How to set up an AT&T Microcell to run behind a Sonicwall TZ-170 Firewall

We have struggled for a long time with AT&T reception issues in our office building.  Finally we reverted to setting up an AT&T microcell.  It seems natural that businesses would use the microcell but there’s not much support for running one in an office network environment.  Running an AT&T microcell behind a Sonicwall TZ-170 requires some extra work that AT&T will not really give much help.  I was able to get ours to work so follow along…

How to set up an AT&T Microcell to run behind a Sonicwall TZ-170 Firewall

Equipment:

  • AT&T 3G Microcell Cisco Model DPH151-AT, P/N: 4035800
  • Sonicwall TZ-170 Model: APL11-029

Step 1: You must assign a static internal IP address for your Microcell.

I’m not going to go over how to do that in this tutorial but if you don’t have a consistent IP address your ports will not forward to the right location.  I have it set up for our DHCP server to assign the microcell 192.168.0.111 based on the microcell’s MAC address.  The MAC address is on the sticker on the bottom of the Microcell.

Step 2: You must create services for the 4 different ports you must forward

The services are: 123 (UDP), 443 (TCP), 4500 (UDP), and 500 (UDP).  Create services in the following section of the Sonicwall preferences.  Open these preferences by pointing your browser to the IP address of your firewall, often at: 192.168.0.1
Sonicwall Setup > Firewall > Services > Custom Services Section > Add…
I would name them something that distinguishes them as your Microcell because you’ll need to find them in a drop-down list later and a name that contains Microcell, the port number, and the Protocol type is handy when looking at them all in a list.  See the screenshots below to see the ones you’ll need to set up.  NOTE: Make sure to click on the “advanced” tab and enable “Allow Fragmented Packets” for every service you create.

 

 

When you create each one make sure you click on the “advanced” tab and enable “Allow Fragmented Packets.”
When you are done this is what you’ll have:

Step 3: Create access rules to forward the ports to the IP address you assigned your Microcell.

Create the  access rules in the following section of the Sonicwall preferences:
Sonicwall Setup > Firewall > Access Rules > Add…
Create an access rule for each of the 4 services pointing each to the IP address you’ve assigned to the Microcell.  Make sure the “Allow” radio button is clicked.

 

 

 

This is what you’ll have when you’re done:

That should have you up and going.Something that might go wrong is the microcell not having the IP address you forward all the ports to.  You can view the IP address that’s been assigned by looking for the microcell’s MAC address in the DHCP section of your Sonicwall administrative panel:

Sonicwall Setup > Network > DHCP Server > Current DHCP Leases SectionAnother thing that can snag you up is that the unit must be able to get a gps lock where ever you install it. I guess this is because they are only allowed to install these units in areas where they have existing coverage (maybe an issue with the FCC).  Luckily our picked up a signal where we installed it the first time and that wasn’t an issue.  They do make an external antenna you can connect to it.

Success:

 

Tags from the story
, , , , , ,
Written By
More from John Mueller

How to Repair Glasses With a Broken Arm

A coworker of mine asked me if I could take a look...
Read More

I love questions and comments and respond to all. Please make sure to check the "Notify me of new comments via email" box below before clicking "Post Comment" to be notified when you receive a response. If you do not have an approved comment already, your comment will not show up until personally approved by me (no spam on Share Your Repair!) Thanks!