Hi Guys,
I recently have had issues setting up a couple of Vodafone SureSignal devices, these are devices that give you a 3G signal in areas where there is no coverage from the mobile network.
My setup is a SG135 running the latest version of SFOS. I have an unprotected network with an allow all outbound rule enabled without IPS, and that is where the SureSignal box is.
There is a lot of confusing info out there on the Internet about the setup of these devices, and there isn't much in the way of diagnostics you can use to get info from the device itself other than the light patterns.
I initially got the lights on the unit flashing red, but thanks to the UTM forum I found a very useful post explaining that the Vodafone systems need to know the postcode of the area the device will be put in, because if set incorrectly that causes the system not to work. Indeed that was the case here, I set the correct postcode on the Vodafone account and now I get further than I did before. I am now stuck at the point where the device is switched on, and I get a solid red light, and a white light that just pulses on and off.
I looked at the document at:
https://www.vodafone.co.uk/cs/groups/public/documents/webcontent/vftst061123.pdf
From the instructions in here it explains I need to set up port forwarding. The ports that need to be forwarded are quite strange (i.e, it needs UDP/123 forwarding to the box). I believe someone wrote the instructions not realising what they were suggesting, but people have got the device working after doing this.
So I created a new business rule which has the following characteristics:
Source zone: WAN
Allowed networks: A host group containing all the IP addresses from the PDF (I added each host as a single IP address, except for the last IP range which is a /26, so I added it as a network).
Destination: WAN (address)
Protected server: the host entry for the SureSignal box
I have set forwarded ports to everything, as there is different documentation all over the place with suggestions about what ports need forwarding, and most don't seem sane to me.
My belief was that if machines from these IP addresses tried to connect to the SureSignal box on the WAN address, it would get forwarded to the SureSignal box. I don't want any other client speaking to that box if possible.
Currently this hasnt made any difference, and I don't see any traffic using that rule either. I did some initial packet capturing on the communications and can see that traffic is going out on some of the ports which were in the document (explaining to me that the document is just completely wrong), including to some addresses which are not in the document. For example, I saw traffic on UDP/4500 to 88.82.13.177, 88.82.13.178 and 88.82.13.179. I added these to the host group, but still no joy. I have left the device for 24 hours now just doing it's thing and we'll see what happens.
I just wondered if anyone else got this box working on a similar setup?
Thanks.
Andrew.
This thread was automatically locked due to age.
