Well, some unexpected things have happened that pushed us back to 4th and long at our 1… I managed to acquire the USB800, and once it arrived I immediately plugged it into the USB extension I had the MF861 plugged into and… it went into a boot loop with pfSense. I was understandably somewhat disappointed when it worked just fine with the GPD Micro PC and my Windows 10 laptop. Not to be defeated, I loaded OpenWrt on an SD card and booted the APU2 with that, and the LTE card worked! Great, time to hammer at manual IPsec configuration… and hammer at it… After being just plain frustrated at that, I loaded up if_urndis.ko from FreeBSD 11.2 in a hope for the USB800 to work with pfSense, but that didn’t work either. What was I to do? See if I could wrangle OpenWrt into talking to the high crypto levels on the datacenter firewall? Find another distribution? Well, I found a different solution: I Googled “SonicWall USB800” and a KB article on SonicWall’s site mentioned that the latest SonicOS, 6.5.4.5, supported it. To eBay I went, where a TZ300 Wireless-AC (TZ300W) was up for $100. I put my bid in and won it on Friday. It arrived via the post today, so once I got home from work I unboxed it and got started.
I’ve configured a bunch of SonicWall firewalls at work over the last couple of years, so I’m familiar with the configuration process. Once it’s unboxed (and reset in this case), register it. Sadly this one was already registered, so I reached out to our rep for help and if I should put a ticket in or not. As expected, I put a ticket in to get it transferred to my personal MySonicWall account, so we’ll see how long that takes with the holiday over the next few days.
Anyway, after a little bit of “OK, why is this so slow?” that cleared up later, the firewall is configured nicely with the LTE modem connected via the extension. It’s set up as the secondary connection in the failover/load balancer, so if I found a hotel with an Ethernet port, I would be able to plug in without issue. Same with running a travel router in WiFi client mode if needed. One minor potential problem: the wireless is either 2.4 GHz or 5 GHz, not both simultaneously. Oh well, it shouldn’t be an issue: it’s almost 2020, why the heck are you still using a single-band device unless there’s no other option? If needed I can drop it back to 2.4 GHz, though that is most definitely not the preferred band.
I’m currently downloading something rather large from Steam using both wired and wireless, and that will give a very good metric for stability. I’ll need to run over by the Galleria to do a multi-device test sometime, and I still will be making a proper “let’s wander around Galleria and Environs” field trip after the first of the year with the MicroPC and the USB800. However, I was over there one day last week and actually brought the MicroPC and USB800 with me and it was quite acceptable. Admittedly, this may be unnecessary but hey, it’s a fun way to kill a few hours on a Saturday.
At any rate, the basic plan is to run this with all security services disabled and DPI disabled as well. I’m very glad I waited to redo the Pelican case’s foam as this is likely to be the preferred firewall going forward. A pity I couldn’t get the APU2 working with OpenWrt: it’s okay though, I’ll figure out a use for it!
Have a great rest of the year!