settings for WAN and Huawei LTE modem in bridge mode

[FredFresh]

Hi fbantgat7,

the VPNs are already managed at OPNSENSE level.

The issue is that this is a mobile connection (4g) and usually there are no user/psw but only an APN.

On OPNSENSE, the only way to create a PPP with APN is using a mobile modem module, but it force you to choose an internal interface and not an ethernet interface.

[fbantgat7]

Last time I used this setup a 4/5G modem the ISP provided CGNAT, so my suggestion would not work.  If you set keep alives from your network hopefully the VPN will not drop out.

[FredFresh]

I was thinking that, even if I would be able to properly understand how the huawei modem works, I would still miss the chance to create a PPP connection using the APN through with the OPNSENSE, isn't it?

In this case it is not worth to spend more time

[doktornotor]

Well the crappy description suggests it should provide an IP address to ONE connected device (bridging the LTE WAN and LAN port). I.e., you should have ONLY your OPNsense box connected to some LAN port, and nothing else. Also, disable the Wifi altogether perhaps.

Setting up PPP on OPNsense is certainly not an option.

[FredFresh]

I already have that configuration, the huawei device is only connected to the opnsens, everything else is behind it.

Setting up PPP on OPNsense is certainly not an option.

This is what kills the idea.

Going back to the original problem, that probaby the double Nat is interfering with the VPNs, should I try to investigate the port forwarding option?

Another question, where should I post the request for improvement about opnsense? I found that restarting the modem, only the first vpn is restored, the other ones need my intervention (just performing a trace route to the gateways).

Thank you

[doktornotor]

Well it'd not kill the idea if the LTE router was not a piece of garbage. Really, even the description -
"you can only access the internet using mobile data". No sh*t, Sherlock... that's what the LTE is for, it's mobile data with bridge or not.

[FredFresh]

And you should have a look to the replies of their customer service...the nuke option could start to be a reasonable option...

[doktornotor]

Looking at the useless "manual", the rightmost RJ-45 port seems to be some sort of WAN port (how's that configured being unknown). If you are using that one by chance, as said, try a different port (preferably the one nearest to the power jack).

[FredFresh]

the modem has 4 lan port, the first one is also WAN in case you have also a DSL line.
On that side there is also the port for the phone (that doesn't work).

[FredFresh]

@doktornotor finally I won :D

The stupid trick was to factory reset the modem and immediately (without changing anything else) to set the bridge mode. Also you have to restart it, otherwise the settings is not effective.

The connection (PPP, APN, etc) is managed directly by the modem and I only had to set the wan to DHCP (everything else blank) and remove any DHCP reference inside the opnsense service.

Now, hopefully, I will see if the VPN dropping problem was due to the double NAT.

Thank you.

[doktornotor]

The stupid trick was to factory reset the modem and immediately (without changing anything else) to set the bridge mode. Also you have to restart it, otherwise the settings is not effective.

Thanks. Adding this Huawei gem to my extensive "do not buy" list.  :P

[FredFresh]

Which brand would you reccomend? I am thinking to upgrade to 5g modem as here the signal is quiet strong.

[doktornotor]

Not really sure. E.g., FRITZ!Box has some cool HW but feels like waste of money when you use that as a dumb bridge.

[FredFresh]

I tried a 4g modem from avm/fritz,  good hw but definitely overpriced and not so good customer service. This huawei is properly doing his job....aside today. Newer huawei anyway are left behind by Tenda's modems.