Verizon Jetpack® 4G LTE Mobile Hotspot - AC791L as a WAN



  • Hi I am trying to get the Netgear AC791L working with pfsense.  Setting the Netgear to USB mode and putting it in a PC works just fine.  Installing it into a Netgate pfsense box,  the device is detected but no usable USB driver gets loaded.  I can find anything on google or here regarding this combination.  here is the usbconfig dump:

    
    [2.2.6-RELEASE][admin@firewall.xxxxxxx.com]/root: usbconfig -d ugen1.2 dump_device_desc
    ugen1.2: <aircard 791l="" netgear,="" inc.="">at usbus1, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (500mA)
    
      bLength = 0x0012 
      bDescriptorType = 0x0001 
      bcdUSB = 0x0200 
      bDeviceClass = 0x0002 
      bDeviceSubClass = 0x0000 
      bDeviceProtocol = 0x0000 
      bMaxPacketSize0 = 0x0040 
      idVendor = 0x0846 
      idProduct = 0x68e1 
      bcdDevice = 0xffff 
      iManufacturer = 0x0001  <netgear, inc.="">iProduct = 0x0002  <aircard 791l="">iSerialNumber = 0x0003  <359071060085741>
      bNumConfigurations = 0x0002</aircard></netgear,></aircard> 
    

    Unfortunately no ethernet or ue devices show up.

    
    [2.2.6-RELEASE][admin@firewall.xxxxxxxc.com]/root: ifconfig
    vr0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=8280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic,linkstate>ether 00:0d:b9:33:4c:7c
            inet6 fe80::20d:b9ff:fe33:4c7c%vr0 prefixlen 64 scopeid 0x1 
            inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 
            nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
            status: active
    vr1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
            options=8280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic,linkstate>ether 00:0d:b9:33:4c:7d
            inet6 fe80::20d:b9ff:fe33:4c7d%vr1 prefixlen 64 scopeid 0x2 
            inet 69.33.231.130 netmask 0xfffffffc broadcast 69.33.231.131 
            nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
            status: active
    vr2: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
            options=8280b <rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic,linkstate>ether 00:0d:b9:33:4c:7e
            nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect
    pflog0: flags=100 <promisc>metric 0 mtu 33172
    pfsync0: flags=0<> metric 0 mtu 1500
            syncpeer: 224.0.0.240 maxupd: 128 defer: on
            syncok: 1
    lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
            options=600003 <rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6>inet 127.0.0.1 netmask 0xff000000 
            inet6 ::1 prefixlen 128 
            inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 
            nd6 options=21 <performnud,auto_linklocal>enc0: flags=0<> metric 0 mtu 1536
            nd6 options=21 <performnud,auto_linklocal></performnud,auto_linklocal></performnud,auto_linklocal></rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6></up,loopback,running,multicast></promisc></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic,linkstate></broadcast,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic,linkstate></up,broadcast,running,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,wol_ucast,wol_magic,linkstate></up,broadcast,running,simplex,multicast> 
    

    I cant find anything about a driver for this on the freeBSD site.  Any ideas about how to make this work??

    thanks
    Rich



  • I believe the Netgear DC113A Ethernet cradle will work with this device. If so, that would be my preferred way ahead. I use a DC113A with an AC785S on LTE in the UK.

    At least with the AC785S, you can't run in a no-NAT configuration over Ethernet - this is a limitation of the Netgear firmware. The next best thing is to configure the hotspot's DMZ address to an address inside the hotspot's LAN subnet but outside the DHCP pool. Once you have done this, configure pfSense with static IPv4: the IP address is the DMZ address you configured, the gateway is the hotspot's IP address and use the appropriate subnet mask (almost certainly 255.255.255.0)

    There is a quirk with the DC113A. At least with the AC785S, there's no permanently configured MAC address for the Ethernet interface - instead a random MAC address is used for each connection. This means you need to flush the ARP cache entry periodically to avoid a long lived but stale cached value.

    To do this, I install the shellcmd package and create a shellcmd that runs the command:
    sh -c 'while true ; do arp -d 192.168.1.254 > /dev/null 2>&1 ; sleep 20 ; done' >/dev/null 2>/dev/null &

    This causes the ARP cache entry to be flushed every 20 seconds. Replace 192.168.1.254 with the IP address of the hotspot if it is different.

    If you do all this, the hotspot can be docked and removed freely. You may need to tweak pfSense's gateway monitoring because of the high latency typical on cellular connections.



  • David,

    thanks for the response.  I had been looking for the cradle but it has been discontinued by Netgear and its not being sold anywhere. I was unable to find it at a price within reason.
    Is there any solution without the cradle?

    thanks
    Rich



  • Sadly, it does appear that the DC113A has been discontinued. That's a great shame, as it is a very useful device and was relatively inexpensive. I guess that so few were sold that it wasn't cost-effective for Netgear to persist with them. It may also be that the USB Gigabit Ethernet chip used became end of life for some reason.

    The USB port of most of the modern Aircard Wi-Fi devices can be used as a urndis(4) device, though I'm fairly certain that pfSense doesn't have that driver included in the kernel or as a module.

    A big problem with this approach is that unplugging the device without disabling the interface first has the potential to cause a FreeBSD kernel panic.

    I might experiment with adding the necessary support to pfSense, but this is not something I'm able to look at in the foreseeable future.

    The final approach to use your Aircard would be to use a Wi-Fi bridge to hook it to an Ethernet port. I don't know what devices to recommend, but anything that can join a WPA2-Personal network and present it on an Ethernet port should work. Ideally your Wi-Fi bridge would work on the 5GHz band.

    The best option of all, if the SIM would work in another device, is to move the SIM to an LTE modem with an Ethernet port, but these devices tend to be rather expensive devices aimed at embedded applications in rugged environments.



  • David,

    thanks, that is very good information.  I will look into the urndis device when I get a chance.



  • I have been trying to get my mobile phone (Samsung S5) that has Wifi/USB Tethering capability to work through USB directly connected to my pfsense appliance and use it as a WAN.

    I plug it in, FreeBSD sees it, but no Ethernet interface pops up. After some exhaustive Googling around, I found out that there is a kernel driver called "if_urndis.ko" that FreeBSD uses to enable USB Tethering. Forget trying to find it, I had to download the FreeBSD v10.1 full distro (same version that pfsense uses) and installed it in a VM, extracted the file, and then copied it to my pfsense box and put it in the /boot/kernel directory.

    I then loaded the module using the command (ssh into pfsense box):

    kldload if_urndis.ko

    and it loaded - I then enabled USB tethering on my phone and voila! I now had the new ue0 network interface… but it had no IP Address for some reason.

    I then exited the shell back into the pfsense ssh menu, and had to "Assign Interfaces" and this time selected "ue0" as my WAN and then I had an ip address assigned by my phone.

    It worked great, hoewever for some unexplained reason my pfsense box keeps rebooting randomly. Running latest 2.2.6 - I also tried a 100% fresh install of pfSense and then added the if_urndis.ko file and it keeps happening - even more so if I start clicking random things in the webgui. When I remove the driver and reboot the box, problems go away.

    I will save you the time in getting the kernel module. Here is a link to download it. Maybe it will work for you. Just be careful with those reboots. It took some time to recover because I had a small window after the reboot to ssh in there and delete the kernel module. pfsense was "remembering" to load it every time, despite the fact that I ran the command to load it manually in an ssh shell.

    https://www.sendspace.com/file/e4ocyq



  • I think having this module available as standard would be generically useful to a lot of people, myself included. I filed a feature request for it…

    https://redmine.pfsense.org/issues/6293

    --
    Ross



  • Hello,

    I have an Aircard 785S and i found a way to make it work with pfSense:

    you could try the same:

    
    usbconfig -d ugen1.2 set_config 1
    

    if it show ue interface you can try dhcp on it

    if it works i can show you the way to make it permanent



  • usbconfig -d ugen1.2 set_config 1

    This works great with my Verizon MiFi 5510L (but sadly, not with my AC791L). Is /etc/rc the way to make it permanent? I imagine upgrades will overwrite.

    With the AC791L tethered (which works tethered on my Win10 laptop) I see this in boot output:

    ugen1.2: <netgear, inc.="">at usbus1
    ugen1.2: <netgear, inc.="">at usbus1 (disconnected)
    stray irq7</netgear,></netgear,>

    And get this trying to bring it up:

    $ usbconfig -d ugen1.2 set_config 1

    No device match or lack of permissions.

    With the 5510 I see this at boot:

    ugen1.2: <novatel wireless="">at usbus1</novatel>

    And get this which works:

    usbconfig -d ugen1.2 set_config 1

    cdce0: <cdc ethernet="" control="" model="" ecm="">on usbus1
    ue0: <usb ethernet="">on cdce0
    ue0: Ethernet address: 00:15:ff:88:c4:da</usb></cdc>

    (latest embedded release here on ALIX)

    Incidentally, I get a related error in boot no matter which device is plugged in:

    Starting device manager (devd)…kldload: can't load if_urndis: No such file or directory

    urndis – USB Remote NDIS Ethernet device



  • @mikerockynet:

    usbconfig -d ugen1.2 set_config 1

    cdce0: <cdc ethernet="" control="" model="" ecm="">on usbus1
    ue0: <usb ethernet="">on cdce0
    ue0: Ethernet address: 00:15:ff:88:c4:da</usb></cdc>

    What does```
    set_config 1

    
    I want this ue0 to appear but I don't know how…


  • @XGWill:

    Hello,

    I have an Aircard 785S and i found a way to make it work with pfSense:

    you could try the same:

    
    usbconfig -d ugen1.2 set_config 1
    

    if it show ue interface you can try dhcp on it

    if it works i can show you the way to make it permanent

    So glad I stumbled on this post…..have it working on 2.4.x with a Netgear Unite Explore 815s!  (posting on the cell connection)

    Thanks!



  • I would like to extend my gratitude to you all, I searched the internet far and wide and everyone is talking about usb_modeswitch an no where (except here) is it referenced that you can actually change the "config" of the 4G dongle, which made it work with my Alcatel MW40V 😄

    I will from here on out see if other posts on this forum need help with their 4G USB modems and refer them here 😏

    pfSense version 2.4.4 with copied IF_URNDIS.KO from 11.2 FreeBSD iso and moved to the server via WinSCP (don't forget to make the filename all lowercase), changed/added the /boot/loader.conf.local with nano to

    if_urndis_load="YES" 
    

    so it loads the USB tether module on boot and after that i rebooted the server and it showed my device as ue0, like any other physical hardware port like WAN, LAN and OPT1.



  • @DexTroN, Thank you very much. Fortunately, people like you exist !!!


  • LAYER 8 Rebel Alliance

    Here is the File: if_urndis.zip

    -Rico


  • Netgate Administrator

    Some USB devices have multiple config indexes that result is different interfaces being exposed. You can check it using usbconfig -d ugenX.X dump_all_config_desc

    If your device has multiple config indexes you can selet a different on at run time using usbconfig -d ugenX.X setconfig X.

    If that gives you the interfaces you need you can add a device quirk to /boot/loader.conf.local to force that every time the device is connected. hw.usb.quirk.0="VendorID ProductID LowRevision HighRevision UQ_CFG_INDEX_X"

    Steve


Log in to reply