Corporate.Net
Private Dial-Up Networking Gets a Virtual Workout
Access Integrator has six modems managed by one modem module. The modem module communicates with the remaining Access Integrator devices, including remote-access servers and the management module, through the backplane, which is an IP LAN. When establishing connections to the remote-access servers, the modem modules--not the management card--create tunnels to home gateways either within the same Access Integrator or to a device on the external IP network. This feature is part of Microcom's Adaptive Switching strategy and offers a great deal of flexibility in terms of tunneling technology.
More important, if you have a heterogeneous networking environment with both Windows NT servers and Cisco routers, one Access Integrator will let you aggregate your dial-ups. This single remote-access server can handle all your connection r
equirements, rather than having separate dial-ups for PPTP, L2F and other dial-up needs. It also ensures adequate processing power for all of your conn
ections.
Microcom Access Integrator provides complete reporting through SNMP traps to expressWATCH, Microcom's bundled management software. During our tests, we captured traps and events on the management station, looking for errors. The reporting provides a complement of trackable items that keep you updated on connection status. Some of the configuration for the Access Integrator is done through expressWATCH, while the call-processing and call routing is configured through a well-documented text file with detailed examples, making installation and modification easy.
Oddly enough, Microcom's implementation of L2F is different from Shiva's or Cisco's approach because of its architecture. The devices from Cisco and Shiva create one tunnel between the NAS and home gateway, and then insert users into the tunnel as they connect. Thus, there is one tunnel to
maintain, and each user gets a unique ID to identify traffic streams in the tunnel. Ports on Microcom Access Integrator can be dynamically configured not only for PPTP or L2F, but for the home gateway to use during call setup. In this way, each modem is treated as a separate NAS and requires its own tunnel negotiation. Since Access Integrator posted times equal to the Shiva Access Switch, this method didn't appear to pose a problem with the NAS and didn't affect Access Integrator's performance.
U.S. Robotics Total Control Enterprise Network Hub
Mistakenly, we thought it would be easy to coax U.S. Robotics Total Control Enterprise Network Hub into working with PPTP. No PPTP configuration takes place in the product's management GUI, Total Control Manager (TCM), nor does the GUI enable any reporting or logging capabilities. PPTP for individual ports is performed through the command line, and ports need to be configured individually, which quickly becomes tedious. To i
ts credit, U.S. Robotics can use a variety of authorization methods to set up calls, and it is unique among the PPTP remote access servers because it can establ
ish PPTP tunnels based on user name and domain name.
Making connections is a snap if you use U.S. Robotics' RADIUS server, Total Control Security and Accounting Server. With the current firmware revision to the Network Management Card (NMC), all you need to do is set up your users with the proper configuration on RADIUS. U.S. Robotics doesn't provide dictionaries for other vendors' RADIUS servers, although tech support said it could build one if we needed it.
We used U.S. Robotics' RADIUS server to establish our user base, which included home gateway addresses. The Network Hub was also configured to send users without PPTP attributes to a default gateway. We were pleased to configure a default gateway for the majority of users and only make changes for users who needed a different gateway.
The Network Hub was hurt most by its poor performance
numbers. Although we expected to see slower performance with the VDPN technologies than without, the Network Hub surprised us by being as much as eight seconds slower while using PPTP, and we couldn't squeeze faster times when working with technical support. The Network Hub was the first device we tested, and we ironed out our network configuration while testing it; initially, we had transfer times approaching two minutes for our test file--more than five times slower than expected. After some troubleshooting, we found that utilization on the Ethernet segment between the router and the NT Home gateway was holding steady at 27 percent and peaking at around 40 percent.
To improve network performance, we installed 100-Mbps NICs in the router and the home gateway and placed the Network Hub and the other router interface on a 10/100 Mbps switch. The change in network configuration dropped utilization below 10 percent during testing, and the Network Hub posted better times. The Network Hub also displayed highe
r PPP times as the port density increased.
|
REPORTS
ANALYTICS
Follow 
