Fortinet black logo

Handbook

Home FortiGate / FortiOS 6.0.0 Handbook

Setting up your supported PPP modem

6.0.0
6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:215097
Download PDF

Setting up your supported PPP modem

Connect your modem by plugging it into the FortiGate USB slot. The modem will power up and once it starts, if the modem is supported its name should appear in the Modem field in the Wireless Modem section of the Network > Modem page.

To configure modem settings, go to Network > Modem.

If your modem is supported by FortiOS, configuring modem settings by entering the ISP phone number, user name and password. Depending on the modem, additional information may need to be supplied such as product identifiers, and initialization strings.

Each USB modem has a specific dial-out port. This will be indicated with the documentation for your modem. You can use the following command to change the USB port:

config system modem

set wireless-port {0 | 1 | 2}

end

To test the port, use the diagnose command:

diagnose sys modem com /1

The 1 will be the value of your USB port selected. The response will be:

Serial port: /dev/1

Press Ctrl+W to exit.

If the port does not respond the output will be:

Can not open modem device ‘/dev/1’ : Broken pipe

Configuring standalone mode

Configuring standalone mode is a matter of configuring the modem information and the dialing mode. The dial mode is either Always Connect or On demand. Selecting Always Connect ensures that once the modem has connected, it remains connected to the ISP. Selecting On Demand, the modem only calls the ISP if packets are routed to the modem interface. Once sent, the modem will disconnect after a specified amount of time.

To configure standalone mode
  1. Go to Network > Modem.
  2. Select the Mode of Standalone.
  3. Select the Dial Mode of On Demand.
  4. Optionally set the Redial Limit to limit how many times the modem redials if it can't connect.
  5. Select Apply.

Configuring redundant mode

Redundant mode provides a backup to an interface, typically to the internet. If that interface fails or disconnects, the modem automatically dials the configured phone number(s). Once connected, the FortiGate unit routes all traffic to the modem interface until the monitored interface is up again. The FortiGate unit pings the connection to determine when it is back online.

For the FortiGate to verify when the interface is back up, you need to configure a Ping server for that interface. You will also need to configure security policies between the modem interface and the other interfaces of the FortiGate unit to ensure traffic flow.

To configure redundant mode as needed - GUI
  1. Go to Network > Modem.
  2. Select the Mode of Redundant.
  3. Select the interface the modem is Redundant for if it fails.
  4. Select the Dial Mode of On Demand.
  5. Optionally set the Redial Limit to limit how many times the modem redials if it can't connect.
  6. Select Apply.

Link Health Monitor

Adding a link health monitor is required for routing fail over traffic. A link health monitor will confirm the connectivity of the device’s interface

To add a link health monitor

config system link-monitor

edit “Example1”

set srcint <Interface_sending_probe>

set server <ISP_IP_address>

set protocol <Ping or http>

set gateway-ip <the_gateway_IP_to_reach_the_server_if_required>

set failtime <failure_count>

set interval <seconds>

set update-cascade-interface enable

set update-static-route enable

set status enable

end

Modem interface routing

The modem interface can be used in FortiOS as a dedicated interface. Once enabled and configured, you can use it in security policies and define static and dynamic routing. Within the CLI commands for the modem, you can configure the distance and priority of routes involving the modem interface. The CLI commands are:

config system modem

set distance <route_distance>

set priority <priority_value>

end

Previous
Next

Setting up your supported PPP modem

Connect your modem by plugging it into the FortiGate USB slot. The modem will power up and once it starts, if the modem is supported its name should appear in the Modem field in the Wireless Modem section of the Network > Modem page.

To configure modem settings, go to Network > Modem.

If your modem is supported by FortiOS, configuring modem settings by entering the ISP phone number, user name and password. Depending on the modem, additional information may need to be supplied such as product identifiers, and initialization strings.

Each USB modem has a specific dial-out port. This will be indicated with the documentation for your modem. You can use the following command to change the USB port:

config system modem

set wireless-port {0 | 1 | 2}

end

To test the port, use the diagnose command:

diagnose sys modem com /1

The 1 will be the value of your USB port selected. The response will be:

Serial port: /dev/1

Press Ctrl+W to exit.

If the port does not respond the output will be:

Can not open modem device ‘/dev/1’ : Broken pipe

Configuring standalone mode

Configuring standalone mode is a matter of configuring the modem information and the dialing mode. The dial mode is either Always Connect or On demand. Selecting Always Connect ensures that once the modem has connected, it remains connected to the ISP. Selecting On Demand, the modem only calls the ISP if packets are routed to the modem interface. Once sent, the modem will disconnect after a specified amount of time.

To configure standalone mode
  1. Go to Network > Modem.
  2. Select the Mode of Standalone.
  3. Select the Dial Mode of On Demand.
  4. Optionally set the Redial Limit to limit how many times the modem redials if it can't connect.
  5. Select Apply.

Configuring redundant mode

Redundant mode provides a backup to an interface, typically to the internet. If that interface fails or disconnects, the modem automatically dials the configured phone number(s). Once connected, the FortiGate unit routes all traffic to the modem interface until the monitored interface is up again. The FortiGate unit pings the connection to determine when it is back online.

For the FortiGate to verify when the interface is back up, you need to configure a Ping server for that interface. You will also need to configure security policies between the modem interface and the other interfaces of the FortiGate unit to ensure traffic flow.

To configure redundant mode as needed - GUI
  1. Go to Network > Modem.
  2. Select the Mode of Redundant.
  3. Select the interface the modem is Redundant for if it fails.
  4. Select the Dial Mode of On Demand.
  5. Optionally set the Redial Limit to limit how many times the modem redials if it can't connect.
  6. Select Apply.

Link Health Monitor

Adding a link health monitor is required for routing fail over traffic. A link health monitor will confirm the connectivity of the device’s interface

To add a link health monitor

config system link-monitor

edit “Example1”

set srcint <Interface_sending_probe>

set server <ISP_IP_address>

set protocol <Ping or http>

set gateway-ip <the_gateway_IP_to_reach_the_server_if_required>

set failtime <failure_count>

set interval <seconds>

set update-cascade-interface enable

set update-static-route enable

set status enable

end

Modem interface routing

The modem interface can be used in FortiOS as a dedicated interface. Once enabled and configured, you can use it in security policies and define static and dynamic routing. Within the CLI commands for the modem, you can configure the distance and priority of routes involving the modem interface. The CLI commands are:

config system modem

set distance <route_distance>

set priority <priority_value>

end

Previous
Next