Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mkhabbazi
Staff
Staff

Created on ‎03-17-2025 01:12 AM Edited on ‎03-17-2025 11:00 PM By Community Manager

Article Id 382640

Technical Tip: WWAN interface is Down after the Firmware Upgrade of FortiGate

Description This article addresses the issue where WWAN/LTE connection may become unavailable following a FortiGate upgrade. 
Scope FortiGate-3G/4G modem v7.4.7 or  v7.6.2.
Solution

After upgrading the FortiGate to v7.4.7 or v7.6.2, the device will try to establish IPV6 data sessions but carriers like Firstnet/ATT do not support IPV6 PDP on APNs and cannot provision an LTE connection. 

 

Below is an example of the error captured from the LTE debug on FortiGate. 

 

diagnose test application lted 20 

di test app lted 3 

 

update_modem_status(544)-234: Modem activated success but connection check fails! 544 
 
#usb_qmi_wwan_active_modem(868)-234: Activate modem! PDP Type: QMI_WDS_PDP_TYPE_IPV4_OR_IPV6 

#usb_qmi_wwan_set_ip_family(244)-234: Set IP family QMI_WDS_IP_FAMILY_IPV6 for client 19 

#Call end Verbose reason =  QMI_WDS_VERBOSE_CALL_END_REASON_TYPE_INTERNAL, Q 

MI_WDS_VERBOSE_CALL_END_REASON_INTERNAL_PDN_IPV6_CALL_DISALLOWED 

Modem activation failed! 

 

On Firmware versions before v7.4.5, there is no option to choose pdptype. On firmware v7.4.5 and above, there is an option to select the pdptype ‘IPV4’ 

 

Configure the pdptype to address this issue. 
 

config sys lte-modem 
    set pdptype IPV4    
end 
 

A reboot of the lte modem must be performed after the above change is applied. 

 
exe lte-modem cold-reboot 
 

Post reboot, verify that the following output displays a Connected status:


di sys lte-modem data-session-info 
IPV4 connection : QMI_WDS_CONNECTION_STATUS_CONNECTED  

Note:

In v7.4.x and v7.6.x, auto-connect can conflict with the internal modem profile negotiation. With auto-connect enable, FortiGate tries to automatically negotiate the connection as soon as the modem registers, using any profile detected, and often ignores the pdptype IPv4 inthe  setting and still attempts IPv6 or IPV4/V6.

 

By disabling auto-connect, the FortiGate will be forced to wait until the manual connection (diagnose sys lte-modem connect) or traffic trigger, and in that manual process, the profile configuration is applied more accurately, including PDP type.

 

config system lte-modem
    set force-wireless-profile < Wireless profile ID>
    set auto-connect disable
end


After that, the WWAN interface will be up.
145
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.