Network Computingwww.networkcomputing.com

Other Sneak Previews this issue

Cisco Network Registrar: Controlling the Network Circus By Jeff Ballard OpenLinux 2.2 Continues Linus'x March to Enterprise Acceptance By Eric Hammond Microtest AppSolute Server Offers Hassle-Free File Access By Dave Fetters

Company Directory

Browse our directory to get data, starting with a particular company.

Reader Service

Allows you to request additional product information from our advertisers.

Print The Full Article

ClickHere

E-mail this URL

ClickHere

Buy the Book

The all-in-one multiservice Internet gateway includes an IP router; support for DNS, DHCP and NAT (Network Address Translation); a Web server; a firewall; e-mail; an FTP server; and VPN (virtual private network) support. OneGate 1000 also features an intuitive user interface that simplifies configuration and reduces administrative overhead. The GUI configu- ration software is stored on the unit itself, so it can be managed from any machine running Web browsing software.

The OneGate 1000 beta I tested performed admirably. Its configuration interface was helpful, but it doesn't eliminate additional configuration for complex network functions such as DNS. Nevertheless, OneGate 1000 is a step in the right direction, making Internet technology accessible and affordable.

Putting It All Together
I tested OneGate 1000 using its management software to connect the unit to the Internet at 56 Kbps. (Other connection options include T1, frame relay or ISDN.) Thanks to a Web-based configuration tool, I was able to configure my unit for all the aforementioned services and successfully connected to my ISP within one hour. OneGate 1000 comes with two manuals, and though I relied heavily on the one for configuration, having to flip between the two books was somewhat cumbersome. FreeGate should consolidate the manuals for a single point of reference.

In the lab, I used RIP 2.0 as my routing protocol; RIP 1.0 and static routing are also available. Although OneGate 1000 can function as a primary DNS server running BIND 4.9.5, I set it up as a caching-only DNS server, pulling and requesting information from my ISP's servers. I configured NAT by overloading an ISP-assigned static IP address. This forced OneGate 1000 to use PAT (Port Address Translation) to translate internal host addresses to the Internet.

As for security, I used one of OneGate 1000's four standard profiles, which range from strict to open access. Using the Expert Tools-Firewall Editor interface, I configured additional statements to specify which ports would enable inbound connections. I also set up e-mail using POP3 and SMTP; OneGate 1000 does not yet support IMAP. I then configured the product's Web server, adding files to a designated Web folder using Microsoft Corp.'s SMB (Server Message Block) from a Windows NT client and Internet FTP.

Providing access from the Internet to your corporate LAN often requires tremendous upfront costs and ongoing maintenance charges. It helps that OneGate 1000 can be configured for remote-access VPN as a software license add-on. I used Microsoft's PPTP (Point-to-Point Tunneling Protocol) client software for this purpose. VPN security is provided via PAP/CHAP (Password Authentication Protocol/ Challenge Handshake Authentication Protocol) packet authentication and 40-bit or 128-bit RC4 data encryption. I tested OneGate 1000's VPN throughput speed by dialing into an ISP, and I used the PPTP software to establish a VPN to the product via the Internet.

Accessing Web pages
I also accessed Web pages served by OneGate 1000; the speed to these documents and pages was consistent with my expectations from public Web pages and file servers. In addition to remote-access VPN, you can configure a branch-to-branch VPN with two OneGate 1000s, which creates a secure tunnel between sites using IPSec (IP Security), Triple DES and MD5 technology, and is configurable depending upon your geographic location. But be aware that both VPN-based solutions--remote access and branch-to-branch--will support only IP.

Troubleshooting OneGate 1000 during testing went smoothly, thanks to the extremely helpful documentation. Additionally, the product's online diagnostic tools (provided as part of the Web configuration) were sufficiently detailed to fix a host of problems, from modem configuration to IP connectivity.

Upgrading the hard drives and adding memory is straightforward and painless; there's no need to worry about having to buy a completely new box as your company's technology needs grow.

Paul Cernick is a Cisco Certified Systems Instructor for Geotrain Corp., Chicago. Send your comments on this article to him at cernick@xnet.com.