs.

    You can see that the USB VID is 045e, Microsoft Corp and the PID is 0301 which is less well defined. It may be that it's a serial port.


  • Netgate Administrator

    If I disable advanced networking mode and load the uipaq.ko module from FreeBSD 8.3 it changed PID and is successfully loaded:

    Jan 3 19:32:44 	kernel: uipaq0: <htc 0="" 3="" generic="" serial="" -="" blue="" angel,="" class="" 0,="" rev="" 2.00="" 0.00,="" addr=""> on usbus0
    Jan 3 19:32:44 	kernel: ugen0.3: <htc> at usbus0</htc></htc>
    [2.1-RELEASE][root@pfsense.localdomain]/dev(24): usbconfig -d ugen0.3 dump_device_desc
    ugen0.3: <generic serial="" -="" blue="" angel="" htc="">at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON
      bLength = 0x0012 
      bDescriptorType = 0x0001 
      bcdUSB = 0x0200 
      bDeviceClass = 0x0000 
      bDeviceSubClass = 0x0000 
      bDeviceProtocol = 0x0000 
      bMaxPacketSize0 = 0x0010 
      idVendor = 0x045e 
      idProduct = 0x00ce 
      bcdDevice = 0x0000 
      iManufacturer = 0x0001  <htc>iProduct = 0x0002  <generic serial="" -="" blue="" angel="">iSerialNumber = 0x0000  <no string="">bNumConfigurations = 0x0001</no></generic></htc></generic> 

    Not sure what I can do with that.  ::)


  • Are you convinced that the TP-Link would be a no go?

    I found some driver spec's that DO IN FACT list RNDIS:

    I'm pretty sure you didn't follow me, regarding the TP-Link.

    Earlier in the thread, I pasted, plaintext a link to an ebay picture, to show that it has an RJ-45 ethernet port.

    Here is what newegg has to say:

    There are a couple Cradlepoint devices, WITHOUT WiFI, such as their CBR400 or CBR450, but they cost much more.  Those are being discontinued, in favor of ones that have internal modems, but STILL are fetching $100 to $200 on ebay.  :-\

    Their CBR450 is WITHOUT WiFi:

    The CBR400 seems to have WiFi

    I'd just disable WiFi on the $30 - $40 TP-Link "router", and just use it as a bridge; if that's possible.

    The point of mentioning these devices is NOT their routing capability, but that they protocol bridge between 3G/4G USB devices to ETHERNET, such as in my case.

    I know that pfSense is a router, as well as a firewall.  I just don't understand why it does support my phone, which acts as an RNDIS USB modem.  I would guess there should, at least, be a USB message, about "unknown device", and that it would accept it as a USB modem, or RNDIS device.  The phone was made in 2009!

    Even when I plugged in a USB bluetooth dongle, "up" messages popped up, in console…

    I hate to go Rube Goldberg, and do something convoluted.  However, the pfSense developers don't seem to have covered my "six" on this one.

    I also hate to "tech by wallet", as mine is not that fat.  However, it seems I have little choice, unless I go over to the OpenWRT camp…

    By the way, according to a couple "Connection Information"/details GUI outputs on my desktop, the M.A.C. address of the eth(x) connection with, or the phone itself, via USB is: "80:00:60:XX:XX:XX", first six.
    That comes back as invalid, on a couple internet M.A.C. address searches. :-/

  • Netgate Administrator

    I follow you regarding the TP-Link router I'm just not sure you have understood that your phone is not the same as 3G/4G USB dongle.
    That driver you linked to is a driver for Windows XP so it can recognise the TP-Link device when it's connected via USB rather than ethernet not a driver that allows other RNDIS devices to connect to the TP-Link.
    In order to connect to your phone the TP-Link firmware must contain the USB-RNDIS-lite driver and recognise the USB VID/PID as a candidate for the driver. I have no idea if that is the case.
    If you bought it and it doesn't work you could still flash the TP-Link with OpenWRT and attempt to get it working that way, rndis driver is definitely available: http://wiki.openwrt.org/doc/howto/usb.tethering

    If we could get the USB VID and PID that your phone appears as we could make some judgement. It must appear when you connect it to pfSense even if no driver exists.


  • Yes THAT would be Rube Goldberg, would it not?  Buying the TP-Link, and having to flash it to OpenWRT, just to connect it to my pfSense x86 box…

    Well, while on my Linux - Ubuntu 10.04 desktop, when I open a terminal, and issue, lsusub, I get:

    luser@localhost:~$ lsusb
    Bus 008 Device 002: ID 0bb4:0303 High Tech Computer Corp. 

    Apparently there are TWO RNDIS protocols.  One for mass storage, and the other for internet sharing.  But, that is how, at present, the phone's USB, while sharing it's internet connection, with the aid of WMWifiRouter, presents to my Linux desktop that's currently running Ubuntu 10.04.

    I'm in uncharted territory with pfSense.

    My usb Bluetooth dongle had console messages appearing, about up state, when I hot plugged the thing.  Nothing flashed on the screen, with the phone.  Nothing in the log which I pulled via the web-GUI…

    Thanks, again, Steve, for stopping me from jumping on Ebay, and whipping out my paypal login credentials!

  • Netgate Administrator

    For zero cost you could load the X86 version of OpenWRT onto your box instead of pfSense and see how far you get with that. It may work straight away.

    Do you have the WModem application as described here?: http://ubuntuforums.org/showthread.php?t=780339
    In that case it may be possible to dial out directly as they have. pfSense can do that.


  • I haven't been able to find a live CD or installer for OpenWRT on a PC.  I looks like I have to install some sort of Linux, then copy & edit a bunch of files.  I can do all that, but I haven't found a clear cut checklist.

    Since it's lightweight, I would think a CD and a USB drive would get the job done, live or install.

    Something happened during the installation of pfSense, where the HDD can't be read by the bios, so that counts out just editing/copying to that IDE drive…

    Not that long ago, about three human years, eons in electronics aging, I was tethering via a Motorola iDEN phone, at a whopping THEORETICAL 14.4 Kb/s or 2 KB/s.  Sometimes it peaked, but hardly reached top speed; and was ALWAYS Jurassiac slow.  I used KPPP as a dialer on an Ubuntu desktop.  Sounds like WModem is a program/app that makes the phone accept Hayes Modem "AT" commands, like I used to issue to my iDEN phone.

    I tried a thread on XDA-developers.com, looking for a .cab file of WModem, but no one responded.

    Now, with WMWiFiRouter, on the phone, one can switch USB modes:
    Serial on USB
    Mass Storage
    Serial on USB
    Rndis - ActiveSync
    Rndis - Internet Sharing

    For each, I connected and issued:


    MTPUSB  - Media Transfer Protocol - PtpUsbFn - Bus 008 Device 012: ID 0000:0000 
    Serial on USB  -  Bus 008 Device 011: ID 0bb4:0b60 High Tech Computer Corp.
    Mass Storage - Bus 008 Device 013: ID 0bb4:0c33 High Tech Computer Corp.
    USBSER_Class - Bus 008 Device 014: ID 0bb4:0b03 High Tech Computer Corp.
    Serial on USB - Bus 008 Device 015: ID 0bb4:0a33 High Tech Computer Corp. PocketPC Sync
    Rndis - ActiveSync - Bus 008 Device 016: ID 0bb4:0b33 High Tech Computer Corp.
    Rndis - Internet Sharing - Bus 008 Device 017: ID 0bb4:0303 High Tech Computer Corp.

    With the first Serial on USB, I tried:

    sudo /sbin/modprobe ipaq vendor=0x0bb4 product=0x0b60

    The command was accepted, no complaint, but no dmesg or dmesg.0 entry and wvdialconf did not find anything.

    So, with USBSER_Class, I tried:

    sudo /sbin/modprobe ipaq vendor=0x0bb4 product=0x0b03

    Same result.

    The second "Serial on USB" is a Sync, and actually works with SynCE-KPM, a KDE device manager for Windows Mobile devices; whereas Rndis - ActiveSync does NOT.

    Rndis - Internet Sharing is how I'm on the "Information Sidewalk", posting this.  It's not as slow as iDEN, but it's the "Information Sidewalk" and NOT the "Information Superhighway".

    Any thoughts?


  • Netgate Administrator

    I found a cab file for WModem at XDAdevelopers but it was for Windows Mobile 6.5. That's what I have running on my Blue Angel currently. I couldn't get it to do anything useful but that might be for a number of reasons: The BA was never intended to run anything past Windows2003!. There's no SIM card in it.

    I take it those commands were in Ubuntu? lsusb and modprobe are Linux commands that won't work in pfSense.

    To boot OpenWRT get this file: http://downloads.openwrt.org/attitude_adjustment/12.09/x86/generic/openwrt-x86-generic-combined-ext4.img.gz
    Write the contained image to a USB stick and boot it. Extract the image first if your image writing program doesn't do it for you. Physdiskwrite will do it for you.

    The FreeBSD uipaq driver only recognises the "Serial on USB - Bus 008 Device 015: ID 0bb4:0a33" of those you've listed. See the source: http://svnweb.freebsd.org/base/release/8.3.0/sys/dev/usb/serial/uipaq.c?revision=234063&view=markup


  • Unfortunately sites like PPC Geeks and XDA Developers remove many of the files and links for the "older" hardware.

    This phone was announced in 2009 and I bought it second hand in 2011, just when MS pulled the marketplace for WM 6.x.  I bought it with the intent to flash Android.  There are a few steps, HSPL, World Unlock…  Haret...  I'd like to get it done without bricking the thing, AND while having all the hardware work, but I've yet to get all the steps and files together.

    I'm not sure about the HDD issue.  If I recall correctly, I was able to write using the instal menus, subsequent times, but no joy.  The BIOS wouldn't recognize the HDD, nor could I find it, when plugging it via an IDE to USB cable.  I used another HDD and the box is up.

    My thinking about bluetooth, was a bluetooth over IP scenario, using pfSense as the router AND firewall. 
    Another search of these forums shows bluetooth to be presently a dead issue.

    I plugged in my old Virgin Mobile branded Novatel MiFi 2200...
    Novatel MiFi 2200 Plugged Into pfSense 2.1, Logs.

    I tried the OpenWRT file you suggested.  I unzipped it and put it on a USB flash/thumb drive.  No joy!  I got a blinking box.  Just a flat cursor blinking upper left hand corner of the screen.  Possibly that build did not include a console.  I was unable to telnet/ssh to the box, nor get a UI/GUI…

    I bought a pocket router with OpenWRT preloaded.  I can ping from the diagnostics screen of pfSense, but can't get to it via my LAN.  I tried manual NAT, allowing RFC 1918, and a few things...

    Getting to the UI is important because I often need to reconnect the phone.  It seems that RNDIS is a poorly written and poorly documented specification and implementation.  MS should have went with CDC, but they don't play nice with interoperability and want you to go with full MS implementations...

    To avoid clogging up the forum board, I'll try THIS THREAD:
    Accessing modem from inside firewall pfsense 2.1 and 2.1.1 not work

  • Netgate Administrator

    All the OpenWRT images use a serial console as far as I know. The default speed is 115200 though.

    If you can ping the Openwrt router from the Diagnostics screen but not LAN then you have a routing problem.
    Is the Openwrt device in a different subnet that the pfSense LAN?
    Do you have a gateway on the pfSense LAN? (you shouldn't)


  • Hey Steve,

    Thanks for following this!

    However, I meant the type of terminal console, with keyboard & (S)VGA video, which pfSense uses.  It would seem most "Rube Goldberg", to have a full PC and ignore the keyboard and monitor, to tie to the keyboard and monitor of ANOTHER computer via serial…

    • I tried a couple different things, even direct workstation to OpenWRT "server" ethernet, with static I.P.  It's possible I had the requisite port/protocols blocked by a firewall utility on the WS,  at the time.  Maybe…  I don't recall if it would ping.  I recall trying it on a Virtual Machine...

    • I have each pfSense interface on a different subnet, but I tried static on my WS, direct to the OpenWRT box.

    • I would only have a gateway on the LAN if I were trying to share internet from the WS, which I am not.

    It's possible that the BIOS didn't work with USB boot, with that type of file.

    I could write an image to the HDD, but one compiled with packges, such as a LUCI.  Erstwhile, I tried to compile an OpenWRT image, but it failed, probably due to a lacking a Debian Linux dependency.  It's on "The List".  ::) I have a small stack of old WRT54G routers…

    In the meantime, I bought a cheap "pocket" router, with OpenWRT preloaded.  A protocol bridge, to ethernet, to pfSense.  Rube Goldberg would be proud!  It works, provided that I bought a USB 3.0 hub to put inline, to charge & tether simultaneously.  Ugh!  ::)  All I needed with my linux box was a USB Y cable, to feed the power of two USB 2.0 ports.

    Search the webs, I did, for "bsd rndis".  I found this -> http://sourceforge.jp/projects/bsd-rndis/ and assumed it to be abandonware.

    That is, until I found THIS ->

    FreeBSD Handbook -> Part IV. Network Communication -> Chapter 30. Advanced Networking -> 30.4. USB Tethering

    30.4. USB Tethering

    Many cellphones provide the option to share their data connection over USB (often called "tethering"). This feature uses the RNDIS or CDC protocol.

    Before attaching a device, load the appropriate driver into the kernel:

    # kldload if_urndis
    # kldload cdce

    Once the device is attached ue0 will be available for use like a normal network device. Be sure that the “USB tethering” option is enabled on the device.

    Uh, huh…

    I'm running

    pfSense  2.1.2-RELEASE (i386)
    built on Thu Apr 10 05:23:34 EDT 2014
    FreeBSD 8.3-RELEASE-p15

    I tried each:

    $ kldload if_urndis
    kldload: can't load if_urndis: No such file or directory

    $ kldload cdce
    kldload: can't load cdce: File exists

    I assume the develpers decided to leave this out.  :-\  Perhaps this was over security concerns.  Yet, they INCLUDED, in the default, main install, something as potentially malicious as UPnP & NAT-PMP.  I'm certainly NOT beholden to Micro$oft'$ products, nor their strongarm tactics.  >:(  But, I have what I have…  :(  Maybe RNDIS could run within a jail, if the issue is security..
    I also noticed, in my pfSense 2.1.2 filesystem:





  • Netgate Administrator

    It's not part of the FreeBSD tree so you would have to compile the kernel module (if_rndis.ko) yourself. Since the code hasn't been updated since 2010 you might find it requires significant modification to make it compile against FreeBSD 8.3.

    Additionally it currently supports only one device:

    #define USB_PRODUCT_SHARP_WZERO3ADES_RNDIS      0x91ad


  • I believe that 2.2 will have RNDIS support.  I found that it is contained in a later version of FreeBSD.  Maybe a 9.x or thus-and-such.  I don't have my notes at hand…

  • Netgate Administrator

    Yep, looks like it's included in FreeBSD 10:
    Don't know whether it made it into 2.2 though, I'll have to re-fire my test box. Also I can't find what devices it supports.

    Edit: Looks like it uses a generic USB vendor/product ID so it should work with a variety of hardware, all Android though  :-. Some older man pages list some known hardware:

    The urndis driver provides support for Ethernet access over Remote NDIS.
        The urndis driver should work with all USB RNDIS devices, but the
        following devices are known to work:

    o  Google Nexus One
              o  HTC Dream / T-Mobile G1 / ADP1
              o  HTC Hero
              o  HTC Magic
              o  HTC Tattoo
              o  HTC Wildfire


Log in to reply