modem_profiles

modem_profiles

Modem > Connection Profiles

The Modem > Connection Profiles page allows you to configure modem profiles on the SonicWALL security appliance using your dial-up ISP information for the connection. Multiple modem profiles can be used when you have a different profile for individual ISPs.

The current profile is displayed in the Connection Profiles table, which displays the following profile information:

•Name - The name you've assigned to the profile. You can use names such as Home, Office, or Travel to distinguish different profiles from each other.

•IP Address - The IP address of the Internet connection.

•Connection Type - Displays Persistent, Connect on Data, or Manual Dial, depending on what you selected in the Profile Configuration window for the profile.

•Configure - Clicking the edit icon allows you to edit the profile. Clicking on the delete icon de­letes the profile.

Configuring a Profile

  1. In the Modem > Connection Profiles page, click the Add button. The Modem Profile Configuration window is displayed for configuring a dialup profile.

Once you create your profiles, you can then configure specify which profiles to use for WAN failover or Internet access.

To configure your ISP settings, you must obtain your Internet information from your dial-up Internet Service Provider.

  1. In the General Settings page, enter a name for your dialup profile in the Profile Name field.
  2. Enter the primary number used to dial your ISP in the Primary Dialed Number field.

    3. Tip!If a specific prefix is used to access an outside line, such as 9, &, or, , enter the number as part of the primary phone number.

  3. Enter the secondary number used to dial your ISP in the Secondary Dialed Number field (optional).
  4. Enter your dial-up ISP user name in the User Name field.
  5. Enter the password provided by your dialup ISP in the User Password field.
  6. Confirm your dialup ISP password in the Confirm User Password field.
  7. If your ISP has given you a script that runs when you access your ISP connection, cut and paste the script text in the Chat Script field. See the Information in Chat Scripts section for more information on using chat scripts.
  8. Click the ISP Address tab.
  9. In the ISP Address Setting section, select Obtain an IP Address Automatically if you do not have a permanent dialup IP address from your ISP. If you have a permanent dialup IP address from your ISP, select Use the following IP Address and enter the IP address in the corresponding field.
  10. If you obtain an IP address automatically for your DNS server(s), select Obtain an IP Address Automatically. If your ISP has a specific IP address for the DNS server(s), select Use the following IP Address and enter the IP address of the primary DNS server in the corresponding field. You can also add a secondary DNS server address in the field below.
  11. Click on the Parameters tab. Use the settings in the page to configure modem dialup behavior.
  12. In the Connect Type menu select one of the following options:

    13. wPersistent Connection - By selecting Persistent Connection, the modem stays connected unless you click the Disconnect button on the Network > Settings page. If Enable Dial-Up Wan Failover is selected on the Network > WAN Failover & Load Balancing page, the modem dials automatically when a WAN connection fails. If the Primary Profile cannot connect, the modem uses the Alternate Profile 1 to dial an ISP.

    wConnect on Data - Using Connect on Data requires that outbound data is detected before the modem dials the ISP. Outbound data does not need to originate from computers on the LAN, but can also be packets generated by the SonicWALL security appliance internal applications such as AutoUpdate and Anti-Virus. If Enable WAN Failover is selected on the Modem > Failover page, the pings generated by the probe can trigger the modem to dial when no WAN Ethernet connection is detected. If the Primary Profile cannot connect, the modem uses the Alternate Profile 1 to dial an ISP.

    wManual Connection - Selecting Manual Connection for a Primary Profile means that a modem connection does not automatically occur. You must click the Connect button on the Network > Settings page for the dialup connection to be established. Also, WAN Failover does not automatically occur.

    Caution: If you are configuring two dial-up profiles for WAN failover, the modem behavior should be the same for each profile. For example, if your Primary Profile uses Persistent Connection, your Secondary Profile should also use Persistent Connection.

    Caution: If you enable Persistent Connection for the modem, the modem connection remains active until the WAN Ethernet connection is reactivated or you force disconnection by clicking Disconnect on the Configure page.

  13. If you selected either Connect on Data or Manual Connection, enter the number of minutes a dial-up connection is allowed to be inactive in the Enable Inactivity Disconnect (minutes) field.
  14. Select the connection speed from the Max Connection Speed (bps) menu. Auto is the default setting as the SonicWALL security appliance automatically detects the connection speed when it connects to the ISP or you can select a specific speed option from the menu.
  15. Select Enable Max Connection Time (minutes) if the connection is terminated after the specified time. Enter the number of minutes for the connection to be active. The value can range from 0 to 1440 minutes. This feature does not conflict with the Inactivity Disconnect setting. If both features are configured, the connection is terminated based on the shortest configured time.
  16. If you select Enable Max Connection Time (minutes), enter the number of minutes to delay before redialling the ISP in the Delay Before Reconnect (minutes). The value can range from 0 to 1440, and the default value is 0 which means there is no delay before reconnecting to the ISP.
  17. If you have call waiting on your telephone line, you should disable it or another call can interrupt your connection to your ISP. Select Disable Call Waiting and then select command from the list. If you do not see your command listed, select Other, and enter the command in the field. If you are not sure which command to use, see the documentation that came with your phone service or contact your phone service provider.
  18. If the phone number for your ISP is busy, you can configure the number of times that the SonicWALL security appliance modem attempts to connect in the Dial Retries per Phone Number field. The default value is 0.
  19. Enter the number of seconds between attempts to redial in the Delay Between Retries (seconds) field. The default value is 5 seconds.
  20. Select Disable VPN when Dialled if VPN Security Associations (SAs) are disabled when the modem connects to the ISP. Terminating the dial-up connection re-enables the VPN SAs. This is useful if you want to deploy your own point-to-point RAS network and want packets to be sent in the clear to your intranets.
  21. Click the Schedule tab.
  22. If you want to specify scheduled times the modem can connect, select Limit Times for Dialup Profile. Enter times for each day in 24-hour format that you want the modem to be able to make a connection.
  23. Click OK to add the dial-up profile to the SonicWALL security appliance. The Dialup Profile appears in the Connection Profiles table.

Chat Scripts

Some legacy servers can require company-specific chat scripts for logging onto the dial-up servers.

A chat script, like other types of scripts, automates the act of typing commands using a keyboard. It consists of commands and responses, made up of groups of expect-response pairs as well as additional control commands, used by the chat script interpreter on the TELE3 SP. The TELE3 SP uses a default chat script that works with most ISPs, but your ISP may require a chat script with specific commands to “chat” with their server. If an ISP requires a specific chat script, it is typically provided to you with your dial-up access information. The default chat script for the TELE3 SP has the following commands:










ABORT `NO DIALTONE'ABORT `BUSY'ABOR `NO CARRIER' "ATQ0"ATE0"ATM1"ATL0"ATV1OK ATDT\TCONNECT \D \C

The first three commands direct the chat script interpreter to abort if any of the strings NO CARRIER, NO DIALTONE, or BUSYare received from the modem.


The next five commands are AT commands that tell the chat interpreter to wait for nothing as" defines an empty string, and configure the following on the modem: return command responses, don't echo characters, report the connecting baud rate when connected, and return verbose responses.

The next line has OK as the expected string, and the interpreters waits for OK to be returned in response to the previous command, ATV1, before continuing the script. If OK is not returned within the default time period of 50 seconds, the chat interpreter aborts the script and the connection fails. If OK is received, the prefix and phone number of the selected dial-up account is dialled. The \T command is replaced by chat script interpreter with the prefix and phone number of the dial-up account.

In the last line of the script, CONNECT is the expected response from the remote modem. If the modems successfully connect, CONNECT is returned from the TELE3 SP modem.The \D adds a pause of one second to allow the server to start the PPP authentication. The \C command ends the chat script end without sending a carriage return to the modem. The TELE3 SP then attempts to establish a PPP (Point-to-Point Protocol) connection over the serial link. The PPP connection usually includes authentication of the user by using PAP (Password Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol) from the PPP suite. Once a PPP connection is established, it looks like any other network interface.

Custom Chat Scripts

Custom chat scripts can be used when the ISP dial-up server does not use PAP or CHAP as an authentication protocol to control access. Instead, the ISP requires a user to log onto the dial-up server by prompting for a user name and password before establishing the PPP connection. For the most part, this type of server is part of the legacy systems rooted in the dumb terminal login architecture. Because these types of servers can prompt for a user name and password in a variety of ways or require subsequent commands to initiate the PPP connection, a Chat Script field is provided for you to enter a custom script.

If a custom chat script is required by an ISP for establishing a connection, it is commonly found on their web site or provided with their dial-up access information. Sometimes the scripts can be found by using a search engine on the Internet and using the keywords, “chat script ppp Linux <ISP name>”.

A custom chat script can look like the following script:












ABORT `NO CARRIER'ABORT `NO DIALTONE'ABORT `BUSY'" ATQ0" ATE0" ATM1" ATW2" ATV1OK ATDT\TCONNECT "sername: \Lassword: \P

Tip!The first character of username and password are ignored during PPP authentication.

The script looks a lot like the previous script with the exception of the commands at the end. There is an empty string (") after CONNECT which sends a carriage return command to the server. The chat interpreter then waits for sername: substring. When a response is returned, the current PPP account user name, substituting the \L command control string, is sent. Then, the chat interpreter waits for the substring assword:, and sends the password, substituting \P with the PPP account password. If either the sername or assword substring are not received within the timeout period, the chat interpreter aborts the dial-up process resulting in a dial-up failure.