Setting up MangOH Red as Router to Cellular Gateway

Objective: Configure a MangOH to route cellular internet data to/from other network interfaces. For example the image below shows how we will route traffic to/from the ethernet IoT slot to/from the cellular gateway.

IMG_2399.jpg480×640 102 KB

Solution: To configure the MangOH to route data to/from network interfaces to/from the public cellular interface execute the following steps:

A. For wired interfaces, i.e. eth0 run the following steps:

1. Download the cfg_gateway.sh script to the MangOH device (also found under /scripts in the
   MangOH GitHub) using the following:
   scp ./scripts/cfg_gateway.sh root@192.168.2.2:/tmp/.

2. ssh or console into the MangOH device.
   ssh root@192.168.2.2

3. Move to the /tmp directory (or directory where the cfg_gateway.sh script was copied to above)
   cd /tmp

4. Run the cfg_gateway.sh script
   ./cfg_gateway.sh

5. An example run of executing the script is shown below (note the default parameters are used):

david@sw-dclark:~/MTPublic4.3.0$ ssh root@192.168.2.2
root@swi-mdm9x28:~# cd /tmp
root@swi-mdm9x28:/tmp# chmod +x cfg_gateway.sh
root@swi-mdm9x28:/tmp# ./cfg_gateway.sh
MangOH gateway configuration
Enter WAN (cellular) interface (default: rmnet_data0):
WAN interface rmnet_data0
Enter LAN interface (default: eth0):
LAN interface eth0
Enter LAN IP (default: 192.168.20.1):
IP address (192.168.20.1)
Enter LAN Net Mask (default: 255.255.255.0):
net mask (255.255.255.0)
Mounting LAN interface ‘eth0’ IP: ‘192.168.20.1’, net mask: ‘255.255.255.0’
Check SIM inserted…
SIM card is inserted and unlocked (LE_SIM_READY).

Mounting the relay interface ‘rmnet_data0’…
Enabling the radio on ‘rmnet_data0’…
Radio power is already set to ON.
Enter APN (default: internet.sierrawireless.com):
Enabling the data connection on ‘rmnet_data0’ using APN ‘internet.sierrawireless.com’…
Setting up profile 1
Setting access point name … ok
Setting packet data protocol … ok
Setting Authentication … ok
Connecting … ok
Checking if device is up … ok
Routing … ok
Updating /etc/resolv.conf … ok
Updating /etc/resolv.conf … ok
Testing connection … Waiting for data connection on ‘rmnet_data0’…
Relay interface ‘rmnet_data0’ IP address is ‘100.71.221.227’
ok
Cleaning IP tables…
Enabling IP forwarding…
net.ipv4.ip_forward = 1
Configuring the NAT…
Configure DHCP server (Y/n): Y
Enter start IP (default: 192.168.20.10):
IP address (192.168.20.10)
Enter end IP (default: 192.168.20.100):
IP address (192.168.20.100)
Reconfiguring the DHCP server…
stopping DNS forwarder and DHCP server: dnsmasq… stopped /usr/bin/dnsmasq (pid 1196)
done.
Generating the configuration file ‘/tmp/dnsmasq.eth0.conf’ for the DHCP server…
Restarting the DHCP server…
starting DNS forwarder and DHCP server: dnsmasq… done.
MangOH gateway configuration completed

6. You can verify that the interface is up with the given parameters using ifconfig as shown below:

root@swi-mdm9x28:/tmp# ifconfig eth0
eth0 Link encap:Ethernet HWaddr AE:BA:5B:62:58:29
inet addr:192.168.20.1 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::acba:5bff:fe62:5829/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:991 errors:0 dropped:0 overruns:0 frame:0
TX packets:1168 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:240898 (235.2 KiB) TX bytes:811303 (792.2 KiB)

B. For wireless interfaces, i.e. wlan0 (TI) or wlan1 (MT7692) run the following steps to configure a WiFi Access Point (AP):

1. First follow the instructions for setting up the WiFi found on the MangOH Red Wiki (note that if the TI WiFi is used then the first 2 sections on this wiki can be skipped as they are required only for MediaTek7692 WiFi):

2. Check if the WiFi AP web service is running using ‘app status’

root@swi-mdm9x28:/tmp# app status
[running] atAirVantage
[running] atQmiLinker
[running] atService
[running] audioService
[running] avcService
[running] cellNetService
[running] dataConnectionService
[running] fwupdateService
[running] gpioService
[running] modemService
[running] portService
[running] positioningService
[running] powerMgr
[running] secStore
[stopped] smsInboxService
[stopped] spiService
[stopped] tools
[stopped] voiceCallService
[stopped] wifi
[stopped] wifiApTest
[stopped] wifiClientTest
[running] wifiService
[stopped] wifiWebAp

2. If the WiFi AP web service is stopped then start the web service using ‘app start wifiWebAp’

3. From a web browser on a laptop/desktop PC connected to CF3 USB port on the MangOH goto the following local URL which can be used to configure the MangOH WiFi interface (wlan0, wlan1) as an AP:
   http://192.168.2.2:8080/

Summary: The attached script which can also be found on the MangOH GitHub web site can be used to configure the MangOH as a gateway.

For example, when I tested the script I wanted to create a gateway between the ethernet IoT slot (eth0) and the cellular interface (rmnet_data0). After running the script I was able to connect my lap top to the ethernet port on the MangOH Red IoT slot and use the cellular interface (rmnet_data0) for internet access.

cfg_gateway.sh (8.3 KB)

Cool use case and tutorial . Thanks for sharing @dclark75.

HOWTO Guide or WIKI candidate for sure

After typing in step 1:
root@swi-mdm9x28-wp:~# scp ./scripts/cfg_gateway.sh root@192.168.2.2:/tmp/

I get an error message

Host ‘192.168.2.2’ is not in the trusted hosts file.
(ssh-rsa fingerprint md5 90:43:bc:3c:49:99:d8:f4:a0:b0:45:cd"d6:d4:d0:be)
Do you want to continue connecting? (y/n) y
./scripts/cfg_gateway.sh: No such file or directory

However the cfg_gateway.sh file is in the directory Home/mangOH/scripts and there it is cfg_gateway.sh

Can you please help me fix this problem?

Is there a way to check what devices are connected to the ethernet card? Like seeing their ip address? does the mangoh red assign ip address to connected devices when it is configured as a router?

Seems these lines are used to config the assigned ip address

Configuring the NAT…
Configure DHCP server (Y/n): Y
Enter start IP (default: 192.168.20.10):
IP address (192.168.20.10)
Enter end IP (default: 192.168.20.100):

Thanks for the help and okay, so if my raspberry pi’s IP address is 192.168.1.141, and mangoh reds default IP address is 192.168.20.1 and I wanted to send data via ethernet from raspberry pi to mangoh red would I configure that section as so?:

Configure DHCP server (Y/n): Y
Enter start IP (default: 192.168.20.10): 192.168.1.141
Enter end IP (default: 192.168.20.100): 192.168.20.1

?

I suggest you using the default one:192.168.20.10
In this case, I believe the raspberry pi will have Ip address 192.168.20.10

@jyijyi Okay, however now I have a complete issue that happened out of nowhere. After re-running ./cfg_gateway.sh in mangoh red I made the changes and exited the ssh connection. I then tried to re-enter mangoh red by ssh root@192.168.2.2 and it is saying destination host is unreachable. I then tried to ping it and 100% of the packets were never received. This is frustrating because I did absolutely nothing.

Do you know how to get back into mangoh red via ssh, this is crazy???

does it work after reboot?

I remember I need to add “iptables -I INPUT -j ACCEPT” after "iptables --flush " in the script, otherewise it cannot SSH via ECM.

@jyijyi Is this done from the command line?

Yes it is still not pinging after restarting my pc

you need to restart the mangoh board, not your pc!

modifying the cfg_gateway.sh, not command line!

Oh, I see. So I added this line (see image below), is that what you mean? I will save the file. Should I retry to ssh into mangoh red?

Oh, I see. So I added this line (see image below), is that what you mean? I will save the file. Should I retry to ssh into mangoh red?

This is what I am seeing when trying to ping and ssh to device

Screenshot from 2020-08-17 22-13-54726×358 27.2 KB

you might remove the IOT card, not running cfg_gateway.sh, reboot the mangoh red board, then retry the SSH via ECM.
If it does not work from scratch, then I have no idea.

Do you think it had something to do with setting it up as a router, then editing the cfg_gateway.sh file. Maybe it can only be ssh’d into via ethernet. I dont know, I am very confused. When I do ssh root@192.168.1.141 i get packets to send and received 100% (received by who’m… i dont know) from what I recall the IP address 192.168.1.141 is associated with the raspberry pi.

What I have done so far is re-installed swiflash, then used swiflash to re-flash the wp77xx module (dip switch pin 7 in on position), doing so has the module stuck in reboot (see image)

Screenshot from 2020-08-18 00-58-171162×417 35.5 KB

It appears my computer does not even recognize that anything is connected to the usb port when i run ifconfig

Screenshot from 2020-08-18 01-00-311158×396 72.9 KB