Hi all,
For a more-or-less, zero-budget, DR cold site config, I am hoping to get away with using an old FG200B firewall running latest possible firmware v5.2.13 and get an Internet connection via a 4G modem. I know this is likely to be pushing the limits, but it may be worth a try.
Are there any Australian-based readers who might be able to give me a heads-up on a modem device and/or 4G data services that are known to work okay with similar hardware?
Or would I be better off to buy a low-end FG60 or something similar running v5.6 or later firmware (am kind of expecting a resounding YES to that question)?
I've had a look at a service from Zettanet (https://www.zetta.net.au/services/internet/mobile-broadband/) but am not sure what sort of modem to pair it with.
Cheers,
Steve
I spent most of Friday afternoon fiddling with some old 4G modems and the FG200B running v5.2.13 but I wasn't able to get anything functioning. i.e. the modems just showed "initialising..." and never connected.
Plan B is about to spring into operation, namely to purchase a Netgear LB2120 4G LTE modem and try it in Bridged mode.
Got the Netgear modem. Working just as an LTE 4G Router/Modem, I have connectivity, however I am at the mercy of double-NAT. Modem purports to be able to handle Bridge mode, but I have not been able to get that working just yet.
Does anyone have a Fortigate running with a 4G LTE modem in Bridge Mode and would be prepared to share some details of the config? I'd like to know whether there are any particular settings on the Fortigate required to make this work.
ECHO ... Echo ... echo ...
Well I've managed to get the Netgear LB2120 working in Bridge Mode with the Fortigate FG200B v5.2.13 ... in case anyone else ever needs to know:
1. configure LB2120 modem in default Router mode with desired settings (APN, Private IP Address)
2. switch modem into Bridge mode
3. setup FG200B port with IP Address corresponding to the static Public IP Address assigned by my ISP to my 4G SIM (the modem passes this Public IP Address to the Fortigate via IPPT) and use netmask 255.255.255.0
4. cable LB2120 modem LAN port to Fortigate port
5. set Static Route in Fortigate pointing 0.0.0.0/0.0.0.0 to the Public IP Address on Fortigate port
Seems to work pretty well.
Next experiment is to get a 2nd SIM and Modem and see if I can run them as WAN1 and WAN2. As this is for a DR scenario, it would be nice to have the flexibility of 2 x separate services, so 2 x public IPs that I can reference. Not sure if I want to try SD-WAN config or not.
Hey,
how do you manage the LB2120 after it is set in Bridgemode? Over which ip address you can access the web config tool in bridge modè?
regards
To be honest, I can't remember whether I tried accessing the LB2120 afterwards. All the gear is stored away at our DR site now, so I can't easily check it either.
I did try a 2nd modem, to see if I could get them to work together, but I couldn't get it working unfortunately, probably due to a lack of skills on my part probably.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.