Mikrotik and LTE via Android

Background

Each year, we go on a family holiday. The place we stay has no Internet (shocking, I know).

Over the last few years, this hasn’t been a big problem – just use our mobile devices, or just stay off the Internet for a week!

This year, the number of games which require some level of Internet connectivity has exceeded a critical point (basically all my son’s Lego games need to connect to a server to work – silly DRM). And, my son’s computer is a desktop with no WiFi device, so tethering is painful.

I decided I’d connect my old Galaxy Nexus Android phone to an old RB751U Mikrotik router, which was spare at work. This should give wired ethernet connectivity and Internet via 4G / LTE.

This article is based on this post by Tito Muntasa.

Goal

Configure a Mikrotik router to use 4G / LTE to access the Internet.

I’m not going to show any other configuration you may need for a Mikrotik device as a home router, but you’d need to do that as well.

I’m also assuming that the LTE will be the primary and sole Internet connection (no fail over, no duel connections).

Prerequisites

  • An Android device, minimum version 4.4.4
  • A Mikrotik router with USB port, minimum RouterOS version 6.7 (see supported hardware)
  • Mobile broadband on your Android device

0. Ensure your Android device can connect to the Internet

It’s no good if your Android can’t connect to the Internet.

I’m using a pre-paid mobile broadband service from Vodafone Australia. Mostly because it was half price when I bought it.

I needed to go through the process of activating the service, and reboot my phone with the new SIM card.

If you’re using your main phone or tablet, this should already be working.

(Oh, and it’s worth disabling WiFi on your phone as well, as USB tethering will prefer WiFi over mobile broadband. Which causes confusion when testing).

1. Plug your phone into the router’s USB port

The RB751U has a full sized USB port, so pretty much any phone USB cable will work. My main RB2011device has a micro USB port, so I need an adapter cable.

USB Connection

USB Connection

2. Enable USB tethering on your Android device

Before the Mikrotik router will recognise your phone / tablet, you need to enable USB tethering.

My old Galaxy Nexus is using a Cyanogen Mod 4.4.4 Android, which has USB tethering under Settings -> More -> Tethering & portable hotspot -> USB tethering. Yours may be in a different location.

Settings -> More”/></a></figure>



<p>Settings -> More</p>



<figure class=Tethering & portable hotspot

Tethering & portable hotspot

USB tethering

USB tethering

Important note: I haven’t been able to figure out how to automatically enable USB tethering on my Android device. This means when you reboot the router the Internet will not automatically come back up. You must manually enable USB tethering again.

This is fine for my scenario (a week long holiday), but would pose problems for a longer term connection.

3. Check the LTE interface / USB device

On your Mikrotik, you should see a new interface lte1 and a new USB device.

LTE interface - that's my phone!

LTE interface – that’s my phone!

A list of connected USB devices can be found in System -> Resources -> USB.

The Galaxy Nexus is my phone

The Galaxy Nexus is my phone

4. Enable a DHCP client

Android USB tethering works by looking like a USB network device, which your router / computer connects to and gets access to the Internet via DHCP.

As with most things in Mikrotik, you need to explicitly add a DHCP client for your new 3G / LTE interface.

IP -> DHCP Client

You should enable a default route and Use Peer DNS. Other settings aren’t particularly important.

DHCP Client - config details

DHCP Client – config details

DHCP Client - in use

DHCP Client – in use

Its worth noting that there’s a double NAT going on here. The Android device is presenting a 192.168.42.xxx range to the router, and my Mikrotik is presenting the 10.46.10.xxx range to devices which connect to it. Each time, the devices will do a network address translation to make the Internet work.

This isn’t a problem for my scenario (downloading stuff, consuming content), but will pose problems if you’re trying to host a web server.

5. Check your route table

IP -> Routes

If all has gone well, you should see a new interface added which corresponds to the IP address in your DHCP client / LTE interface.

(Note: I’ve manually disabled a default route to my normal ADSL connection in this picture).

Routing the Internet via my phone

Routing the Internet via my phone

6. Tweak firewall rules

The default firewall rules assume the Internet is connected to the first ethernet port (ether1). You’ll need to change those rules to use lte1 instead.

I also add a few passthrough firewall rules to track bandwidth usage (in Australia, mobile Internet is an order of magnitude more expensive than fixed line connections, per GB).

[admin@MikroTik] /ip firewall filter> printFlags: X – disabled, I – invalid, D – dynamic 0 D ;;; special dummy rule to show fasttrack counters chain=forward action=passthrough 1 ;;; Client Usage of LTE chain=forward action=passthrough out-interface=lte1 log=no log-prefix=”” 2 chain=forward action=passthrough in-interface=lte1 log=no log-prefix=”” 3 ;;; Router usage of LTE chain=output action=passthrough out-interface=lte1 log=no log-prefix=”” 4 chain=input action=passthrough in-interface=lte1 log=no log-prefix=”” 5 ;;; defconf: accept ICMP chain=input action=accept protocol=icmp 6 ;;; defconf: accept established,related chain=input action=accept connection-state=established,related 7 ;;; defconf: drop all from WAN chain=input action=drop in-interface=lte1 log=no log-prefix=”” 8 ;;; defconf: fasttrack chain=forward action=fasttrack-connection connection-state=established,related 9 ;;; defconf: accept established,related chain=forward action=accept connection-state=established,related 10 ;;; defconf: drop invalid chain=forward action=drop connection-state=invalid 11 ;;; defconf: drop all from WAN not DSTNATed chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface=lte1 log=no log-prefix=”” [admin@MikroTik] /ip firewall filter>

8. Test on the router

You can ping 8.8.8.8 from Tools -> Ping, and you should see the passthrough firewall rules tick up.

9. Connect devices and use the Internet!

At this point, all looks good, so connect a device and use the Internet!

First thing I do is a speed test. Mostly because its depressing how slow my ADSL is compared to LTE.

Internet working via LTE!

Internet working via LTE!

For reference - my ADSL connection speed

For reference – my ADSL connection speed

Although in this case, they’re both pretty ordinary. I guess I get what I pay for (cheapest mobile broadband and ~5 year old mobile device)!

Conclusion

Setting up a Mikrotik router to use an Android device is pretty straight forward. Nothing particularly special is needed for supporting Android phones.

The double NAT and manual enabling of USB tethering are handicaps, not severe enough for my use. If you want a more permanent LTE connection, check the Mikrotik list of supported hardware.

Source: blog.ligos.net

Tagged with: , , , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.