Configuring ePipe |
|
||||||||
This chapter details the steps in configuring the ePipe to connect to other networks and setup ML-IP tunnels. The chapter includes:
Before starting the process of configuring your ePipe, please ensure you have installed the ePipe gateway or concentrator according to the instructions in the appropriate Getting Started Guide and have read the information in the chapter on Installing ePipe.
For information on accessing the ML-IP Manager, the browser based user interface for configuring the ePipe, please refer to the section "Starting the ML-IP Manager" in the chapter "Installing ePipe".
To start configuring the ePipe, browse to the IP address of Ethernet 1 of the ePipe gateway or concentrator.
Access to the ML-IP Manager is gained via a username and password. A pop-up box should appear soon after the ML-IP Manager is started. The only user who can log in to the ML-IP Manager is the root user (username "root"), with default password "system". This password should be changed from the default as soon as possible (see below).
Upon initially browsing to the ePipe ML-IP device, there are a number of options which should be configured. These should only need to be configured once and include:
These can all be configured from the General Settings screen of the Multilink IP Manager.
|
|
NOTE: | The System Password should be changed after logging in for the first time. This can be done in the General Settings section of the ML-IP Manager. This is the password for the "root" user. |
Domain Name System (DNS) Servers are the Internet's name servers and resolve domain names into IP addresses. Specify name servers in the Domain Name Servers tab only if you have your own name server or wish to manually specify a name server that is accessible from Ethernet 1. Other DNS servers are learnt automatically or can be specified when configuring network connections.
The current date and time is used in status and logging information. As such, it is important that the ePipe ML-IP device has the correct date and time. The date and time can be set under the Date and Time tab.
|
|
NOTE: | The date and time will not update on the screen - a screen refresh will need to be performed to see the current date and time if the browser window has been open for some time. |
The system password is the password for the 'root' user (the administrative user for the ePipe ML-IP device). The root user has complete access to this gateway.
This should be changed when the Multilink IP Manager is first opened to configure the device and can be done under the Change Password tab.
|
|
NOTE: | If the system password is lost or forgotten, you will not be able to access this gateway. Store the password in a safe place. |
Tunnel activation is only relevant for the ePipe ML-IP Concentrator for Linux. After the 30 day trial, a Tunnel Activation Pack will need to be purchased and registered for the product to continue working.
Follow the instructions under the Tunnel Activation tab to activate the ML-IP Concentrator.
The Information tab provides details on:
Network Connections connect the ePipe to the Internet or other WAN services. These can be configured via the Network Connections page in the ML-IP Manager.
When connecting to DSL services, it is important to know whether the DSL device being connected to the ePipe is a DSL modem (more correctly called a bridge) or a DSL router. If it is a router, please refer to the section below, titled Connecting to Routers.
When a DSL modem is present, follow these steps to configure your link:
|
|
NOTE: | The option “Use this link for incoming traffic” simply means that this link will become the default route if it is connected. If multiple network connections have this option set, the first to connect will become the default route. |
In the Multilink IP Manager, select DHCP under Cable in Broadband Selection to configure the Ethernet port for a cable connection. Fill in any required details then apply the settings.
|
|
NOTE: | The option “Use this link for incoming traffic” simply means that this link will become the default route if it is connected. If multiple network connections have this option set, the first to connect will become the default route. |
When connecting to a router, the IP information will need to be manually entered. Select the Manual option in the Multilink IP Manager Broadband Selection and complete the IP address and Subnet Mask information.
|
|
NOTE: | The option “Use this link for incoming traffic” simply means that this link will become the default route if it is connected. If multiple network connections have this option set, the first to connect will become the default route. |
To configure dialup connections using the Multilink IP Manager, go to the Dialup tab. Enter the requested details for the dialup connection and then choose the modem settings which best describe the modem type and connection speed. The Advanced option gives the ability to manually assign a static IP address which the ISP has provided and also to turn header compression off and on.
When initially configuring Failover Detection, it is important to determine which links should be thought of as Primary Links and which should be thought of as Failover Links. Failover links will only be connected when all Primary Links are either disconnected, disabled or unusable. Usually, Serial Links are used as failover links while Ethernet Links are used as primary links.
Failover detection is automatic for PPP (Point to Point Protocol) based links. PPP is used for dialup links and PPPoE DSL links. This will only detect when the PPP link is disconnected (by either end), not when the ISPs network is down.
Failover for connections which don't use PPP is achieved by probing web servers. The Advanced option under Failover Detection allows web sites to be configured which are probed every 60 seconds by default. When a link cannot successfully probe any of the sites configured under the Advanced options, the link will be considered unusable and then disconnected, until a probe is successful.
|
|
NOTE: | It is important that the web sites configured under the Advanced options be as close as possible to the network which is being connected to. For example, the website of the ISP being used for the links is a good option, as are the websites of major local businesses (so long as they are hosted locally). |
Failover Links will connect after all primary links have reached two retries (depending on the Bandwidth on Demand settings). Failover Links will then disconnect 10 seconds after a Primary Link is reported as successfully connected.
The Bandwidth on Demand tab allows links to be set either as Always Connected or Connect on Demand. As the name suggests, if a link is Always Connected, it will attempt to connect as soon as it is enabled and will stay connected, regardless of the amount of traffic passing across the link.
Connect on Demand allows thresholds to be set for links, which will connect links only when the traffic across a link reaches a predefined threshold. These thresholds can be modified using the Advanced option on the Bandwidth on Demand page. For this feature to work, it is important that the connecting device report the correct connect speed for the connection. Additional parameters may need to be added to the initialisation string for dialup connections so that the correct connect speed is reported when using a generic initialisation string. Consult your modem manual for details.
Multilink IP (ML-IP) aggregates bandwidth end-to-end between two ePipe ML-IP devices using an ML-IP tunnel. Each ML-IP tunnel has a client and server end. The client end establishes the ML-IP tunnel to the server end.
The ML-IP tunnel will aggregate all enabled Network Connections which have been designated as Primary Links. If all Primary Links are disconnected or unusable, then all enabled Failover Links will be aggregated.
Configure a client side tunnel and a server side tunnel by selecting the Multilink IP screen and Create and the Client and Server screens respectively. Fill in all of the details requested for each step, then Apply the configuration changes. The Username and Password fields are used to authenticate a client ML-IP tunnel against a server ML-IP tunnel. An explanation of some additional options in ML-IP configuration follows:
The ML-IP tunnel status can be monitored from the Status screen. The status can be accessed by clicking on the ML-IP tab which will display the following information:
ePipe's Intelligent Internet Balancing (I2B) provides faster Internet access using inexpensive dial-up connections. By enabling protocols for I2B, outgoing TCP connections are routed down whichever link is least busy. I2B can also be used to provide faster access for protocols, such as e-mail (SMTP), Usenet news, or POP downloads.
I2B can be configured to act on protocols using the Multilink IP Manager. Simply browse to the ePipe ML-IP device and go to the Traffic Management section. I2B settings can be configured and modified in the Internet Load Balancing tab.
NAT redirection (or NAPT – Network Address and Port Translation) is a feature of NAT in the ePipe that redirects traffic sent to the external public IP address and arriving on a given TCP/UDP port number to a pre-defined IP address.
|
|
NOTE: | By redirecting traffic through the ePipe firewall, the responsibility for security of traffic on that particular port number belongs with the application receiving the traffic. It is not advisable to redirect traffic through a firewall unless the server receiving the redirected traffic is secured against any vulnerability in the software receiving the traffic. Please ensure that all patches are applied and other security recommendations adhered to before allowing access to internal servers. |
Common applications for this include hosting a web (HTTP), email (SMTP) or DNS server. A complete and up-to-date list of assigned or well known service names and their corresponding port numbers can be found at:
NAPT can be configured by viewing the Traffic Management section of the Multilink IP Manager. Setting may be viewed and modified in the Traffic Redirection tab.
Static routes to remote networks may be added by entering a destination network address and subnet mask, and a gateway address then hitting Add. The route will then appear in the Current Configured Routes table. Once the route is added to the table, click the Apply button for the settings to take effect. A static route may be removed by selecting the route from the table, clicking the Remove button, then clicking Apply for the change to take effect.
Routing Information Protocol (RIP) can be controlled by either enabling or disabling RIP receive and RIP broadcast. RIP Receive determines whether the ML-IP device listens to RIP messages sent to it and RIP Broadcast determines whether the ML-IP device sends RIP messages. If changes have been made, the settings will take effect when Apply is clicked.
Next: Management
about ePipe | products | solutions | support | information center | contact us
Copyright © 2002 ePipe Pty. Ltd. All rights reserved.
Getting started guides for:
2344
(1.4M pdf)
ML-IP
Concentrator (1.3M pdf)
2202
(1.4M pdf)
2242
(1.4M pdf)
2148/2188
(350KB pdf)
2181
(1.4M pdf)
ePipe
ServerWare (650K pdf)
User Guides for:
ML-IP
Family
VPN
and Security Family
Utilities for viewing guides:
Get
Acrobat Reader (free)
