Ask a question
Search in Wireless Forums

Wireless Forum

Reply
Posted Jun 9, 2010
3:34:16 PM
View profile
Sonicwall and Microcell

Hello -

Has anyone had luck configuring their microcell behind a Sonicwall TZ180? I have the Microcell connected to a Dell PowerConnect switch which connects to a Sonicwall TZ180 and then to a Comcast Broadband router. I have opened ports 123, 443, 500 and 4500. I have verified that the Power, Ethernet and GPS lights are solid green. However, the 3G light continues to flash green. Thank you in advance for your help and/or suggestions.

Hello -

Has anyone had luck configuring their microcell behind a Sonicwall TZ180? I have the Microcell connected to a Dell PowerConnect switch which connects to a Sonicwall TZ180 and then to a Comcast Broadband router. I have opened ports 123, 443, 500 and 4500. I have verified that the Power, Ethernet and GPS lights are solid green. However, the 3G light continues to flash green. Thank you in advance for your help and/or suggestions.

Sonicwall and Microcell

4,084 views
12 replies
(0) Me too
(0) Me too
Reply
View all replies
(12)
0
(0)
  • Rate this reply
View profile
Jun 9, 2010 6:52:11 PM
0
(0)
Contributor

I sure haven't.  Been working with Sonicwall for 2 weeks now to get it to work.  Many packet captures later and it's still not working. 

 

I've tried everythign from a TZ180 - NSA2400, all same problems. 

 

The microcell was really not thought out.   In a corporate environment, the MicroCell has way too many requirements to work thru a REAL enterprise level firewall.

I sure haven't.  Been working with Sonicwall for 2 weeks now to get it to work.  Many packet captures later and it's still not working. 

 

I've tried everythign from a TZ180 - NSA2400, all same problems. 

 

The microcell was really not thought out.   In a corporate environment, the MicroCell has way too many requirements to work thru a REAL enterprise level firewall.

Re: Sonicwall and Microcell

2 of 13 (4,058 Views)
0
(0)
  • Rate this reply
View profile
Jun 9, 2010 11:45:26 PM
0
(0)
Mentor

Which is funny since the microcell was designed by Cisco. You'd think someone would notice that it's a pain to get working with firewalls.

 

I've had better luck with my Firebox x700 with voice working great, but data is flakey. For fun, I've reflashed the device to run m0n0wall and I'm running into the same issue with good voice, but flakey data.

 

Something weird is going on, but without any information on what exactly the device is doing it's hard to see who or what is at fault.

Which is funny since the microcell was designed by Cisco. You'd think someone would notice that it's a pain to get working with firewalls.

 

I've had better luck with my Firebox x700 with voice working great, but data is flakey. For fun, I've reflashed the device to run m0n0wall and I'm running into the same issue with good voice, but flakey data.

 

Something weird is going on, but without any information on what exactly the device is doing it's hard to see who or what is at fault.

Re: Sonicwall and Microcell

3 of 13 (4,042 Views)
0
(0)
  • Rate this reply
View profile
Jun 10, 2010 9:55:49 AM
0
(0)
Scholar

 


dwright1542 wrote:

I sure haven't.  Been working with Sonicwall for 2 weeks now to get it to work.  Many packet captures later and it's still not working. 

 

I've tried everythign from a TZ180 - NSA2400, all same problems. 

 

The microcell was really not thought out.   In a corporate environment, the MicroCell has way too many requirements to work thru a REAL enterprise level firewall.


 

To be fair, this device isn't designed to be used in a corporate environment.  This is targeted to be a consumer device, which means it is catered to that environment.

 

When a corporate or enterprise version is released, I'm quite sure you will see several differences in design, implementation, and class of product.

 


I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s positions, strategies or opinions.

 


dwright1542 wrote:

I sure haven't.  Been working with Sonicwall for 2 weeks now to get it to work.  Many packet captures later and it's still not working. 

 

I've tried everythign from a TZ180 - NSA2400, all same problems. 

 

The microcell was really not thought out.   In a corporate environment, the MicroCell has way too many requirements to work thru a REAL enterprise level firewall.


 

To be fair, this device isn't designed to be used in a corporate environment.  This is targeted to be a consumer device, which means it is catered to that environment.

 

When a corporate or enterprise version is released, I'm quite sure you will see several differences in design, implementation, and class of product.

Re: Sonicwall and Microcell

4 of 13 (4,021 Views)
0
(0)
  • Rate this reply
View profile
Jun 11, 2010 11:32:29 AM
0
(0)
Mentor

You may want to consider the possibility that it just won't work with the Sonicwall.

 

I couldn't get it to work with my Watchguard Firebox x700, so I reflashed it to run m0n0wall. Still couldn't get it to work so I reflashed it again to run pfsense. I used pretty much the same port forward and NAT settings each time. Out of the 3 attempts, only the last one (pfsense) worked.

 

The problem appears to be VPN-related.

 

This solution seems to be pretty common as many people on these forums seemed to have resolved their issue by dumping their router and buying another one. I've been fortunate to have an extremely hackable firewall (in the good sense) so a OS/firewall reflash is my free equivalent to getting another machine.

You may want to consider the possibility that it just won't work with the Sonicwall.

 

I couldn't get it to work with my Watchguard Firebox x700, so I reflashed it to run m0n0wall. Still couldn't get it to work so I reflashed it again to run pfsense. I used pretty much the same port forward and NAT settings each time. Out of the 3 attempts, only the last one (pfsense) worked.

 

The problem appears to be VPN-related.

 

This solution seems to be pretty common as many people on these forums seemed to have resolved their issue by dumping their router and buying another one. I've been fortunate to have an extremely hackable firewall (in the good sense) so a OS/firewall reflash is my free equivalent to getting another machine.

Re: Sonicwall and Microcell

5 of 13 (3,990 Views)
0
(0)
  • Rate this reply
View profile
Jun 13, 2010 10:56:34 PM
0
(0)
Contributor
Edited by henrickd on Jun 13, 2010 at 11:15:38 PM

 

"To be fair, this device isn't designed to be used in a corporate environment."

 

I would recommend that AT&T modify their marketing to note the fact. It's strongly implied that it's for all businesses big and small.

 

http://www.wireless.att.com/businesscenter/solutions/network/3g-microcell/

 

Quote:

 

AT&T's new 3G Microcell is designed to improve the wireless reception inside the building where you work

 

Quote:

 

From a temporary office site to the 50th floor of a downtown high rise to your home office. 

 

"To be fair, this device isn't designed to be used in a corporate environment."

 

I would recommend that AT&T modify their marketing to note the fact. It's strongly implied that it's for all businesses big and small.

 

http://www.wireless.att.com/businesscenter/solutions/network/3g-microcell/

 

Quote:

 

AT&T's new 3G Microcell is designed to improve the wireless reception inside the building where you work

 

Quote:

 

From a temporary office site to the 50th floor of a downtown high rise to your home office. 

Re: Sonicwall and Microcell

[ Edited ]
6 of 13 (3,924 Views)
0
(0)
  • Rate this reply
View profile
Jun 14, 2010 10:46:12 AM
0
(0)
Contributor

This unit needs a way to assign a proxy server.

They should allow us direct access to a set-up menu.

I am in a AT&T OFFICE using AT&T Intranet service and I still can't get mine to work.

This unit needs a way to assign a proxy server.

They should allow us direct access to a set-up menu.

I am in a AT&T OFFICE using AT&T Intranet service and I still can't get mine to work.

Re: Sonicwall and Microcell

7 of 13 (3,894 Views)
0
(0)
  • Rate this reply
View profile
Jun 14, 2010 11:00:38 AM
0
(0)
Tutor

In the meantime corporate users might be better off with a simple cell phone booster like zboost or wilson electronics. I have a zboost in my car and one in my house and it helps. It is a LOT more reliable than the MicroCell and I don't need the 3G data since I have WiFi.

In the meantime corporate users might be better off with a simple cell phone booster like zboost or wilson electronics. I have a zboost in my car and one in my house and it helps. It is a LOT more reliable than the MicroCell and I don't need the 3G data since I have WiFi.

Re: Sonicwall and Microcell

8 of 13 (3,891 Views)
0
(0)
  • Rate this reply
View profile
Jun 14, 2010 11:48:59 AM
0
(0)
Scholar

 


henrickd wrote:

 

"To be fair, this device isn't designed to be used in a corporate environment."

 

I would recommend that AT&T modify their marketing to note the fact. It's strongly implied that it's for all businesses big and small.

 

http://www.wireless.att.com/businesscenter/solutions/network/3g-microcell/

 

Quote:

 

AT&T's new 3G Microcell is designed to improve the wireless reception inside the building where you work

 

Quote:

 

From a temporary office site to the 50th floor of a downtown high rise to your home office. 


 

My postings here are my own opinion - ONLY.

 

If I were in anything but a very small office environment, I wouldn't choose the MicroCell.  Quite simply, it's not scalable and there is no MicroCell to MicroCell hand off.  If I had more than 4 or 5 employees I would need more than one.  You can only have 10 people on a whitelist, and each device has it's own whitelist.

 

It's just not an enterprise class of equipment.

 

My postings here are my own opinion - ONLY.

 


I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s positions, strategies or opinions.

 


henrickd wrote:

 

"To be fair, this device isn't designed to be used in a corporate environment."

 

I would recommend that AT&T modify their marketing to note the fact. It's strongly implied that it's for all businesses big and small.

 

http://www.wireless.att.com/businesscenter/solutions/network/3g-microcell/

 

Quote:

 

AT&T's new 3G Microcell is designed to improve the wireless reception inside the building where you work

 

Quote:

 

From a temporary office site to the 50th floor of a downtown high rise to your home office. 


 

My postings here are my own opinion - ONLY.

 

If I were in anything but a very small office environment, I wouldn't choose the MicroCell.  Quite simply, it's not scalable and there is no MicroCell to MicroCell hand off.  If I had more than 4 or 5 employees I would need more than one.  You can only have 10 people on a whitelist, and each device has it's own whitelist.

 

It's just not an enterprise class of equipment.

 

My postings here are my own opinion - ONLY.

Re: Sonicwall and Microcell

9 of 13 (3,885 Views)
0
(0)
  • Rate this reply
View profile
Jun 14, 2010 12:07:28 PM
0
(0)
Tutor

I have a Microcell behind a Sonicwall NSA 2400 and it is working... but it goes down about once a week, but I believe that is an issue with the Microcell not picking up a 3G signal at times.

 

On thing I had to do on our Sonicwall was change the MTU down to 1492 for the data services to work for users on the Microcell.

I have a Microcell behind a Sonicwall NSA 2400 and it is working... but it goes down about once a week, but I believe that is an issue with the Microcell not picking up a 3G signal at times.

 

On thing I had to do on our Sonicwall was change the MTU down to 1492 for the data services to work for users on the Microcell.

Re: Sonicwall and Microcell

10 of 13 (3,883 Views)
0
(0)
  • Rate this reply
View profile
Jun 11, 2011 6:37:46 AM
0
(0)
Contributor

I have a Sonicwall TZ-170, and with the help of one of the AT&T techs, my MicroCell is working. 

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 

This is done on the Sonicwall by going to the Firewall | Access Rules screen.  Then configure the rules associated with the four ports mentioned above.  On the advanced settings tab, check the "Allow Fragmented Packets" box and OK. 

 

Once this was done, my MicroCell connected to AT&T's network and went online.

I have a Sonicwall TZ-170, and with the help of one of the AT&T techs, my MicroCell is working. 

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 

This is done on the Sonicwall by going to the Firewall | Access Rules screen.  Then configure the rules associated with the four ports mentioned above.  On the advanced settings tab, check the "Allow Fragmented Packets" box and OK. 

 

Once this was done, my MicroCell connected to AT&T's network and went online.

Re: Sonicwall and Microcell

11 of 13 (1,730 Views)
0
(0)
  • Rate this reply
View profile
Jun 11, 2011 2:28:02 PM
0
(0)
ACE - Master

 


dhopfenberg wrote:

I have a Sonicwall TZ-170, and with the help of one of the AT&T techs, my MicroCell is working. 

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 

This is done on the Sonicwall by going to the Firewall | Access Rules screen.  Then configure the rules associated with the four ports mentioned above.  On the advanced settings tab, check the "Allow Fragmented Packets" box and OK. 

 

Once this was done, my MicroCell connected to AT&T's network and went online.


AT&T obviously didn't test the MC with enough different kinds of routers and internet connections (DSL, cable, PPoE, etc) to make is easliy useable over a wide range of setups. Especially since they seem to be updating their MC system every now and then. After an update back in March I was down for 10 days with no change in my setup or ISP. AT&T gave me the port forwarding settings and all I had to do was configure them in my AEBS (Apple Extreme Base Station) and assign a permanent IP address based on the MCs MAC address. All other router settings were at their defaults with the MicroCell behind the router (non-priority mode). Works fine even with power cycling.

___________________________________________________________

MicroCell Technical Guide by Otto Pylot


I am not an AT&T employee. For additional help, please send a PM to ATTCustomerCare

 


dhopfenberg wrote:

I have a Sonicwall TZ-170, and with the help of one of the AT&T techs, my MicroCell is working. 

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 

This is done on the Sonicwall by going to the Firewall | Access Rules screen.  Then configure the rules associated with the four ports mentioned above.  On the advanced settings tab, check the "Allow Fragmented Packets" box and OK. 

 

Once this was done, my MicroCell connected to AT&T's network and went online.


AT&T obviously didn't test the MC with enough different kinds of routers and internet connections (DSL, cable, PPoE, etc) to make is easliy useable over a wide range of setups. Especially since they seem to be updating their MC system every now and then. After an update back in March I was down for 10 days with no change in my setup or ISP. AT&T gave me the port forwarding settings and all I had to do was configure them in my AEBS (Apple Extreme Base Station) and assign a permanent IP address based on the MCs MAC address. All other router settings were at their defaults with the MicroCell behind the router (non-priority mode). Works fine even with power cycling.

___________________________________________________________

MicroCell Technical Guide by Otto Pylot


I am not an AT&T employee. For additional help, please send a PM to ATTCustomerCare

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: Sonicwall and Microcell

12 of 13 (1,723 Views)
0
(0)
  • Rate this reply
View profile
Jun 14, 2011 10:04:55 AM
0
(0)
Guru

dhopfenberg wrote:

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 




It's ridiculous that the Microcell should generate fragments in the first place. It should be absolutely trivial for AT&T/Cisco to insure that the MTU of the internal interfaces (inside the VPN) are low enough to insure that the packets that go to and from the VPN itself don't need to be fragmented. It's far better for them to fragment the inside traffic than the outside traffic, because the inside traffic is all fully under their control and is trustworthy - no need to firewall it aggressively.

 

Really, these are rookie mistakes. A year in and they haven't been fixed (never mind the fact that they were made to begin with)? Clearly AT&T just doesn't care.


dhopfenberg wrote:

 

The one item that is not mentioned in the AT&T booklet is that when you open the four ports (123/UDP, 443/TCP, 4500/UDP and 500/UDP), you need to allow the system to utilize fragmented packets.

 




It's ridiculous that the Microcell should generate fragments in the first place. It should be absolutely trivial for AT&T/Cisco to insure that the MTU of the internal interfaces (inside the VPN) are low enough to insure that the packets that go to and from the VPN itself don't need to be fragmented. It's far better for them to fragment the inside traffic than the outside traffic, because the inside traffic is all fully under their control and is trustworthy - no need to firewall it aggressively.

 

Really, these are rookie mistakes. A year in and they haven't been fixed (never mind the fact that they were made to begin with)? Clearly AT&T just doesn't care.

Re: Sonicwall and Microcell

13 of 13 (1,709 Views)
Share this post
Share this post