Timothy
Parker Consulting Incorporated
|
|
|
|
Stallion ePipe So far in this series we’ve looked at several turnkey
server appliances, gateways, and firewalls.
Another variation on this theme is the turnkey VPN (virtual private
network) appliance. My favorite,
and the one I’m running between my Ottawa and Virginia offices, is from
Stallion Technologies. Anyone
who’s been in the UNIX field for a few years will know Stallion.
They made the best multiport serial systems for UNIX and XENIX systems a
decade ago, moved on to highspeed multiport systems for Windows and UNIX
networks, and have branched out to other devices in the last few years. Stallion’s ePipe is a deceptively simple way to set up a
virtual private network between offices or home and office.
The ePipe is available in several models, but the two main variations on
the device are the types of modems and network connections supported.
Within each of these categories are models with support for varying
numbers of modems and lines. The
ePipes that I use are model 2148, designed for use with analog and ISDN modems. The ePipe 2148 is a small blue box. The sculpted plastic
case is quite attractive, with five front-panel LEDs for status and activity
indicators. The back panel has four RJ45 sockets designed to plug into RS232
modem or ISDN TA (Terminal Adapter) sockets.
Stallion provides two RJ45 to RS232 cables and other can be bought either
from Stallion or from other sources as the wiring is standard.
Next to the four RJ45 modem sockets is a DB9 RS232 for plugging in a
console session. The back panel is
completed with eight RJ45 Ethernet plugs allowing the ePipe to act as a hub.
The Ethernet ports are 10Mbps only, which is a shame as faster 100Mbps
ports would have allowed the ePipe to integrate into networks a little easier.
Of course, going to 10/100Mbps ports would have added to the price of the
unit. Power to the ePipe is through a wall-wart power supply and there is no
power switch: the ePipe is always on. The documentation for the ePipe is electronic only, with
the exception of a small Quick Setup guide.
I’ve moaned many times about the lack of printed documentation with
software and hardware, and it still annoys me that vendors are not willing to
spend a dollar or two to provide me with a nice printed document.
Although electronic documents are handy for quick lookups and reference,
I don’t want to read a book on my computer.
True, I may be in the minority, but recent surveys of users tend to
indicate a definite preference for both printed and electronic documents.
Wise up, everyone! Give me a
book! Connecting the ePipe is simple. The box is designed to be
either laid horizontally or mounted on the wall, and I found the latter to be
easiest for managing the cable runs and keeping the unit out of the way.
Since the ePipe is a nonstandard shape and size, it doesn’t stack well
with other equipment in a rack or closet so wall mounting worked well for me.
The ePipe contains no modems inherently, so external units must be
connected using the cables. I used
ganged V.90 modems for my VPN, both MultiTech units, and they’ve performed
well. After connecting the modems
and running a connector from the Ethernet port to my network hubs, you can
configure the ePipe. There are two ways to configure ePipe.
The first is through the console port attachment using telnet, and the
second is through the software that discovers the ePipe on the network
automatically (designed for Windows only). If you choose the software option,
you can take advantage of a wizard Stallion supplies that handles all standard
setups scenarios for you. Alternatively,
a command line option allows total control of the configuration. The software
discovers the ePipe and allows you to set configuration parameters easily,
setting the IP address of the box as well as security parameters.
A set of activation key numbers are required to enable the unit for use. The ePipe is designed to connect to another similar unit,
so you need to configure an ePipe at both ends of your VPN. In
my case, I set up identical configurations with dual V.90 modems in both Ottawa
and Virginia. The ePipe VPN setup is designed to work over the Internet, so
ISP accounts are necessary at both ends. One
configured, the ePipe works to transparently tunnel your network traffic over
the ISP connection to the other ePipe, making the two networks appear as though
they are connected directly together, albeit with a somewhat slow connection.
In my tests I was achieving reasonable performance for tasks like file
transfers and e-mail access, but controlling a computer remotely with tools like
Symantec’s PCAnywhere is slow. Still, a faster set of connections, such as
ISDN or T1 would solve this problem. In three weeks of testing the ePipe has worked flawlessly. When I am in Virginia, I can connect to my home network through any ISP and transfer information either way with ease, completely transparently to me. The cost savings in long distance dial-up attachments to a modem remote access server will pay for the two ePipes in less than a year. The security on the ePipe is excellent, rejecting all my attempts to hack into it or perform any packet filtering. The ePipe is not a replacement for a firewall, but it itself is not a vulnerable item. On the whole, I can’t think of an easier way to set up a VPN than to use Stallion’s ePipe. Now, if they would make a laptop version, I’ll be completely set! |
|
Send mail to
tparker@tpci.com with
questions or comments about this web site.
|