This chapter describes how to configure the 3G wireless WAN interface on the SonicWALL
UTM appliance. It contains the following sections:
This section provides an overview of 3G. It contains the following sections:
Some SonicWALL security appliances support 3G
Wireless WAN connections that utilize data connections over Cellular networks. The 3G connection can be used for:
Wireless Wide Area Networks provide untethered remote network access through the use of
mobile or cellular data networks.
Depending on your appliance, when the 3G device is installed prior to starting the appliance, it
will be listed as the U0, U1, or M0 (NSA 240 only) interface on the Network > Interfaces
to govern the interface.
The
3G Connection Types setting provides flexible control over WAN connectivity on SonicWALL appliances with 3G interfaces. The Connection Type is configured on the 3G >
Connection Profiles
page on the Parameters
tab of the 3G Profile Configuration window. The following connection types are offered:
|
|
•
|
Persistent Connection
– Once the 3G interface is connected to the 3G service provider, it remains connected until the administrator disconnects it. The interface must still be initially connected on the Network > Interfaces
page by clicking the Manage
button for the U0/U1/M0 interface and clicking Connect
.
|
|
|
•
|
Connect on Data
– The 3G interface connects automatically when the SonicWALL appliance detects specific types of network traffic.
|
|
|
•
|
Manual Connection
– The 3G interface is connected only when the administrator manually initiates the connection.
|
U
nderstanding 3G Failover
When the U0/U1/M0 interface is configured on the SonicWALL security appliance, it is added
by default to the default load balancing group as the Final Backup interface. However, it is important to note that the failover behavior when the primary WAN interface goes down depends on the Connection Type setting that is configured for the 3G Connection Profile.
T
he following sections describe the three different methods of WAN-to-3G failover. All of these sections assume that the U0/U1/M0 interface is configured as the Final Backup interface in the load balancing group.
The following diagram depicts the sequence of events that occur when the WAN ethernet
connection fails and the 3G Connection Profile is configured for Persistent Connection
.
|
1.
|
Primary Ethernet connection available
– The Ethernet WAN interface is connected and used as the primary connection. The U0/U1/M0 interface is never connected while the Ethernet WAN interface is available (unless an explicit route has been configured which specifies 3G as the destination interface).
|
If a
nother Ethernet WAN interface is configured as part of the load balancing group, the appliance will first failover to the secondary Ethernet WAN before failing over to the U0/U1/M0 interface. In this situation, failover to the U0/U1/M0 interface will only occur when both the primary and secondary WAN paths are unavailable.
|
3.
|
Reestablishing Primary Ethernet Connectivity After Failover
– When the Ethernet WAN connection (either the primary WAN port or the secondary WAN port, if so configured) becomes available again, all LAN-to-WAN traffic is automatically routed back to the available Ethernet WAN connection. This includes active connections and VPN connections. The U0/U1/M0 interface connection is closed.
|
|
|
Caution
|
It is not recommended to configure a policy-based route that uses the
U0/U1/M0 interface when the U0/U1/M0 interface is configured as the Final Backup in the load balancing group. If a policy-based route is configured to use the U0/U1/M0 interface, the connection will remain up until the Maximum Connection Time (if configured) is reached.
|
The following diagram depicts the sequence of events that occur when the WAN
Ethernet connection fails and the 3G Connection Profile is configured for Connect on Data
.
|
1.
|
Primary Ethernet connection available
– The Ethernet WAN interface is connected and used as the primary connection. 3G is never connected while the Ethernet WAN interface is available (unless an explicit route has been configured which specifies the U0/U1/M0 interface as the destination interface).
|
|
2.
|
Primary Ethernet Connection Fails
– The U0/U1/M0 interface connection is not established until qualifying outbound data attempts to pass through the SonicWALL appliance.
|
|
3.
|
3G Connection Established
– The U0/U1/M0 interface connection is established when the device or a network node attempts to transfer qualifying data to the Internet. The U0/U1/M0 interface stays connected until the Maximum Connection Time (if configured) is reached
.
|
|
|
Caution
|
SonicWALL does n
ot recommend using a Manual Dial
3G Connection Profile when the U0/U1/M0 interface is intended to be used as a failover backup for the primary WAN interface, because in the event of a WAN failure, the appliance will lose WAN connectivity until the U0/U1/M0 interface connection is manually initiated by the administrator.
The following diagram depicts the sequence of events that occur when the WAN Ethernet connection fails and the 3G Connection Profile is configured for Manual Dial
.
|
|
3.
|
3G Connection Established
– A U0/U1/M0 interface connection is established when the administrator manually enables the connection on the SonicWALL appliance. The U0/U1/M0 interface stays connected until the administrator manually disables the connection.
|
|
4.
|
Reestablishing WAN Ethernet Connectivity After Failover
– Regardless of whether an Ethernet connection becomes available again, all LAN-to-WAN traffic will still use the
manually enabled 3G connection
until the connection is manually disabled by the administrator. After a manual disconnect, the available Ethernet connection will be used.
|
To use the 3G interface you must have a 3G PC card and a contract with a wireless service
provider. A 3G service provider should be selected based primarily on the availability of supported hardware. SonicOS Enhanced (3.6 and later versions) supports the 3G PC cards listed online at:
http://www.sonicwall.com/us/products/cardsupport.html
SonicOS Enhanced supports the following 3G Wireless network providers (this list is subject to
change):
Before configuring the 3G interface, you must complete the following prerequisites:
|
|
•
|
Insert the 3G
card into the SonicWALL appliance before
powering on the SonicWALL security appliance.
|
|
|
Note
|
The 3G
card should only be inserted or removed when the SonicWALL security appliance is powered off.
|
For information on configuring these prerequisites, see the
SonicWALL Getting Started Guide
for your model.
The following sections describe how to configure the
U0/U1/M0 interface for the 3G card on the SonicWALL appliance:
Most of the 3G settings can also be configured on the
Network > Interfaces
page. 3G Connection Profiles can only be configured on the 3G > Connection Profiles
page.
The
3G > Status
page displays the current status of 3G on the SonicWALL appliance. It indicates the status of the 3G connection, the current active WAN interface, or the current backup WAN interface. It also displays IP address information, DNS server addresses, the current active dial up profile, and the current signal strength.