Saturday, May 12, 2012

Wireless Data Cards (Sierra Wireless 313U) and Cisco AnyConnect VPN - Solved!!

Just got a brand new AT&T USBConnect Momentum 4G LTE data card by Sierra Wireless. Setup was straight forward and i was connected in no time. The ATT Communications Manager application installs by itself (MAC/Win7).

I started playing with the card and the first thing i tried was my corporate VPN via Cisco AnyConnect. What do i find???? No matter what i tried, restart, reinstall, Sierra Wireless Air Card Watcher, nothing would work. It would go as far as the last step and give me the following error

"The VPN client was unable to modify the ip forwarding table...."
"AnyConnect was not able to establish a connection to the specified secure gateway..."

There was no way for me to connect to the Cisco VPN using the data card. So i tried investigating online. People talk about various ways they have tried but no luck. There is an inherent problem with the security in Cisco and the way the data is handled via a wireless card using WWAN. After wasting a lot of time and effort, i stumbled across few posts which talk about using the Native Interface for connection or have some sort of NDIS drivers. Being a MAC user, it was a nightmare to find any drivers.. let alone the setups and configuration instructions. I even called AT&T and got the usual answer about the lack of support for VPN and especially MAC OSX (Hope APPLE is listening...) and was asked to contact my local cop orate IT.

Started playing around and finally got VPN to work on my data card. I think the approach is device agnostic so should work with any data card on probably any operating system as long as you know how to go about creating a Dial-Up Networking (DUN) interface. I am mentioning the steps for MAC OSX LION 10.7.4 but same steps can be followed for WIN7 or LINUX.

  1. The first and foremost thing is that you make sure that your initial install of the card doesn't have issues and installs the following network interfaces
    • direct IP (Its just the name of the interface at least on my MAC) - This is the basic network interface required by the AirCard Watcher or ATT Communications Manager.
    • The second but most important is the "AirCard 313U" interface which is basically a USB modem network interface. This is what we will use for setting up the DUN.
  2. One important thing that i noticed is that the drivers that came on the card are actually the only ones (at least for MAC OSX) which install the USB Modem driver and are embedded into the ATT Communications Manager that it installs. If you download a version of ATT Communications Manager from AT&T's website, you may be out of luck and you may not get the Modem Driver installed.
  3. Now if you don't wanna do VPN, you can continue to use the ATT Communications Manager utility to connect.
  4. For VPN, you need to go to Mac OSX Network Preferences. You will use the same approach for any OS. All you need to do is to identify the USB Modem Network Interface.
  5. Once you have located the USB modem network interface, enter the following settings on the Network Interface.
    • Telephone Number - *99#
    • User Nam & Password - Optional. If your network provider has provided you one, please use it otherwise leave it blank.
    • Under Advanced Settings
      • Select the Modem Driver - Sierra Wireless (or your specific vendor)
      • Model - GSM or CDMA
      • APN - broadband or ISP.CINGULAR (These are only for ATT. You can find your network provider APN from the AirCard Settings)
      • CID = 1
    • Proxy - You can setup proxies if required by your corporate.
  6. Save the settings and make sure that the ATT Communications Manager is not running and is not connected using the "direct IP" interface.
  7. Click connect and you will be connected to the internet via DUN (Dial-Up Networking).
  8. Start Cisco AnyConnect VPN and try connecting to your corporate VPN and there you have it.. A working VPN with no degradation of speed ( i validated using speedtest) on a wireless 4G LTE Data Card.