Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 28 subscribers
  • Views 4354 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN Link Failover - if link is down after a dedicated downtime

ChrisGER

Hello Community,
i've established an XG firewall in a two stage/vendor security area directly at the ISP connect.
This configuration is placed in a remote location and i hope, the following challange is possible.

My challange
Is there a possibility to configure a celluar device at the XG firewall for the following challange
- the celluar device is by default offline (not connected to the 3G/4G/LTE network.

- if the primary cable connect is down for more than xxx seconds, the celluar device shift to online (dial-in) and overtake the connectivity and serve avalibility of local VoiP/FoIP devices until the issue is solved and the primary link is online.

- the celluar device should go offline (disconnected), if the primary link is back and working.

Is that possible, or is it only manually possible?


Thanks forward
Christian



This thread was automatically locked due to age.
  • +1

     By default offline is not possible. You can use the other interface as "Backup". 

    In this process, the Cellular will only be used in case the active connection is offline OR you address a firewall policy to use this interface. 

    You can setup everything but not with a "offline" cellular, it will always be logged in and communicate couple of packets (basic keep alive). 

  • +1 in reply to LuCar Toni

    Thanks for the quick response,
    is there a matrix of "supported" or "tested" USB dungles for XG firewalls ?
    in another post is written ".... the dongle needs to be compatible to Linux in order to operate on XG"

    Is the Linux support the requirement for usage at XG Firewall ?


    Thnks and best regards
    Christian

  • +1 in reply to ChrisGER

    There is a list, but most likely it depends on "your luck".

    http://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/USBCompatibilityList.html

     

    Manufacturer

    Modell

    Vendor

    3G Standard

    Default ID

    Modem ID

    Protocol

    Compatibility

    Huawei

    E3276

    		  

    LTE CAT4

    12d1:14fe

    12d1:1506

    Serial and NCM

    Probable

    Huawei

    E3276s-150

    		  

    LTE CAT4

    12d1:14fe

    12d1:1506

    NCM

    Probable

    Huawei

    E3276s-150

    		  

    LTE CAT4

    12d1:157c

    12d1:1506

    NCM

    Unlikely

    Huawei

    E3276s-150

    Swisscom

    LTE CAT4

    12d1:1597

    12d1:1598

    Serial and NCM

    Unlikely

     

    As you can see, there are models with the same revision but different compatibility. Unfortunately, most of the time, on the box of the LTE Modem, there is no reference of the Default / Modem ID.

  • 0

    Hello

    can ask you why the LTE connexion as to be offline ?

    i use lte modem for backup vers usually, there are always up, and doesn't consume datas if first link doesn't fail !

  • 0 in reply to guillaume bottollier

    guillaume bottollier said:

    Hello

    can ask you why the LTE connexion as to be offline ?

    i use lte modem for backup vers usually, there are always up, and doesn't consume datas if first link doesn't fail !

     

     
    Hello guillaume bottollier,
    yes .... this is a small remote office, where "normaly" the primary link is working without any issues.
    The suggestion "why offline" is depending to the contract for the celluar card. This card has no monthly charges - if this is not used (online). If the link is permament up "dialed in", there is a daily fee and volume in charge by the provider.

    In the last 5 years, we had one day, where the provider link was down for about 3 hours and we had to switch voip and reduced mail traffic to the celluar collection until the provider fixed the mistake/issue.

     

    Regards

    Christian
  • 0 in reply to ChrisGER

    Hello,

    Ok, weird provider...

    you should consider the "manual" plug of the LTE device in case of failure, because if it's not online, XG can't check the connectivity and won't route traffic through