Custom Modem Interface
I all I have two different fiber connections at our location, and everything works wonderfully. We recently had our demarcation room flood causing all carrier equipment to get wiped out. To work around this, we are getting T-Mobile business internet. They are sending this device https://inseego.com/products/5g-indoor-routers/fx4100/#product-specifications
My plan is to put it into bridge mode and add it as an extra interface on my M290. However, for the VPN's I don't want to leverage those as on the Azure side there is no way to change BGP priority, so everything is ECMP always. I noticed a modem interface can be used to come online for a bovpn interface. However, that looks like a USB device...
Is there a way to create a custom modem interface that only brings up a site to site tunnel on this third external interface that is driven by this 5G modem over ethernet only when the first two connections are offline? Or is my only option to bring the interface up manually if an issue arises?
Comments
Hi @AschildmeyerSTR
For this type of setup you'd need to use multi-wan in failover mode, and put the interface with the cellular device on the very bottom of the list.
(About Multi-WAN)
https://www.watchguard.com/help/docs/help-center/en-us/Content/en-US/Fireware/multiwan/multiwan_about_c.html
(Configure the Failover Multi-WAN Method)
https://www.watchguard.com/help/docs/help-center/en-us/Content/en-US/Fireware/multiwan/failover_configure_c.html
Please note that in this type of configuration:
-The firebox will keep the interface "up" and will send pings to the cellular device's default gateway or an IP you define. Make sure it responds to these pings, or the firewall will think that the interface is down.
-James Carson
WatchGuard Customer Support