There doesn't seem to be a ton of info around 4G/LTE USB dongles in FortiGate devices at the moment/ever, and the FortiOS GUI has never really been fantastic for this, thought I'd start dumping my own experience just in case it may help someone else again.
Before the Huawei E8372 I'd only ever tried the Sierra/Netgear AC320U along with a handful of low end consumer 3G usb sticks from Huawei. All had pretty mixed results and required a ton of searching to find the correct config and specific initialisation strings to get everything running smooth. The E8372 seem to be a lot easier.
I've tried this on FortiOS 5.2.8 firmware and didn't have any luck. I didn't try and find out 'why' so your mileage may vary. I'm also no forti expect so help me out if you think something could be done better.
Firmware 5.4.1 (I performed all my tests on a FortiWifi-60D)
Huawei E8372h-608 software version 21.180.19.06.203 (Telstra)
Jump into the CLI and enter the following
config system lte-modem
set status enable
end
Because the E8372 has everything configured within itself (its a full router/wifi ap/modem) you shouldn't need any APN or init strings (when I tried an APN string it just ignored it and continued to use its internal settings), the Forti will then leverage (what appears to be) the NDIS type/virtual LAN connection of the E8372.
You then see it appear under interfaces like this (I had already place mine in a load balance config before this screen grab)
It terms of speed I can easily flood the USB 2.0 port of the Forti using the E8372, easily getting 40+Mbps, and it seems to be stable for long periods of time, but I was having some issues when the Forti powered on.
After powering on no traffic would head over the link, and while the interface appeared up no DHCP lease from the E8372 would be received, or if statically assigned I couldn't ping the address of the E8372.
Dropping (shutting) the interface and bringing it up again after a small amount of time (this was important) seemed to fix the link in most situations.
config system interface
edit usb-wan
set status down
next
edit usb-wan
set status up
end
Hard to say how much time it needs to be down for, but I found if I didn't have it down for at least 20 seconds the method wouldn't work.
I have no idea why the Forti would be having this issue, maybe there's an init string that will help? For now this seems to be a solid fix.
I chucked the above into an auto-script to run every time the Forti turned on.
No comments:
Post a Comment