Hi,
I want to use the huawei LTE modem in bridge and let the ponsense to manage everything.
I am missing the proper settings for the WAN port. The mobile connection uses the APN and username/password, how should I set the parameters of the wan interface?
Thank you
You need to add PPP interface, configure APN etc. there and assign that PPP interface to WAN.
https://docs.opnsense.org/manual/how-tos/cellular.html
Hi, thank you! I found that page, but stopped riding at the beginning because it seemed about the integrated mobile modem unit.
@doktornotor, I have the first issue: during the creation of the PPP connection, I have to input the link interface, but in my case the LTE modem is a standalone and connected by cable to the wan port.
It seems OPNSENSE doesn't offer the PPP on the list of connections inside the Interfaces menu.
Perhaps posting the exact model of your "LTE modem" would clarify what "bridge mode" means for that device. Sounds like a normal router with LTE WAN to me. Needs to take care of dialing whatever it's supposed to do itself. If you set your WAN to DHCP, you should get an IP and that's it.
The linked howto is of course not meant for this use case.
The modem is a huawei B535-235a, with 5 lan port.
I am connected through cable to one of these ports.
The bridge mode is under the "router" menu...I think the modem functionality is still performed, but the OPNSENSE interface now see the public ip...correct? how should I proceed now?
Any other information you need, please let me know.
Quote from: FredFresh on September 07, 2024, 01:58:07 PM
OPNSENSE interface now see the public ip...correct? how should I proceed now?
Hmmm? It's working, nothing more to do there...
Sorry, my mistake....the opnsense SHOULD see the public ip right? (didn't tried yet)...now the wan has a static ip4 ip, should i put PPPoE?
My problem is that I have 3 vpn of the same provide implemented and working with a fall-back logic.
The problem is that periodically the vpn are disconnected by "something" and only after restarting the modem, I can restore them.
After several tests My thought is that the issue is in the double NAT performed by the opnsense+modem.
Set your WAN to DHCP.
What I did:
Set wan interface to ip4 dhcp, no ip6 (this provider use ip4).
Ip4 conf type to dhcp, empty or blanck all the other options
Wan gateway is on wan interface, address family ip4, gateway minoring is disabled.
Removed the wan interface from the dhcp list.
The wan interface receive no ip.
I couldn't find any useful manual for mentioned device. If you mean this product then it does not have 5 but 4 LAN ports. And there's absolutely no mention of any bridge mode anywhere.
https://consumer.huawei.com/uk/support/wireless-routers/4g-router-3pro/
Perhaps post some screenshots of the GUI.
The manual refers to the first version of the firmware, the next one received the bridge option.
Huawei attention on this is zero.
Later I will post the screenshot.
Here the screenshot
(https://i.postimg.cc/KRQRmxCz/bridge.jpg) (https://postimg.cc/KRQRmxCz)
In the meanwhile I also connected a laptop directly to the modem, and ipconfig return this
ip4 automatic configuration 169.254.168.52
subnet 255.255.0.0
gateway 192.168.8.1 (this is also the ip addresse of the modem after factory reset)
I have never seen the 169.254.168.52
Well that's APIPA. The bridge mode description from the screenshot is not really useful at all. Try DHCP and a different LAN port. No idea how's that designed to work.
http://consumer.huawei.com/en/community/
Thank you for your support, I will try to ask on huawei forum (hoping on other users because manufacturer's support is terrible).
Quote from: FredFresh on September 07, 2024, 02:01:54 PM
Sorry, my mistake....the opnsense SHOULD see the public ip right? (didn't tried yet)...now the wan has a static ip4 ip, should i put PPPoE?
Place the modem in fully bridged mode and configure the opnsense WAN interface with IPv4 PPPoE, adding your login credentials at the "PPPoE configuration" section of the WAN interface page.
Quote from: FredFresh on September 07, 2024, 02:01:54 PMMy problem is that I have 3 vpn of the same provide implemented and working with a fall-back logic.
You will need to replicate this VPN configuration at the opnsense router. A bridged modem device would perform no routing. A double NAT configuration could break many services, not just VPN.
Hi fbantgat7,
the VPNs are already managed at OPNSENSE level.
The issue is that this is a mobile connection (4g) and usually there are no user/psw but only an APN.
On OPNSENSE, the only way to create a PPP with APN is using a mobile modem module, but it force you to choose an internal interface and not an ethernet interface.
Last time I used this setup a 4/5G modem the ISP provided CGNAT, so my suggestion would not work. If you set keep alives from your network hopefully the VPN will not drop out.
I was thinking that, even if I would be able to properly understand how the huawei modem works, I would still miss the chance to create a PPP connection using the APN through with the OPNSENSE, isn't it?
In this case it is not worth to spend more time
Well the crappy description suggests it should provide an IP address to ONE connected device (bridging the LTE WAN and LAN port). I.e., you should have ONLY your OPNsense box connected to some LAN port, and nothing else. Also, disable the Wifi altogether perhaps.
Setting up PPP on OPNsense is certainly not an option.
I already have that configuration, the huawei device is only connected to the opnsens, everything else is behind it.
QuoteSetting up PPP on OPNsense is certainly not an option.
This is what kills the idea.
Going back to the original problem, that probaby the double Nat is interfering with the VPNs, should I try to investigate the port forwarding option?
Another question, where should I post the request for improvement about opnsense? I found that restarting the modem, only the first vpn is restored, the other ones need my intervention (just performing a trace route to the gateways).
Thank you
Well it'd not kill the idea if the LTE router was not a piece of garbage. Really, even the description -
"you can only access the internet using mobile data". No sh*t, Sherlock... that's what the LTE is for, it's mobile data with bridge or not.
And you should have a look to the replies of their customer service...the nuke option could start to be a reasonable option...
Looking at the useless "manual", the rightmost RJ-45 port seems to be some sort of WAN port (how's that configured being unknown). If you are using that one by chance, as said, try a different port (preferably the one nearest to the power jack).
the modem has 4 lan port, the first one is also WAN in case you have also a DSL line.
On that side there is also the port for the phone (that doesn't work).
@doktornotor finally I won :D
The stupid trick was to factory reset the modem and immediately (without changing anything else) to set the bridge mode. Also you have to restart it, otherwise the settings is not effective.
The connection (PPP, APN, etc) is managed directly by the modem and I only had to set the wan to DHCP (everything else blank) and remove any DHCP reference inside the opnsense service.
Now, hopefully, I will see if the VPN dropping problem was due to the double NAT.
Thank you.
Quote from: FredFresh on September 07, 2024, 07:08:21 PM
The stupid trick was to factory reset the modem and immediately (without changing anything else) to set the bridge mode. Also you have to restart it, otherwise the settings is not effective.
Thanks. Adding this Huawei gem to my extensive "do not buy" list. :P
Which brand would you reccomend? I am thinking to upgrade to 5g modem as here the signal is quiet strong.
Not really sure. E.g., FRITZ!Box has some cool HW but feels like waste of money when you use that as a dumb bridge.
I tried a 4g modem from avm/fritz, good hw but definitely overpriced and not so good customer service. This huawei is properly doing his job....aside today. Newer huawei anyway are left behind by Tenda's modems.