Sonicwall and Microcell

Contributor

Sonicwall and Microcell

Hello -

Has anyone had luck configuring their microcell behind a Sonicwall TZ180? I have the Microcell connected to a Dell PowerConnect switch which connects to a Sonicwall TZ180 and then to a Comcast Broadband router. I have opened ports 123, 443, 500 and 4500. I have verified that the Power, Ethernet and GPS lights are solid green. However, the 3G light continues to flash green. Thank you in advance for your help and/or suggestions.

Message 1 of 13 (4,191 Views)
Contributor

Re: Sonicwall and Microcell

I sure haven't.  Been working with Sonicwall for 2 weeks now to get it to work.  Many packet captures later and it's still not working. 

 

I've tried everythign from a TZ180 - NSA2400, all same problems. 

 

The microcell was really not thought out.   In a corporate environment, the MicroCell has way too many requirements to work thru a REAL enterprise level firewall.

Message 2 of 13 (4,165 Views)
Mentor

Re: Sonicwall and Microcell

Which is funny since the microcell was designed by Cisco. You'd think someone would notice that it's a pain to get working with firewalls.

 

I've had better luck with my Firebox x700 with voice working great, but data is flakey. For fun, I've reflashed the device to run m0n0wall and I'm running into the same issue with good voice, but flakey data.

 

Something weird is going on, but without any information on what exactly the device is doing it's hard to see who or what is at fault.

Message 3 of 13 (4,149 Views)
Scholar

Re: Sonicwall and Microcell

 


dwright1542 wrote:

I sure haven't.  Been working with Sonicwall for 2 weeks now to get it to work.  Many packet captures later and it's still not working. 

 

I've tried everythign from a TZ180 - NSA2400, all same problems. 

 

The microcell was really not thought out.   In a corporate environment, the MicroCell has way too many requirements to work thru a REAL enterprise level firewall.


 

To be fair, this device isn't designed to be used in a corporate environment.  This is targeted to be a consumer device, which means it is catered to that environment.

 

When a corporate or enterprise version is released, I'm quite sure you will see several differences in design, implementation, and class of product.

 


I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s positions, strategies or opinions.
Message 4 of 13 (4,128 Views)
Mentor

Re: Sonicwall and Microcell

You may want to consider the possibility that it just won't work with the Sonicwall.

 

I couldn't get it to work with my Watchguard Firebox x700, so I reflashed it to run m0n0wall. Still couldn't get it to work so I reflashed it again to run pfsense. I used pretty much the same port forward and NAT settings each time. Out of the 3 attempts, only the last one (pfsense) worked.

 

The problem appears to be VPN-related.

 

This solution seems to be pretty common as many people on these forums seemed to have resolved their issue by dumping their router and buying another one. I've been fortunate to have an extremely hackable firewall (in the good sense) so a OS/firewall reflash is my free equivalent to getting another machine.

Message 5 of 13 (4,097 Views)
Contributor

Re: Sonicwall and Microcell

[ Edited ]

 

"To be fair, this device isn't designed to be used in a corporate environment."

 

I would recommend that AT&T modify their marketing to note the fact. It's strongly implied that it's for all businesses big and small.

 

http://www.wireless.att.com/businesscenter/solutions/network/3g-microcell/

 

Quote:

 

AT&T's new 3G Microcell is designed to improve the wireless reception inside the building where you work

 

Quote:

 

From a temporary office site to the 50th floor of a downtown high rise to your home office. 

Message 6 of 13 (4,031 Views)
Contributor

Re: Sonicwall and Microcell

This unit needs a way to assign a proxy server.

They should allow us direct access to a set-up menu.

I am in a AT&T OFFICE using AT&T Intranet service and I still can't get mine to work.

Message 7 of 13 (4,001 Views)
Tutor

Re: Sonicwall and Microcell

In the meantime corporate users might be better off with a simple cell phone booster like zboost or wilson electronics. I have a zboost in my car and one in my house and it helps. It is a LOT more reliable than the MicroCell and I don't need the 3G data since I have WiFi.

Message 8 of 13 (3,998 Views)
Scholar

Re: Sonicwall and Microcell

 


henrickd wrote:

 

"To be fair, this device isn't designed to be used in a corporate environment."

 

I would recommend that AT&T modify their marketing to note the fact. It's strongly implied that it's for all businesses big and small.

 

http://www.wireless.att.com/businesscenter/solutions/network/3g-microcell/

 

Quote:

 

AT&T's new 3G Microcell is designed to improve the wireless reception inside the building where you work

 

Quote:

 

From a temporary office site to the 50th floor of a downtown high rise to your home office. 


 

My postings here are my own opinion - ONLY.

 

If I were in anything but a very small office environment, I wouldn't choose the MicroCell.  Quite simply, it's not scalable and there is no MicroCell to MicroCell hand off.  If I had more than 4 or 5 employees I would need more than one.  You can only have 10 people on a whitelist, and each device has it's own whitelist.

 

It's just not an enterprise class of equipment.

 

My postings here are my own opinion - ONLY.

 


I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s positions, strategies or opinions.
Message 9 of 13 (3,992 Views)
Tutor

Re: Sonicwall and Microcell

I have a Microcell behind a Sonicwall NSA 2400 and it is working... but it goes down about once a week, but I believe that is an issue with the Microcell not picking up a 3G signal at times.

 

On thing I had to do on our Sonicwall was change the MTU down to 1492 for the data services to work for users on the Microcell.

Message 10 of 13 (3,990 Views)
Contributor

Re: Sonicwall and Microcell

I have a Sonicwall TZ-170, and with the help of one of the AT&T techs, my MicroCell is working. 

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 

This is done on the Sonicwall by going to the Firewall | Access Rules screen.  Then configure the rules associated with the four ports mentioned above.  On the advanced settings tab, check the "Allow Fragmented Packets" box and OK. 

 

Once this was done, my MicroCell connected to AT&T's network and went online.

Message 11 of 13 (1,837 Views)
ACE - Master

Re: Sonicwall and Microcell

 


dhopfenberg wrote:

I have a Sonicwall TZ-170, and with the help of one of the AT&T techs, my MicroCell is working. 

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 

This is done on the Sonicwall by going to the Firewall | Access Rules screen.  Then configure the rules associated with the four ports mentioned above.  On the advanced settings tab, check the "Allow Fragmented Packets" box and OK. 

 

Once this was done, my MicroCell connected to AT&T's network and went online.


AT&T obviously didn't test the MC with enough different kinds of routers and internet connections (DSL, cable, PPoE, etc) to make is easliy useable over a wide range of setups. Especially since they seem to be updating their MC system every now and then. After an update back in March I was down for 10 days with no change in my setup or ISP. AT&T gave me the port forwarding settings and all I had to do was configure them in my AEBS (Apple Extreme Base Station) and assign a permanent IP address based on the MCs MAC address. All other router settings were at their defaults with the MicroCell behind the router (non-priority mode). Works fine even with power cycling.

___________________________________________________________

MicroCell Technical Guide by Otto Pylot


I am not an AT&T employee. For additional help, please send a PM to ATTCustomerCare

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 12 of 13 (1,830 Views)
Highlighted
Guru

Re: Sonicwall and Microcell


dhopfenberg wrote:

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 




It's ridiculous that the Microcell should generate fragments in the first place. It should be absolutely trivial for AT&T/Cisco to insure that the MTU of the internal interfaces (inside the VPN) are low enough to insure that the packets that go to and from the VPN itself don't need to be fragmented. It's far better for them to fragment the inside traffic than the outside traffic, because the inside traffic is all fully under their control and is trustworthy - no need to firewall it aggressively.

 

Really, these are rookie mistakes. A year in and they haven't been fixed (never mind the fact that they were made to begin with)? Clearly AT&T just doesn't care.

Message 13 of 13 (1,816 Views)
Share this topic
Announcements

Welcome to the AT&T Community Forums!!! Stop by the Community How-To section for tips on how to get started.