GL-mifi ip passthrough for pfsense


#1

Hello,

I would like to use the GL-mifi has a failover WAN for my pfsense router. Is it possible to pass the WAN ip address directly to pfsense to avoid double NAT?

It seems Sierra Wireless and cradlepoint devices can do this.

Thanks


#2

can you send a link of the manual of Sierra or cradlepoint? Not sure how this work.


#3

Look at ip passthrough in https://cradlepoint.com/sites/default/files/cradlepoint_aer_3100_manual_07.27.15_2.pdf


#4

Thanks. I understand now. That is an Enterprise level device which can work as modem or router.

I am not sure how to implement in our current product. Will discuss with the engineering team about this. But don’t expect a solution recently.


#5

Any update on this? It will be killer feature.


#6

It supported bridge mode after v2.264, you can upgrade and try it. ip passthrough means transparent bridge, am I right?


#7

@alzhao Can you confirm that?


#8

This feature is also available on Netgear LTE router now.


#9

I don’t think we have bridge for modem and LAN. If we use bridge, mifi can only connect one device, right? The modem is generally cannot allocate multiple IP address.

@kyson-lok can you pls verify? Bridge modem and LAN.


#10

It can’t bridge to 4G dongle.


#11

The problem is: unless your LTE carrier is giving you a public dynamic or static IP, it doesn’t matter.

Most LTE is behind a carrier grade double NAT, so you’d need their routers to forward the data to the IP of your LTE modem, which they won’t do.

If you have a static public IP, then you can just get the MiFi to forward the ports to the next router, or create a DMZ. You don’t have to necessarily do an IP Passthrough.

I’ve got IP Passthrough working on several devices (not the MiFi), and I still can’t access the IP that AT&T or T-Mobile gives to me, because neither of my plans give me a public IP address.

You have to tunnel out through VPN, and port forward with the VPN server to the MiFi, and then port forward from the MiFi to whatever other router you have.


#12

My ISP gives out dynamic public ip address. IPPT would be immensely useful, otherwise you end up with double NAT which don’t go well with services like Voip.


#13

If you have a dynamic public, you can use dynamic DNS and you can still DMZ or port forward to the other router?


#14

Unfortunately port forward is not an option due to issue with double NAT.


#15

@kyson-lok, @alzhao Lede project seems to believe that IPPT is possible on GL-mifi. Is this only a software limitation?


#16

That guy lleachii is just saying “it appears” to be a GL limitation and should work, but has not seen how the PCIe and Switch has been wired up, if it’s even possible. He also did not give you an example of how it is done in generic OpenWRT.

@kyson-lok has already given you the answer “it is not possible to bridge to the 4G”.


#17

Teltonika has it in own software, NB based on old OpenWrt. They uses ebatables/dnsmasq to forward all packages to specific mac address.


#18

Mofi also support IP pass through and it is also based on openwrt. Why it is not possible in GLmifi?