Modem (5.6.1)

Modem (5.6.1)

New modem features added to FortiOS 5.6.1.

New modem features (422266)

New FortiOS 5.6.1 modem features include:

  • The ability to edit wireless profiles stored on EM7x modems from FortiOS. l GPS support. l MIB for internal LTE modems. l Syslog messages for internal LTE modems.
  • More status information displayed by the diagnose sys lte-modem command l New modem-related MIB entities.

config system let-modem command changes

The mode, interface, and holddown-timer options of the config system lte-modem command have been removed. These options are no longer needed. Instead, use SD-WAN for redundant interfaces. The config system lte-modem command includes the following options status Enable/disable USB LTE/WIMAX device. extra-init Extra initialization string to USB LTE/WIMAX device.

manual-handover Enable/Disable manual handover from 3G to LTE network. If enabled, the FortiGate switches the modem firmware to LTE mode if the modem itself fails to do so after 5 loops.

force-wireless-profile Force the modem to use the configured wireless profile index (1 – 16), 0 if don’t force. If your FortiGate includes an LTE modem or if an LTE modem is connected to it you can use the execute lte-modem command to list the LTE modem profiles. Use this command to select one of these wireless profiles.

Modem (5.6.1)

Wireless profiles contain detailed LTE modem data session settings. In each modem, a maximum of 16 wireless profiles can be stored, any data connections are initiated using settings from one of the stored wireless profiles. To make a data connection, at least one profile must be defined. Here is a sample wireless profile table stored in one of the internal modems:

FG30EN3U15000025 # execute lte-modem wireless-profile list
ID    Type Name                 APN                   PDP_Type Authen Username
*1   0     profile1            vzwims                3 0
2    0     profile2            vzwadmin              3 0
3    0     profile3            VZWINTERNET           3 0
4    0     profile4            vzwapp                3 0
5    0     profile5            vzw800                3 0
9    0     profile9            vzwims                2 0
10 0        profile10            vzwadmin              0 0
11 0        profile11            VZWINTERNET           0 0
12 0        profile12           vzwapp                3 0
13 0        profile13                                 0

Profile Type:

0  ==> QMI_WDS_PROFILE_TYPE_3GPP

1  ==> QMI_WDS_PROFILE_TYPE_3GPP2

* ==> Default 3GPP Profile, # ==> Default 3GPP2 Profile Profile PDP Type:

0  ==> QMI_WDS_PDP_TYPE_IPV4

1  ==> QMI_WDS_PDP_TYPE_PPP

2  ==> QMI_WDS_PDP_TYPE_IPV6

3  ==> QMI_WDS_PDP_TYPE_IPV4_OR_IPV6

Authentication:

0  ==> QMI_WDS_AUTHENTICATION_NONE

1  ==> QMI_WDS_AUTHENTICATION_PAP

2  ==> QMI_WDS_AUTHENTICATION_CHAP

0
3 ==> QMI_WDS_AUTHENTICATION_PAP|QMI_WDS_AUTHENTICATION_CHAP

authtype Authentication type for PDP-IP packet data calls. apn Log in APN string for PDP-IP packet data calls. modem-port Modem port index (0 – 20). network-type Set wireless network. auto-connect Enable/disable Modem auto connect. gpsd-enabled Enable/disable GPS daemon. data-usage-tracking Enable/disable data usage tracking.

gps-port Modem port index (0 – 20). Specify the index for GPS port, by default it is set to 255 which means to use the system default.

execute lte-modem command changes

The following options are available for the execute lte-modem command:

Modem (5.6.1)

cold-reboot Cold reboot LTE Modem, which means power off the internal modem and power it on again after 1 second.

get-modem-firmware get-modem-firmware get-pri-firmware get-pri-firmware power-off Power off LTE Modem. power-on Power on LTE Modem. purge-billing-data Purge all existing LTE Modem billing data. reboot Warm reboot LTE Modem.

set-operation-mode Set LTE Modem operation mode to online or offline.

wireless-profile wireless-profile

cold-reboot, power-off, power-on, set-operation-mode, and wireless-profile are new in

FortiOS 5.6.1.

New execute lte-modem wireless-profile command

The following options are available for the execute lte-modem wireless-profile command:

create Create a wireless profile. You use the create command to create an LTE modem profile by providing a name and supplying settings for the profile. The command syntax is:

execute lte-modem wireless-profile create <name> <type> <pdp-type> <apn-name> <auth-type> [<user> <password>]

<name> Wireless profile name of 1 to 16 characters.

<type> Wireless profile type: l 0 for 3GPP profiles. l 1 for 3GPP2 profiles.

<pdp-type> Wireless profile PDP type.

  • 0 for IPv4 l 1 for PPP l 2 for IPv6 l 3 for IPv4v6

<apn-name> Wireless profile APN name, 0 to 32 characters.

<auth-type> Wireless profile authentication type.

  • 0 for no authentication. l 1 for PAP l 2 for CHAP l 3 for PAP and CHAP

[<user> <password>] Wireless profile user name and password (1 to 32 characters each). Not required if <auth-type> is 0.

For example, use the following command to create an LTE modem 3GPP IPv4 profile named myprofile6. This profile uses the APN profile named p6apn that uses PAP and CHAP authentication.

Modem (5.6.1)

execute lte-modem wireless-profile create myprofile 0 0 myapn 3 myname mypasswd

delete <profile-number> Delete a wireless profile from the Modem. Speficy profile ID of the profile to delete.

list List all the wireless profiles stored in the Modem. If the modem is busy the list may not display. If this happens just repeat the command. It may take a few attempts.

modify Modify a wireless profile using the same settings as the create command except the first option is the profile ID . You can find the profile ID for each profile by listing the profiles using the execute lte-modem wireless-profile list command. For example, to modify the profile created above to change it to an IPv4v6 profile, change the APN proflie to yourapn, and set the authentication type to PAP enter the following command (assuming the profile ID is 6): execute lte-modem wireless-profile modify 6 myprofile 0 3 yourapn 1 myname mypasswd

test Test wireless profiles.

Static mode for wwan interface removed (440865)

When configuring the wireless modem wwan interface from the CLI the mode can only be set to DHCP. Static addressing for the wwan interface is not supported so the static option has been removed.

Networking (5.6.1)

This entry was posted in FortiOS 5.6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.