Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Nishtha_Baria
Staff
Staff

Created on ‎09-26-2023 10:11 AM Edited on ‎08-16-2025 01:01 PM By Staff

Article Id 276094

Technical Tip: Troubleshooting 5G SIM cards and LTE modem issues on FortiGate using CLI commands

Description This article describes how to troubleshoot and diagnose issues related to 5G SIM cards and LTE modems on a FortiGate using Command Line Interface (CLI) commands.
Scope FortiGate, LTE.
Solution
FortiGates with a 5G SIM card and LTE modem support provide critical connectivity options for remote and backup networking. However, issues may arise that affect the functionality of these connections. Troubleshooting using the CLI can help diagnose and resolve such problems effectively.
 
Troubleshooting 5G SIM Card and LTE Modem Issues:
Log in to the FortiGate using SSH or another remote access method with administrative privileges.
 
  1. Collect Modem and SIM Card Information. Use the following commands to gather information about the connected 5G SIM card and LTE modem:

 

diagnose sys {lte-modem|5g-modem} modem-details

 

Displays detailed information about the connected LTE modem, including its model, firmware version, and other relevant details.

 

diagnose sys {lte-modem|5g-modem} sim-info

 

Provides information about the SIM card inserted into the LTE modem, including ICCID (Integrated Circuit Card Identifier), IMSI (International Mobile Subscriber Identity), and other SIM-related details.

 

diagnose sys {lte-modem|5g-modem} signal-info

 

Shows signal strength and quality information for the LTE modem, including metrics like RSSI (Received Signal Strength Indicator) and RSRP (Reference Signal Received Power).

 

diagnose sys {lte-modem|5g-modem} data-session-info

 

Displays data traffic statistics for the LTE/5G modem connection:

 

diagnose sys {lte-modem|5g-modem} traffic-status

 

Provides details about the active data session on the LTE modem, including IP address assignment and session status.

 

execute lte-modem wireless-profile list

execute 5g-modem carrier-config list

 

List the available wireless profiles for the LTE modem, which may include APN (Access Point Name) settings and other wireless configuration parameters.

 

fnsysctl ifconfig wwan

 

Displays information about the WWAN (Wireless Wide Area Network) interface, which is often associated with LTE modem connectivity.

 

  1. Check Network Connectivity: Use standard networking tools like 'ping' and 'traceroute' to test connectivity from the FortiGate device to external destinations via the 5G SIM card and LTE modem connection. This can help pinpoint where connectivity issues are occurring.
 
execute ping <destination-ip>
execute traceroute <destination-ip> <----- Replace `<destination-ip>` with the IP address to test connectivity to.
 
  1. Enable LTE Debugging. To gather more detailed information for troubleshooting, enable LTE debugging using the following commands:

 

diagnose debug disable
diagnose debug reset
diagnose debug console time enable
diagnose debug application lted -1
diagnose debug application nr5gd -1
diagnose debug enable
 
  1. Monitor LTE Debug Output. Wait for about 5 minutes while the debugging output is generated. During this time, periodically run the following command to view the LTE daemon debug output and gather information about potential issues (needs to be run from global VDOM):

 

diagnose test application {lted|nr5gd} 9

 

  1. Disable LTE Debugging. After collecting sufficient debugging information, disable LTE debugging using the following command:

 

diagnose debug disable

 
The following commands can be used to power off and power on the Modem: 
 
execute lte-modem power-off
execute lte-modem power-on
 
The modem can also be rebooted with the following command:
 
execute lte-modem reboot
 
Conclusion:
Troubleshooting 5G SIM card and LTE modem issues on a FortiGate using CLI commands can help identify and resolve various problems that may affect network connectivity. Following these steps and reviewing the relevant information will assist in efficiently diagnosing and addressing connectivity issues.
Always exercise caution when running debugging commands and perform these changes during a maintenance window to minimize disruption to FortiGate operations.

Note:
In 4G and above, the circuit-switched infrastructure is abandoned, and only a packet-switched network is provided.
 
Note:

If wwan can not get IP, and nr5gd debug shows similar output:

 

[NR5G_MODEM1]ST_modem_signal_searching(461)-1623: Modem1_SM could not attach to tower
[NR5G_MODEM1]ST_modem_signal_searching(462)-1623: Modem1_SM nas_ps_attach_state:QMI_NAS_DETACHED
[NR5G_MODEM1]ST_modem_signal_searching(463)-1623: Modem1_SM nas_reg_state:QMI_NAS_NOT_REGISTERED
[NR5G_MODEM1]ST_modem_signal_searching(465)-1623: Modem1_SM:Execution {[ST_MODEM_SIGNAL_SEARCHING]} time of state took 192 ms

 

Try setting carrier-config manually as below and see if it resolves the issue:

 

config system 5g-modem

    config modem1

        set carrier-config manual

    end

end


execute 5g-modem carrier-config switch 1 <----- Generic PTCRB.

 

Related article:

Technical Tip: Setting up Access Point Name (APN) on FortiGate 3G4G and 5G devices

 

Labels:
11523
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.