This is an Unofficial Community Guide.

It has not been Verified or Supported by Check Point.

Use this at your OWN RISK. 

** You have been warned **

Hi all.

With the launch of the 3600/3800 appliances I noticed that they did not support USB dongles.

Below is a summary what is required to make these dongles work in GAIA.

Background:

Most current usb dongles emulate some sort of USB storage device when you plug them into the appliance. This is by design so the user can install the drivers for these devices which is located on the emulates storage device. Fortunately the 3.10 kernel used in GAIA R80 already has these drivers built in. These devices actually emulate a USB ethernet device. 

In order to get these devices to work we must do a USB_MODESWITCH on these device. The USB_MUDESWITCH kicks these devices out of USB_Storage mode and into USB Ethernet mode. The device I have tested this on in Australia is the Huawei E8372 (Telstra Branded). This device uses the CDC_Ether driver built into the kernel.

Procedure:

Plug in your device into the USB port on the FW. Issue the below command.

lsusb

output will show. You can clearly see its shows the device in "Mass Storage Mode"

Write down the Vendor ID = mine is 12d1 and Product ID = mine is 1f01.

Next we need to copy the usb_modeswitch binary file the GW. (I have attached the file to this post)

curl_cli -Lk https://github.com/haris2887/CPUSBMODESWITCH/blob/main/usb_modeswitch/usr/sbin/usb_modeswitch?raw=true --output /usr/sbin/usb_modeswitch

You must also fix the permissions as per below.

chmod 755 /usr/sbin/usb_modeswitch

In order to test usb_modeswitch works for you.

you can now do : (remember to replace VendorID and ProductID with what you obtained in step 1)

usb_modeswitch -v 12d1 -p 1f01 -J

to check if it worked if it was successful type: 

dmesg

Finally to make everything permanent and automatically switch USB mode when device is plugged in.

Remember to use you own VendorID (12d1) and ProductID (1f01) also change "eth4" to your interface.

tee -a /etc/udev/rules.d/52-e8372.rules > /dev/null <<END
ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="12d1", ATTRS{idProduct}=="1f01", RUN+="/usr/sbin/usb_modeswitch -v 12d1 -p 1f01 -J"
ACTION=="add", KERNEL=="eth4", SUBSYSTEM=="net", RUN+="/bin/sh -c '/usr/sbin/ifconfig eth4 up ; /usr/sbin/dhclient -r eth4' "
END

Final Connectivity Testing: 

from clish

add dhcp client interface eth4

set interface eth4 comments "4G USB Dongle"

set interface eth4 state on

You can see from the GAIA web UI

Known Issues: 

Below was resolved.

1. Hot plugging does not work yet. If you unplug the USB device from the CP appliance and plug it in again. you must do:

The above limitation does not apply to appliance reboots. When the appliance reboots the interface comes back by itself. It strictly related to hotp-luging USB device.

I am trying to figure out the best way to fix this, If anyone has ideas please reach out to me.