DescriptionThis article describes the steps to configure a USB modem to act as a redundant interface in the case of WAN link failure. It includes configuration steps and a short list of troubleshooting commands.
ScopeAll FortiGates with USB port.
SolutionCLI configuration
1. Enable and configure modem with related parameters like phone number, username, password or init string and set it to redundant mode towards WAN1 interface.
config system modem
set status enable
set phone1 "*99***1#"
set username1 "username from provider"
set passwd1 "password given by provider"
set init-string "Specific_modem_init_string"
set mode redundant
set interface "wan1"
set distance 50
end
2. Configure link monitor if FortiOS 5.2 is used or gw-detect for FortiOS 5.0 to monitor WAN1 interface.
config system link-monitor (if FortiOS 5.2 is used)
edit "WAN1"
set srcintf "wan1"
set server "8.8.8.8"
next
end
config router gwdetect (if FortiOS 5.0 is used)
edit 1
set interface "wan1"
set server "8.8.8.8"
next
end
Verification of Configuration and troubleshooting
1. Verify if modem is correctly detected and recognized by FortiGate.
# diagnose sys modem detect
modem is attached.
dialtone is detected.
# diagnose sys modem external-modem
External modem vendor: Huawei
External modem model : E1692
2. Check link-monitor (gwdetect) status for monitored interface.
# diag sys link-monitor status
Link Monitor: 1 Status: alive Create time: Wed Feb 11 00:28:08 2015
Source interface: wan1 (5)
Interval: 5, Timeout 1
Fail times: 0/5
Send times: 0
Peer: 8.8.8.8(8.8.8.8)
Source IP(192.168.196.82)
Route: 192.168.196.82->8.8.8.8/32, gwy(192.168.196.254)
protocol: ping, state: alive
3. Check that correct default routing via WAN1 is used.
FWF60C3G12006121 # get router info routing-table database
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
> - selected route, * - FIB route, p - stale info
S *> 0.0.0.0/0 [5/0] via 192.168.196.254, wan1
C *> 192.168.1.0/24 is directly connected, lan
C *> 192.168.196.0/24 is directly connected, wan1
4. Once link-monitor registers that monitored interface is down modem is initiated and redundant connection will take place.
# diag sys link-monitor status
Link Monitor: 1 Status: die Create time: Wed Feb 11 00:28:08 2015
Source interface: wan1 (5)
Interval: 5, Timeout 1
Fail times: 1/5
Send times: 1
Peer: 8.8.8.8(8.8.8.8)
Source IP(192.168.196.82)
Route: 192.168.196.82->8.8.8.8/32, gwy(192.168.196.254)
protocol: ping, state: die
FWF60C3G12006121# get router info routing-table database
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
> - selected route, * - FIB route, p - stale info
S *> 0.0.0.0/0 [50/0] via 10.64.64.64, modem
S 0.0.0.0/0 [5/0] via 192.168.196.254, wan1 inactive
C *> 10.37.34.7/32 is directly connected, modem
C *> 10.64.64.64/32 is directly connected, modem
Troubleshooting commands
# get router info routing-table database
# diag sys link-monitor status
# diag sys modem history
# diag debug application modemd -1
# diag deb app ppp -1
#diag sys modem cmd {AT-command>