en-US
search-icon

SonicOS 5.9 Admin Guide

3G/4G/Modem

Selecting 3G/4G/Modem

3G/4G/Modem

SonicWall network security appliances with a USB extension port can support either an external 3G/4G interface or analog modem interface. When the appliance does not detect an external interface, 3G/4G/Modem is displayed in the left-side navigation bar.

Selecting the 3G/4G/Modem Status

By default, the SonicWall network security appliance will attempt to auto-detect whether a connected external device is a 3G/4G interface or an analog modem interface. You can manually specify which type of interface you want to configure on the 3G/4G/Modem > Settings page.

The 3G/4G/Modem Device Type drop-down menu provides the following options:

Auto-detect - The appliance attempts to determine if the device is a 3G/4G or analog modem.
3G/4G/Mobile - Manually configures a 3G/4G interface.
Analog Modem - Manually configures an analog modem interface.

Configuring 3G/4G

* 
NOTE: For the latest information about supported 3G/4G devices, see http://www.sonicwall.com/us/en/products/3190.html.

3G/4G Overview

This chapter describes how to configure the 3G/4G wireless WAN interface on the SonicWall network security appliance.

SonicWall security appliances support 3G/4G Wireless WAN connections that utilize data connections over Cellular networks. The 3G/4G connection can be used for:

WAN Failover to a connection that is not dependent on wire or cable.
Temporary networks where a pre-configured connection may not be available, such as trade-shows and kiosks.
Mobile networks, where the SonicWall appliance is based in a vehicle.
Primary WAN connection where wire-based connections are not available and 3G/4G Cellular is.
Topics:

Understanding 3G/4G Connection Types

Depending on your appliance, when the 3G/4G device is installed prior to starting the appliance, it will be listed as the U0, U1, or M0 (NSA 240 only) interface on the Network > Interfaces to govern the interface.

The 3G/4G Connection Types setting provides flexible control over WAN connectivity on SonicWall appliances with 3G/4G interfaces. The Connection Type is configured on the 3G/4G > Connection Profiles page on the Parameters tab of the 3G/4G Profile Configuration window. The following connection types are offered:

Persistent Connection – Once the 3G/4G interface is connected to the 3G/4G service provider, it remains connected until the administrator disconnects it or a network event (such as the WAN becoming unavailable) causes it to disconnect.
Connect on Data – The 3G/4G interface connects automatically when the SonicWall appliance detects specific types of network traffic.
Manual Connection – The 3G/4G interface is connected only when the administrator manually initiates the connection.
 
* 
CAUTION: Although the 3G/4G connection can be manually enabled on the Network > Interfaces page (by clicking the Manage button for the U0/U1/M0 interface), this is not recommended because this can cause automatic connections to not function as expected. SonicWall recommends governing the 3G/4G interface using the connection types described above.

Understanding 3G/4G Failover

It is important to note that the failover behavior when the primary WAN interface goes down depends on the Connection Type setting that is configured for the 3G/4G Connection Profile. In order for the 3G/4G interface to function as a backup interface, it must be configured as the Final Backup interface in the default load balancing group on the Network > Failover & LB Group page.

The following sections describe the three different methods of WAN-to-3G/4G failover. All of these sections assume that the U0/U1/M0 interface is configured as the Final Backup interface in the load balancing group.

Topics:

Persistent Connection 3G/4G Failover

3G/4G Failover: Persistent Connection Configuration depicts the sequence of events that occur when the WAN ethernet connection fails and the 3G/4G Connection Profile is configured for Persistent Connection.

3G/4G Failover: Persistent Connection Configuration

1
Primary Ethernet connection available – The Ethernet WAN interface is connected and used as the primary connection. The U0/U1/M0 interface is never connected while the Ethernet WAN interface is available (unless an explicit route has been configured which specifies 3G/4G as the destination interface).
2
Primary Ethernet connection fails – The U0/U1/M0 interface is initiated and remains in an “always-on” state while the Ethernet WAN connection is down.

If another Ethernet WAN interface is configured as part of the load balancing group, the appliance will first failover to the secondary Ethernet WAN before failing over to the U0/U1/M0 interface. In this situation, failover to the U0/U1/M0 interface will only occur when both the primary and secondary WAN paths are unavailable.

3
Reestablishing Primary Ethernet Connectivity After Failover – When the Ethernet WAN connection (either the primary WAN port or the secondary WAN port, if so configured) becomes available again, all LAN-to-WAN traffic is automatically routed back to the available Ethernet WAN connection. This includes active connections and VPN connections. The U0/U1/M0 interface connection is closed.
* 
CAUTION: It is not recommended to configure a policy-based route that uses the U0/U1/M0 interface when the U0/U1/M0 interface is configured as the Final Backup in the load balancing group. If a policy-based route is configured to use the U0/U1/M0 interface, the connection will remain up until the Maximum Connection Time (if configured) is reached.

Connect on Data 3G/4G Failover

3G/4G Failover: Connect on Data Configuration depicts the sequence of events that occur when the WAN Ethernet connection fails and the 3G/4G Connection Profile is configured for Connect on Data.

3G/4G Failover: Connect on Data Configuration

1
Primary Ethernet connection available – The Ethernet WAN interface is connected and used as the primary connection. 3G/4G is never connected while the Ethernet WAN interface is available (unless an explicit route has been configured which specifies the U0/U1/M0 interface as the destination interface).
2
Primary Ethernet Connection Fails – The U0/U1/M0 interface connection is not established until qualifying outbound data attempts to pass through the SonicWall appliance.
3
3G/4G Connection Established – The U0/U1/M0 interface connection is established when the device or a network node attempts to transfer qualifying data to the Internet. The U0/U1/M0 interface stays connected until the Maximum Connection Time (if configured) is reached.
4
Reestablishing WAN Ethernet Connectivity After Failover – When an Ethernet WAN connection becomes available again or the inactivity timer (if configured) is reached, all LAN-to-WAN traffic is automatically routed back to the available Ethernet WAN connection. The U0/U1/M0 interface connection is terminated.
 
* 
CAUTION: It is not recommended to configure a policy-based route that uses the U0/U1/M0 interface when the U0/U1/M0 interface is configured as the Final Backup in the load balancing group. If a policy-based route is configured to use the U0/U1/M0 interface, the connection will remain up until the Maximum Connection Time (if configured) is reached.

Manual Dial 3G/4G Failover

 
* 
CAUTION: SonicWall does not recommend using a Manual Dial 3G/4G Connection Profile when the U0/U1/M0 interface is intended to be used as a failover backup for the primary WAN interface, because if a WAN fails, the appliance will lose WAN connectivity until the U0/U1/M0 interface connection is manually initiated.

3G/4G Failover: Manual Dial Configuration depicts the sequence of events that occur when the WAN Ethernet connection fails and the 3G/4G Connection Profile is configured for Manual Dial.

3G/4G Failover: Manual Dial Configuration

1
Primary Ethernet Connection Available - The Ethernet WAN is connected and used as the primary connection. 3G/4G is never connected while the Ethernet WAN connection is available.
2
Primary Ethernet Connection Fails - The U0/U1/M0 interface connection is not established until the administrator manually enables the connection.
3
3G/4G Connection Established – A U0/U1/M0 interface connection is established when the administrator manually enables the connection on the SonicWall appliance. The U0/U1/M0 interface stays connected until the administrator manually disables the connection.
4
Reestablishing WAN Ethernet Connectivity After Failover – Regardless of whether an Ethernet connection becomes available again, all LAN-to-WAN traffic will still use the manually enabled 3G/4G connection until the connection is manually disabled by the administrator. After a manual disconnect, the available Ethernet connection will be used.

3G/4G PC Card Support

To use the 3G/4G interface you must have a 3G/4G PC card and a contract with a wireless service provider. A 3G/4G service provider should be selected based primarily on the availability of supported hardware. SonicOS Enhanced (3.6 and later versions) supports the 3G/4G PC cards listed online at:

http://www.SonicWALL.com/us/products/cardsupport.html

3G/4G Wireless WAN Service Provider Support

SonicOS supports the following 3G/4G Wireless network providers (this list is subject to change):

AT&T
H3G
Orange
Sprint PCS Wireless
Telecom Italia Mobile
Telefonica
T-Mobile
TDC Song
Verizon Wireless
Vodafone

3G/4G Prerequisites

Before configuring the 3G/4G interface, you must complete the following prerequisites:

Purchase a 3G/4G service plan from a supported third-party wireless provider
Configure and activate your 3G/4G card
Insert the 3G/4G card into the SonicWall appliance before powering on the SonicWall security appliance.
 
* 
NOTE: The 3G/4G card should only be inserted or removed when the SonicWall security appliance is powered off.

For information on configuring these prerequisites, see the SonicWall Getting Started Guide for your model.

For how to configure the U0/U1/M0 interface for the 3G/4G card on the SonicWall appliance, see the following:

Most of the 3G/4G settings can also be configured on the Network > Interfaces page. 3G/4G Connection Profiles can only be configured on the 3G/4G > Connection Profiles page.

3G/4G > Status

The 3G/4G > Status page displays the current status of 3G/4G on the SonicWall appliance. It indicates the status of the 3G/4G connection, the current active WAN interface, or the current backup WAN interface. It also displays IP address information, DNS server addresses, the current active dial up profile, and the current signal strength.

3G/4G > Settings

On the 3G/4G > Settings page, you can configure the following settings:

3G/4G/Modem Settings

3G/4G/Mobile Device Type - Select whether you are using an a 3G/4G/Mobile connection, an Analog Modem, or Auto-detect.

Connect on Data Categories

The Connect on Data Categories settings allow you to configure the 3G/4G interface to automatically connect to the 3G/4G service provider when the SonicWall appliance detects specific types of traffic. The Connect on Data Categories include:

NTP packets
GMS Heartbeats
System log e-mails
AV Profile Updates
SNMP Traps
Licensed Updates
Firmware Update requests
Syslog traffic

To configure the SonicWall appliance for Connect on Data operation, you must select Connect on Data as the Connection Type for the Connection Profile. See 3G/4G > Connection Profiles for more details.

Management/User Login

The Management/User Login section must be configured to enable remote management of the SonicWall appliance over the 3G/4G interface.

You can select any of the supported management protocol(s): HTTPS, Ping, SNMP, and/or SSH. You can also select HTTP for management traffic. However, bear in mind that HTTP traffic is less secure than HTTPS.

Select Add rule to enable redirect from HTTP to HTTPS to have the SonicWall automatically convert HTTP requests to HTTPS requests for added security.

 
* 
NOTE: In previous releases of SonicOS, probe monitoring for the 3G/4G interface was configured on the 3G/4G > Settings page. Now, probe monitoring is configured on the Network > Failover & LB page. See Load Balancing Members and Groups for more information.

3G/4G > Advanced

* 
NOTE: This is the help page for configuring the 3G/4G > Advanced page for an external 3G/4G wireless WAN interface. For help with the Modem > Advanced page for an external analog modem interface, see Modem > Advanced.

The 3G/4G > Advanced page is used to configure the following features:

 

Remotely Triggered Dial-Out Settings

The Remotely Triggered Dial-Out feature enables network administrators to remotely initiate a WAN modem connection. The following process describes how a Remotely Triggered Dial-Out call functions:

1
The network administrator initiates a modem connection to the SonicWall security appliance located at the remote office.
2
If the appliance is configured to authenticate the incoming call, it prompts the network administrator to enter a password. Once the call is authenticated, the appliance terminates the call.
3
The appliance then initiates a modem connection to its dial-up ISP, based on the configured dial profile.
4
The network administrator accesses the appliance’s web management interface to perform the required tasks.

Before configuring the Remotely Triggered Dial-Out feature, ensure that your configuration meets the following prerequisites:

The 3G/4G connection profile is configured for dial-on-data.
The SonicWall Security Appliance is configured to be managed using HTTPS, so that the device can be accessed remotely.
It is recommended that you enter a value in the Enable Inactivity Disconnect field. This field is located in the 3G/4G Profile Configuration window on the Parameters tab. See 3G/4G > Connection Profiles for more information. If you do not enter a value in this field, dial-out calls will remain connected indefinitely, and you will have to manually terminate sessions by clicking the Disconnect button.

To configure Remotely Triggered Dial-Out, go the 3G/4G > Advanced page.

1
Check the Enable Remotely Triggered Dial-Out check box.
2
(Optional) To authenticate the remote he Requires authentication check box and enter the password in the Password: and Cocall, check tnfirm Password: fields.

Bandwidth Management

The Bandwidth Management feature allows the administrator to enable egress or ingress bandwidth management services on the 3G/4G interface.

For information on configuring Bandwidth Management, see Bandwidth Management Overview.

Connection Limit

The Connection Limit section allows the administrator to set a host/node limit on the 3G/4G connection. This feature is especially useful for deployments where the 3G/4G connection is used as an overflow or in load-balanced situations to avoid over-taxing the connection.

In the Max Hosts field, enter the maximum number of hosts to allow when this interface is connected. The default value is “0”, which allows an unlimited number of nodes.

3G/4G > Connection Profiles

* 
NOTE: This is the help page for configuring the 3G/4G > Connection Profiles page for an external 3G/4G wireless WAN interface. For help with the Modem > Connection Profiles page for an external analog modem interface, see Modem > Connection Profiles.

Use the 3G/4G > Connection Profiles to configure 3G/4G connection profiles and set the primary and alternate profiles.

Select the Primary 3G/4G connection profile in the Primary Profile drop-down menu. Optionally, you can select up to two alternate 3G/4G profiles.

To create a 3G/4G connection profile, click the Add button and then perform the steps in the following sections:

General Tab

The General tab allows you to configure general connection settings for the 3G/4G service provider. After selecting your country, service provider, and plan type, the rest of the fields are automatically field for most service providers.

To configure general settings:
1
On the 3G/4G > Connection Profiles page, click on the Add button. The 3G/4G Profile Configuration dialog displays.

2
Select the Country where the SonicWall appliance is deployed.
3
Select the Service Provider that you have created an account with. Note that only service providers supported in the country you selected are displayed.
4
In the Plan Type window, select the 3G/4G plan you have subscribed to with the service provider.

If your specific plan type is listed in the drop-down menu (many basic plans are labeled simply as standard), the rest of the fields in the General tab are automatically provisioned. Verify that these fields are correct, and then skip ahead to Parameters Tab.

5
If your Plan Type is not listed in the drop-down menu, select Other.
6
Enter a name for the 3G/4G profile in the Profile Name field.
7
Verify that the appropriate Connection Type is selected. Note that this field is automatically provisioned for most service providers.
8
Verify that the Dialed Number is correct. Note that the dialed number is *99# for most Service Providers.
9
Enter your username and password in the User Name, User Password, and Confirm User Password fields, respectively, if required by your provider.
10
Enter the Access Point Name in the APN field. APNs are required only by GPRS devices and will be provided by the service provider.

Parameters Tab

The Parameters tab allows you to configure under what conditions the 3G/4G service connects. The three connection types are Persistent, Connect on Data, and Manual. The mechanics of these connection types are described in Understanding 3G/4G Connection Types.

To configure 3G/4G service connects:
1
Click the Parameters tab.

2
In the Connection Type drop-down menu, select whether the connection profile is a Persistent Connection, Connect on Data, or Manual Dial.
* 
NOTE: To configure the SonicWall appliance for remotely triggered dial-out, the Connection Type must be Connect on Data. See 3G/4G > Advanced for more information.
3
Select the Enable Inactivity Disconnect (minutes) check box and enter a number in the field to have the 3G/4G connection disconnected after the specified number of minutes of inactivity. Note that this option is not available if the Connection Type is Persistent Connection.
4
Select the Enable Max Connection Time (minutes) check box and enter a number in the field to have the 3G/4G connection disconnected after the specified number of minutes, regardless if the session is inactive or not. Enter a value in the Delay Before Reconnect (minutes) to have the SonicWall appliance automatically reconnect after the specified number of minutes.
5
Select the Dial Retries per Phone Number check box and enter a number in the field to specify the number of times the SonicWall appliance is to attempt to reconnect.
6
Select the Delay Between Retries (seconds) check box and enter a number in the field to specify the number of seconds between retry attempts.
7
Select the Disable VPN when Dialed check box to disable VPN connections over the 3G/4G interface.

IP Addresses Tab

The IP Addresses tab allows you to configure dynamic or static IP addressing for this interface. In most cases, this feature is set to Obtain an IP Address Automatically, however, it is possible to configure manual IP addresses for both your gateway IP address and one or more DNS server IP addresses if this is required by your service provider.

To configure dynamic or static IP addresses:
1
Click the IP Addresses tab.

By default, 3G/4G connection profiles are configured to obtain IP addresses and DNS server addresses automatically.

2
Do one of the following:
To specify a static IP address, select the Use the following IP Address radio box and enter the IP address in the field.
To manually enter DNS server addresses, select the Use the following IP Address radio box and enter the IP addresses of the primary and secondary DNS servers in the fields.

Schedule Tab

The Schedule tab allows you to limit 3G/4G connections to specified times during specific days of the week. This feature is useful for data plans where access is limited during certain times of day, such as plans with free night/weekend minutes.

* 
NOTE: When this feature is enabled, if a the check box for a day is not selected, 3G/4G access will be denied for that entire day.
To limit 3G/4G connections by schedule:
1
Click the Schedule tab.

2
Select the Limit Times for Connection Profile check box to enable the scheduling feature for this interface.
3
Select the check box for each Day of Week you wish to allow access on.
4
Enter the desired Start Time and End Time (in 24-hour format) for each day of the week.

Data Limiting Tab

The Data Limiting tab allows you to limit data usage on a monthly basis. This feature gives you the ability to track usage based on your 3G/4G provider’s billing cycle and disconnect when a given limit is reached.

To limit data usage by schedule:
1
Click the Data Limiting tab.

* 
TIP: If your 3G/4G account has a monthly data or time limit, it is strongly recommended that you enable Data Usage Limiting.
2
Select the Enable Data Usage Limiting check box to have the 3G/4G interface become automatically disabled when the specified data or time limit has been reached for the month.
3
Select the day of the month to start tracking the monthly data or time usage in the Billing Cycle Start Date drop-down menu.
4
Enter a value in the Limit field and select the appropriate limiting factor: either GB, MB, KB, or minutes.
5
Click OK.

Advanced Tab

The Advanced tab allows you to manually configure a chat script used during the 3G/4G connection process. Configuring a chat script only necessary when there is a need to add commands or special instructions to the standard dialup connection script.

1
Click on the Advanced tab.

2
Enter the connection chat script in the Chat Script field.
3
Click OK.

3G/4G > Data Usage

On the 3G/4G > Data Usage page, you can monitor the amount of data transferred over the 3G/4G interface in the Data Usage table and view details of 3G/4G sessions in the Session History table.

The Data Usage table displays the current data usage and online time for the current Year, Month, Week, Day, and Billing Cycle. Billing cycle usage is only calculated if the Enable Data Usage Limiting option is enabled on the 3G/4G Connection Profile.

Click the appropriate Reset button to reset any of the data usage categories.

* 
NOTE: The Data Usage table is only an estimate of the current usage and should not be used to calculate actual charges. Contact your Service Provider for accurate billing information.

The Session History table displays a summary of information about 3G/4G sessions. To view additional details about a specific session, place your mouse cursor over the Properties balloon.

Enabling the U0/U1/M0 Interface

 
* 
CAUTION: Although the 3G/4G connection can be manually enabled on the Network > Interfaces page (by clicking the Manage button for the U0/U1/M0 interface), this is not recommended because this can cause automatic connections to not function as expected. SonicWall recommends governing the 3G/4G interface using the connection types described above.
To manually initiate a connection on the U0/U1/M0 external 3G/4G interface:
1
On the Network > Interfaces page, click on the Manage button for the U0/U1/M0 interface.
2
The U0/U1/M0 Connection Status dialog displays. Click the Connect button. when the connection is active, the U0/U1/M0 Connection Status dialog displays statistics on the session.

Configuring Modem

Modem > Status

The Modem > Status page displays dialup connection information when the modem is active. You create modem Connection Profiles in the Modem Profile Configuration window, which you access from the Modem > Connection Profiles page.

In the Modem Status section, the current active network information from your ISP is displayed when the modem is active:

WAN Gateway (Router) Address
WAN IP (NAT Public) Address
WAN Subnet Mask
DNS Server 1
DNS Server 2
DNS Server 3
Current Active Dial-Up Profile (id)
Current Connection Speed

If the modem is inactive, the Status page displays a list of possible reasons that your modem is inactive. When the modem is active, the network settings from the ISP are used for WAN access.

Modem > Settings

The Modem > Settings page allows you to configure modem settings, specify Connect on Data categories, select management and user login options, and select the primary and alternate modem profiles.

Topics:

Modem Settings

Modem Device Type - Select whether you are using an Analog Modem, a 3G/Mobile connection, or Auto-detect.
Speaker Volume - Select whether you want the modem’s speaker turned on or off. The default value is On.
Modem Initialization - Select Initialize Modem For Use In and select the country from the drop-down menu. United States is selected by default. If the modem uses AT commands to initialize, select Initialize Modem Using AT Commands. Enter any AT commands used for the modem in the AT Commands (for modem initialization) field. AT commands are instructions used to control a modem such as ATS7=30 (allows up to 30 seconds to wait for a dial tone), ATS8=2 (sets the amount of time the modem pauses when it encounters a comma (“,”) in the string).

Connect on Data Categories

The Connect on Data Categories settings allow you to specify the outbound data that is detected before the modem dials the ISP. Outbound data does not need to originate from computers on the LAN, but can also be packets generated by the SonicWall security appliance security applications.

The Connect on Data Categories include:

NTP packets
GMS Heartbeats
System log e-mails
AV Profile Updates
SNMP Traps
Licensed Updates
Firmware Update requests
Syslog traffic

Management/User Login

The Management/User Login section allows you to enable remote management of the SonicWall security appliance or user login from the Modem interface.

You can select any of the supported management protocol(s): HTTPS, Ping, SNMP and/or SSH. You can also select HTTP for management traffic. However, bear in mind that HTTP traffic is less secure than HTTPS.

Select Add rule to enable redirect from HTTP to HTTPS to allow the SonicWall to automatically convert HTTP requests to HTTPS requests for added security.

Modem > Advanced

The Modem > Advanced page is used to configure the Remotely Triggered Dial-Out feature, which enables network administrators to remotely initiate a WAN modem connection from a SonicWall network security appliance.

Topics:

Remotely Triggered Dial-Out

The following process describes how a Remotely Triggered Dial-Out call functions:

1
The network administrator initiates a modem connection to the SonicWall located at the remote office.
2
If the SonicWall is configured to authenticate the incoming call, it prompts the network administrator to enter a password. Once the call is authenticated, the SonicWall terminates the call.
* 
NOTE: After three incorrect password attempts, the SonicWall terminates a Remotely Triggered Dial-out authentication session. Each password attempt is allowed a maximum of 60 seconds. If a dial-out session is terminated, the SonicWall can be called again for another Remotely Triggered Dial-out authentication session.
3
The SonicWall then initiates a modem connection to its dial-up ISP, based on the configured dial profile.
4
The network administrator accesses the SonicWall web management interface to perform the required tasks.
* 
NOTE: If LAN- to-WAN traffic on the SonicWall generates a dial-out request at the same time as a Remotely Triggered Dial-out session is being authenticated, the Remotely Triggered Dial-out session is terminated and the SonicWall initiates its own dial-out session.

Configuring Remotely Triggered Dial-Out

Before configuring the Remotely Triggered Dial-Out feature, ensure that your configuration meets the following prerequisites:

The dial profile is configured for dial-on-data.
The SonicWall Security Appliance is configured to be managed using HTTPS, so that the device can be accessed remotely.
Enter a value in the Enable Max Connection Time (minutes) field. If you do not enter a value in this field, dial-out calls will remain connected indefinitely, and you will have to manually terminate sessions by clicking the Disconnect button.
To configure Remotely Triggered Dial-Out:
1
Go the Modem > Advanced page.

2
Check the Enable Remotely Triggered Dial-out check box.
3
(Optional) To authenticate the remote call, check the Requires authentication check box and enter the password in the Password: and Confirm Password: fields.

Bandwidth Management

The Bandwidth Management section allows the administrator to enable egress or ingress bandwidth management services on the modem interface.

For information on configuring Bandwidth Management, see Bandwidth Management Overview.

Connection Limit

The Connection Limit section allows the administrator to set a host/node limit on the modem connection. This feature is especially useful for deployments where the modem connection is used as an overflow or in load-balanced situations to avoid over-taxing the connection.

In the Max Hosts field, enter the maximum number of hosts to allow when this interface is connected. The default value is 0, which allows an unlimited number of nodes.

Modem > Connection Profiles

The Modem > Connection Profiles page allows you to configure modem profiles on the SonicWall security appliance using your dial-up ISP information for the connection. Multiple modem profiles can be used when you have a different profile for individual ISPs.

The current profile is displayed in the Connection Profiles table, which displays the following profile information:

Name - The name you've assigned to the profile. You can use names such as Home, Office, or Travel to distinguish different profiles from each other.
IP Address - The IP address of the Internet connection.
Connection Type - Displays Persistent, Connect on Data, or Manual Dial, depending on what you selected in the Profile Configuration window for the profile.
Configure - Clicking the Edit icon allows you to edit the profile. Clicking on the Delete icon deletes the profile.
Topics:

Configuring a Profile

To add or configure a connection profile:
1
In the Modem > Connection Profiles page, click the Add button. The Modem Profile Configuration dialog displays for configuring a dialup profile.

Once you create your profiles, you can then configure specify which profiles to use for WAN failover or Internet access.

To configure your ISP settings, you must obtain your Internet information from your dial-up Internet Service Provider.

General
2
In the General Settings page, enter a name for your dialup profile in the Profile Name field.
3
Enter the primary number used to dial your ISP in the Primary Dialed Number field.
* 
TIP: If a specific prefix is used to access an outside line, such as 9 or &, enter the number as part of the primary phone number.
4
Enter the secondary number used to dial your ISP in the Secondary Dialed Number field (optional).
5
Enter your dial-up ISP user name in the User Name field.
6
Enter the password provided by your dialup ISP in the User Password field.
7
Confirm your dialup ISP password in the Confirm User Password field.
8
If your ISP has given you a script that runs when you access your ISP connection, cut and paste the script text in the Chat Script field. See the Information in Chat Scripts section for more information on using chat scripts.
ISP Address
9
Click the ISP Address tab.

10
In the ISP Address Setting section, select Obtain an IP Address Automatically if you do not have a permanent dialup IP address from your ISP. If you have a permanent dialup IP address from your ISP, select Use the following IP Address and enter the IP address in the corresponding field.
11
If you obtain an IP address automatically for your DNS server(s), select Obtain an IP Address Automatically. If your ISP has a specific IP address for the DNS server(s), select Use the following IP Address and enter the IP address of the primary DNS server in the corresponding field. You can also add a secondary DNS server address in the field below.
Parameters
12
Click on the Parameters tab. Use the settings in the page to configure modem dialup behavior.

13
In the Connect Type menu select one of the following options:
Persistent Connection - By selecting Persistent Connection, the modem stays connected unless you click the Disconnect button on the Network > Settings page. Depending on settings selected on the Network > Failover & LB page, the modem dials automatically when a WAN connection fails. If the Primary Profile cannot connect, the modem uses the Alternate Profile 1 to dial an ISP.
Connect on Data - Using Connect on Data requires that outbound data is detected before the modem dials the ISP. Outbound data does not need to originate from computers on the LAN, but can also be packets generated by the SonicWall security appliance internal applications such as AutoUpdate and Anti-Virus. If Enable WAN Failover is selected on the Modem > Failover page, the pings generated by the probe can trigger the modem to dial when no WAN Ethernet connection is detected. If the Primary Profile cannot connect, the modem uses the Alternate Profile 1 to dial an ISP.
Manual Connection - Selecting Manual Connection for a Primary Profile means that a modem connection does not automatically occur. You must click the Connect button on the Network > Settings page for the dialup connection to be established. Also, WAN Failover does not automatically occur.
* 
IMPORTANT: If you are configuring two dial-up profiles for WAN failover, the modem behavior should be the same for each profile. For example, if your Primary Profile uses Persistent Connection, your Secondary Profile should also use Persistent Connection.

If you enable Persistent Connection for the modem, the modem connection remains active until the WAN Ethernet connection is reactivated or you force disconnection by clicking Disconnect on the Configure page.

14
If you selected either Connect on Data or Manual Connection, enter the number of minutes a dial-up connection is allowed to be inactive in the Enable Inactivity Disconnect (minutes) field.
15
Select the connection speed from the Max Connection Speed (bps) menu. Auto is the default setting as the SonicWall security appliance automatically detects the connection speed when it connects to the ISP or you can select a specific speed option from the menu.
16
Select Enable Max Connection Time (minutes) if the connection is terminated after the specified time. Enter the number of minutes for the connection to be active. The value can range from 0 to 1440 minutes. This feature does not conflict with the Inactivity Disconnect setting. If both features are configured, the connection is terminated based on the shortest configured time.
17
If you select Enable Max Connection Time (minutes), enter the number of minutes to delay before redialling the ISP in the Delay Before Reconnect (minutes). The value can range from 0 to 1440, and the default value is 0 which means there is no delay before reconnecting to the ISP.
18
If you have call waiting on your telephone line, you should disable it or another call can interrupt your connection to your ISP. Select Disable Call Waiting and then select command from the list. If you do not see your command listed, select Other, and enter the command in the field. If you are not sure which command to use, see the documentation that came with your phone service or contact your phone service provider.
19
If the phone number for your ISP is busy, you can configure the number of times that the SonicWall security appliance modem attempts to connect in the Dial Retries per Phone Number field. The default value is 0.
20
Enter the number of seconds between attempts to redial in the Delay Between Retries (seconds) field. The default value is 5 seconds.
21
Select Disable VPN when Dialled if VPN Security Associations (SAs) are disabled when the modem connects to the ISP. Terminating the dial-up connection re-enables the VPN SAs. This is useful if you want to deploy your own point-to-point RAS network and want packets to be sent in the clear to your intranets.
Schedule
22
Click the Schedule tab.

23
If you want to specify scheduled times the modem can connect, select Limit Times for Dialup Profile. Enter times for each day in 24-hour format that you want the modem to be able to make a connection.
24
Click OK to add the dial-up profile to the SonicWall security appliance. The Dialup Profile appears in the Connection Profiles table.

Chat Scripts

Some legacy servers can require company-specific chat scripts for logging onto the dial-up servers.

A chat script, like other types of scripts, automates the act of typing commands using a keyboard. It consists of commands and responses, made up of groups of expect-response pairs as well as additional control commands, used by the chat script interpreter on the TELE3 SP. The TELE3 SP uses a default chat script that works with most ISPs, but your ISP may require a chat script with specific commands to “chat” with their server. If an ISP requires a specific chat script, it is typically provided to you with your dial-up access information. The default chat script for the TELE3 SP has the following commands:

ABORT `NO DIALTONE'
ABORT `BUSY'
ABOR `NO CARRIER'
"ATQ0
"ATE0
"ATM1
"ATL0
"ATV1
OK ATDT\T
CONNECT \D \C

The first three commands direct the chat script interpreter to abort if any of the strings NO CARRIER, NO DIALTONE, or BUSY are received from the modem.

The next five commands are AT commands that tell the chat interpreter to wait for nothing as
" defines an empty string, and configure the following on the modem: return command responses, don't echo characters, report the connecting baud rate when connected, and return verbose responses.

The next line has OK as the expected string, and the interpreters waits for OK to be returned in response to the previous command, ATV1, before continuing the script. If OK is not returned within the default time period of 50 seconds, the chat interpreter aborts the script and the connection fails. If OK is received, the prefix and phone number of the selected dial-up account is dialled. The \T command is replaced by chat script interpreter with the prefix and phone number of the dial-up account.

In the last line of the script, CONNECT is the expected response from the remote modem. If the modems successfully connect, CONNECT is returned from the TELE3 SP modem.The \D adds a pause of one second to allow the server to start the PPP authentication. The \C command ends the chat script end without sending a carriage return to the modem. The TELE3 SP then attempts to establish a PPP (Point-to-Point Protocol) connection over the serial link. The PPP connection usually includes authentication of the user by using PAP (Password Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol) from the PPP suite. Once a PPP connection is established, it looks like any other network interface.

Custom Chat Scripts

Custom chat scripts can be used when the ISP dial-up server does not use PAP or CHAP as an authentication protocol to control access. Instead, the ISP requires a user to log onto the dial-up server by prompting for a user name and password before establishing the PPP connection. For the most part, this type of server is part of the legacy systems rooted in the dumb terminal login architecture. Because these types of servers can prompt for a user name and password in a variety of ways or require subsequent commands to initiate the PPP connection, a Chat Script field is provided for you to enter a custom script.

If a custom chat script is required by an ISP for establishing a connection, it is commonly found on their web site or provided with their dial-up access information. Sometimes the scripts can be found by using a search engine on the Internet and using the keywords, “chat script ppp Linux <ISP name>”.

A custom chat script can look like the following script:

ABORT `NO CARRIER'
ABORT `NO DIALTONE'
ABORT `BUSY'
" ATQ0
" ATE0
" ATM1
" ATW2
" ATV1
OK ATDT\T
CONNECT "
sername: \L
assword: \P
* 
TIP: The first character of username and password are ignored during PPP authentication.

The script looks a lot like the previous script with the exception of the commands at the end. There is an empty string (") after CONNECT which sends a carriage return command to the server. The chat interpreter then waits for sername: substring. When a response is returned, the current PPP account user name, substituting the \L command control string, is sent. Then, the chat interpreter waits for the substring assword:, and sends the password, substituting \P with the PPP account password. If either the sername or assword substring are not received within the timeout period, the chat interpreter aborts the dial-up process resulting in a dial-up failure.