Thread Info
  • Replies 0 replies
  • Subscribers 28 subscribers
  • Views 9730 views
  • Users 0 members are here
Options
Suggested

Sophos Firewall: Configuring the 3G/4G modules for use with Verizon

Jan Michael Jayme

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.

Overview

The new flexi-port cellular modules aren’t yet officially supported by Verizon. Because they aren’t officially supported, Verizon generally refuses to help customers who call looking for help with the setup. This article describes how to configure the 3G/4G modules for use with Verizon.

This applies to the following Sophos products and versions
Sophos Firewall
 

What to do

  1. Go to Network > Cellular WAN and enable Cellular WAN.



    Note: Immediately after it is enabled, it may show that no device was detected but refreshing the page should update it with something like the information shown in the image above.
     
  2. Go to Network > Interface and edit the WWAN1 interface.


     
  3.  Enter the following connection details.
     
    Parameter Value
    IP Assignment Dial-Up (PPP)
    Connect Auto (recommended). May be set to Manual if desired.
    Modem Port Serial 2
    Phone Number *99#
    APN vzwinternet
    Initialization String Do not enter an Initialization String.


     
  4. Test the connectivity.
    1. Ensure that the modem is connected (Go to Network > Cellular WAN, click Connect, if it is not connected).
    2. Test the connectivity (Go to Diagnostics > Tools).
    3. Ping an appropriate internet IP, such as 8.8.8.8, and select the WWAN1 interface.


       
  5. WWAN1_GW will be backedup by default and it can be changed to active.

  6. Run a traceroute directly out from the firewall to 8.8.8.8 via the WWAN interface

     • Either from the GUI under Diagnostics > Tools
    • Or from the CLI using traceroute -I WWAN1 8.8.8.8
  7. Copy the first address that appears in the output – the hostname should be appended with myvzw.com. Example (from a customer’s firewall):

    XG135w_XN03_SFOS 19.5.3 MR-3# traceroute -i WWAN1 8.8.8.8

    traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets

    [1]10.sub-66-174-33.myvzw.com (66.174.33.10) 157.871 ms 62.456 ms 30.209 ms

      *

      *

     ^C
  8. Create a static default route to this IP address using the WWAN1 interface as the gateway
  9. The interface should be set under “Select interface”.

Note:
 

  • The host devices aren’t yet certified on Verizon, but Verizon approves the 3G/4G module used. Verizon may decline to support devices they haven’t officially certified.
  • It may be necessary to activate a new SIM card on another device (such as a supported Cradlepoint or USB dongle) before using Verizon’s SIM with the 3G/4G module.

Related Information



Added related information
[edited by: emmosophos at 8:38 PM (GMT -8) on 15 Nov 2023]
Unfiltered HTML