3G

Note         This is the help page for using an external 3G/4G wireless WAN interface on the SonicWALL UTM appliance. For help with using an external analog modem interface, see “Modem” section on page 369.

3G/4G

This chapter describes how to configure the 3G/4G wireless WAN interface on the SonicWALL UTM appliance. It contains the following sections:

             DPI-SSL Overview

             3G/4G > Status

             3G/4G > Settings

             3G/4G > Advanced

             3G/4G > Connection Profiles

             3G/4G > Data Usage

             Enabling the U0/U1/M0 Interface

3G/4G Overview

Some SonicWALL security appliances support 3G/4G Wireless WAN connections that utilize data connections over Cellular networks. The 3G/4G connection can be used for:

             WAN Failover to a connection that is not dependent on wire or cable.

             Temporary networks where a pre-configured connection may not be available, such as trade-shows and kiosks.

             Mobile networks, where the SonicWALL appliance is based in a vehicle.

             Primary WAN connection where wire-based connections are not available and 3G/4G Cellular is.

Wireless Wide Area Networks provide untethered remote network access through the use of mobile or cellular data networks.

The following sections provide an overview of 3G/4G:

             Understanding 3G/4G Connection Types

             Understanding 3G/4G Failover

             VoIP Protocols

             3G/4G Wireless WAN Service Provider Support

Understanding 3G/4G Connection Types

Depending on your appliance, when the 3G/4G device is installed prior to starting the appliance, it will be listed as the U0, U1, or M0 (NSA 240 only) interface on the Network > Interfaces to govern the interface.

The 3G/4G Connection Types setting provides flexible control over WAN connectivity on SonicWALL appliances with 3G/4G interfaces. The Connection Type is configured on the 3G/4G > Connection Profiles page on the Parameters tab of the 3G/4G Profile Configuration window. The following connection types are offered:

             Persistent Connection – Once the 3G/4G interface is connected to the 3G/4G service provider, it remains connected until the administrator disconnects it. The interface must still be initially connected on the Network > Interfaces page by clicking the Manage button for the U0/U1/M0 interface and clicking Connect.

             Connect on Data – The 3G/4G interface connects automatically when the SonicWALL appliance detects specific types of network traffic.

             Manual Connection – The 3G/4G interface is connected only when the administrator manually initiates the connection.

Understanding 3G/4G Failover

When the U0/U1/M0 interface is configured on the SonicWALL security appliance, it is added by default to the default load balancing group as the Final Backup interface. However, it is important to note that the failover behavior when the primary WAN interface goes down depends on the Connection Type setting that is configured for the 3G/4G Connection Profile.

The following sections describe the three different methods of WAN-to-3G/4G failover. All of these sections assume that the U0/U1/M0 interface is configured as the Final Backup interface in the load balancing group.

             Persistent Connection 3G/4G Failover

             Connect on Data 3G/4G Failover

             Manual Dial 3G/4G Failover

Persistent Connection 3G/4G Failover

The following diagram depicts the sequence of events that occur when the WAN ethernet connection fails and the 3G/4G Connection Profile is configured for Persistent Connection.

 

1. Primary Ethernet connection available – The Ethernet WAN interface is connected and used as the primary connection. The U0/U1/M0 interface is never connected while the Ethernet WAN interface is available (unless an explicit route has been configured which specifies 3G/4G as the destination interface).

2. Primary Ethernet connection fails – The U0/U1/M0 interface is initiated and remains in an “always-on” state while the Ethernet WAN connection is down.

If another Ethernet WAN interface is configured as part of the load balancing group, the appliance will first failover to the secondary Ethernet WAN before failing over to the U0/U1/M0 interface. In this situation, failover to the U0/U1/M0 interface will only occur when both the primary and secondary WAN paths are unavailable.

3. Reestablishing Primary Ethernet Connectivity After Failover – When the Ethernet WAN connection (either the primary WAN port or the secondary WAN port, if so configured) becomes available again, all LAN-to-WAN traffic is automatically routed back to the available Ethernet WAN connection. This includes active connections and VPN connections. The U0/U1/M0 interface connection is closed.

Caution        It is not recommended to configure a policy-based route that uses the U0/U1/M0 interface when the U0/U1/M0 interface is configured as the Final Backup in the load balancing group. If a policy-based route is configured to use the U0/U1/M0 interface, the connection will remain up until the Maximum Connection Time (if configured) is reached.

Connect on Data 3G/4G Failover

The following diagram depicts the sequence of events that occur when the WAN Ethernet connection fails and the 3G/4G Connection Profile is configured for Connect on Data.

 

1. Primary Ethernet connection available – The Ethernet WAN interface is connected and used as the primary connection. 3G/4G is never connected while the Ethernet WAN interface is available (unless an explicit route has been configured which specifies the U0/U1/M0 interface as the destination interface).

2. Primary Ethernet Connection Fails – The U0/U1/M0 interface connection is not established until qualifying outbound data attempts to pass through the SonicWALL appliance.

3. 3G/4G Connection Established – The U0/U1/M0 interface connection is established when the device or a network node attempts to transfer qualifying data to the Internet. The U0/U1/M0 interface stays connected until the Maximum Connection Time (if configured) is reached.

4. Reestablishing WAN Ethernet Connectivity After Failover – When an Ethernet WAN connection becomes available again, all LAN-to-WAN traffic is automatically routed back to the available Ethernet WAN connection. The U0/U1/M0 interface connection is terminated.

Caution        It is not recommended to configure a policy-based route that uses the U0/U1/M0 interface when the U0/U1/M0 interface is configured as the Final Backup in the load balancing group. If a policy-based route is configured to use the U0/U1/M0 interface, the connection will remain up until the Maximum Connection Time (if configured) is reached.

Manual Dial 3G/4G Failover

Caution        SonicWALL does not recommend using a Manual Dial 3G/4G Connection Profile when the U0/U1/M0 interface is intended to be used as a failover backup for the primary WAN interface, because in the event of a WAN failure, the appliance will lose WAN connectivity until the U0/U1/M0 interface connection is manually initiated by the administrator.

The following diagram depicts the sequence of events that occur when the WAN Ethernet connection fails and the 3G/4G Connection Profile is configured for Manual Dial.

 

1. Primary Ethernet Connection Available - The Ethernet WAN is connected and used as the primary connection. 3G/4G is never connected while the Ethernet WAN connection is available.

2. Primary Ethernet Connection Fails - The U0/U1/M0 interface connection is not established until the administrator manually enables the connection.

3. 3G/4G Connection Established – A U0/U1/M0 interface connection is established when the administrator manually enables the connection on the SonicWALL appliance. The U0/U1/M0 interface stays connected until the administrator manually disables the connection.

4. Reestablishing WAN Ethernet Connectivity After Failover – Regardless of whether an Ethernet connection becomes available again, all LAN-to-WAN traffic will still use the manually enabled 3G/4G connection until the connection is manually disabled by the administrator. After a manual disconnect, the available Ethernet connection will be used.

3G/4G PC Card Support

To use the 3G/4G interface you must have a 3G/4G PC card and a contract with a wireless service provider. A 3G/4G service provider should be selected based primarily on the availability of supported hardware. SonicOS Enhanced (3.6 and later versions) supports the 3G/4G PC cards listed online at:

http://www.sonicwall.com/us/products/cardsupport.html

3G/4G Wireless WAN Service Provider Support

SonicOS Enhanced supports the following 3G/4G Wireless network providers (this list is subject to change):

             AT&T

             H3G

             Sprint PCS Wireless

             Verizon Wireless

             Vodafone

             Telecom Italia Mobile

             Telefonica

             T-Mobile

             TDC Song

             Orange

3G/4G Prerequisites

Before configuring the 3G/4G interface, you must complete the following prerequisites:

             Purchase a 3G/4G service plan from a supported third-party wireless provider

             Configure and activate your 3G/4G card

             Insert the 3G/4G card into the SonicWALL appliance before powering on the SonicWALL security appliance.

Note         The 3G/4G card should only be inserted or removed when the SonicWALL security appliance is powered off.

For information on configuring these prerequisites, see the SonicWALL Getting Started Guide for your model.

The following sections describe how to configure the U0/U1/M0 interface for the 3G/4G card on the SonicWALL appliance:

             3G/4G > Status

             3G/4G > Settings

             3G/4G > Advanced

             3G/4G > Connection Profiles

             3G/4G > Data Usage

             Enabling the U0/U1/M0 Interface

Most of the 3G/4G settings can also be configured on the Network > Interfaces page. 3G/4G Connection Profiles can only be configured on the 3G/4G > Connection Profiles page.

3G/4G > Status

The 3G/4G > Status page displays the current status of 3G/4G on the SonicWALL appliance. It indicates the status of the 3G/4G connection, the current active WAN interface, or the current backup WAN interface. It also displays IP address information, DNS server addresses, the current active dial up profile, and the current signal strength.