ePipe logohomeabout ePipeproductssolutionssupportinformation centercontact usProducts banner, 7K

Page contents

New features & improvements

Free IPSec/PPTP tunnels

Auto link failover/backup links

IKE support

AES encryption support

Improved filtering

Better management assistant

Upgrade to OpenBSD 2.9

Time-based links

NAT Support for IPSec Tunnels

DHCP Server improvements

Connect tunnels limit set

Firmware Release 2.3 for the 2000 Series

Free Upgrade Enhances Functionality

The firmware release 2.3 for the 2000 product series is now available.  The 2.3 firmware offers many new benefits to existing and new 200 series customers.  Some of the major improvements are:

New Features and Improvements

The following new features and improvements to the 2000 product series are now available:

NOTE:  The maximum number of E2B-IPSec and PPTP tunnels supported in the ePipe 2000 series has changed.  Click here for more information.

TOP

All of the improvements and changes, in detail...

** SPECIAL**  IPSec and PPTP Tunnels Included for Free

The 2000 series units will, for a limited time, be enabled with support for a limited number of VPN tunnels for free.  No Feature Set is required to be purchased to activate support for these tunnels.  Support is included for a limited number of tunnels in the SRA and SSV Feature Sets.  The actual number of tunnels supported is listed in the table below.

Free Tunnel Limits in ePipe 2000 series

Feature Set Tunnel Type Free Tunnels With Feature Set Activation
SSV E2B-IPSec 2 client
2 server
16 client
50 server
IKE-IPSec 1 4
SRA PPTP 2 20

Feature Sets can be purchased through your ePipe reseller.

NOTE:  The maximum number of tunnels supported by the 2000 series has changed.  Click here for more information.

TOP

Automatic Link Fail Over / Backup Links

Firmware 2.3.0 now supports automatic fail-over to one or more backup links in the event the primary link(s) are disconnected.  This facility enables a network to stay connected to the Internet and to other sites via VPNs in the event that all primary links are disconnected.  For example, a 2242 with an ADSL service can now auto fail-over to an ISDN or analog modem backup link in the event the ADSL service is disconnected.  This facility provides maximum uptime for Internet connected networks in the wired world.

TOP

Internet Key Exchange (IKE) Support

IKE is a protocol designed to automate the establishment of IPSec tunnels, with the goal of making large, multi-vendor VPN networks easier to install and manage.  IKE achieves this by automatically negotiating and exchanging all information necessary to setup an IPSec tunnel between two (2) IPSec devices or gateways. 

IKE has been built into the 2.3.0 firmware to enable the 2200 products to interoperate with other leading IPSec devices, including:

This enables IPSec tunnels to be established between ePipe gateway and most other IPSec devices, although without the advantages of using ML-IP or E2B, as the 3rd party device would need to support these technologies to achieve IP-layer bonding.

The following vendors equipment or software has been tested successfully:

NOTE:  2100 units do not support IKE and can not, therefore, be used for IPSec tunnels between other vendors' devices.

TOP

Support for the New AES Encryption Standard

AES (Advanced Encryption Standard) or Rijndael is the new encryption standard selected by the US Government to replace DES (Data Encryption Standard) and 3DES.  AES is both more efficient and cryptographically stronger than 3DES.  

AES is now supported in all ePipes running 2.3.0 software.  The ePipe implementation of AES uses 128 bit keys and is supported by both E2B-IPSec and IKE-IPSec tunnels for bulk encryption.

TOP

Improved Filtering to Enhance Security

All of the pre-defined filter rules created by the ePipe Management Assistant are now stronger with closer matching of packets based on source and destination port numbers.  Each filter rule can also be limited to allow packets based on time of day and day of week, providing the network administrator with greater control over Internet and VPN access.

TOP

ePipe Management Assistant Improvements

ePipe's browser-based user interface has been improved, with better usability based on feedback from customers.  Some of the changes include:

TOP

Upgrade to OpenBSD 2.9

The 2000 series kernel is based on the UNIX operating system OpenBSD, designed and built as a secure operating system.  With ePipe 2.3.0 software, ePipe has upgraded the OpenBSD kernel to version 2.9, which incorporates the latest improvements in network, driver, IPSec and filtering improvements to the 2000 range.

TOP

Time Based Links

Each link, whether it be dial-up, xDSL, cable or router based, can now be configured to only connect between specific times of the day.  This is available in the bandwidth settings for each link, through the Bundle Manager, in the ePipe Management Assistant.  This is useful when Internet services are charged based on time and the customer wishes to minimize these charges when no one is using the Internet.  For example, Internet links could be setup to connect at 8am and disconnect at 6pm to span the normal working day.

TOP

NAT Support for E2B-IPSec Tunnels

Dynamic NAT is now supported on E2B based IPSec tunnels (client end only).  This may be useful in situations where there are multiple E2B-IPSec tunnels to IP subnets which use the same IP addresses.  NAT can be used to effectively hide the IP addresses of the remote networks from the central site.  Note that NAT does not work with all application traffic traversing the tunnel.

TOP

DHCP Server Improvements

The DHCP Server in the 2000 series has been significantly improved.  The following options can now be set in the DHCP Server providing more flexibility and control over the settings allocated to the DHCP clients:

TOP

Maximum Connected Tunnels Limit for the ePipe 2000 Series

With the introduction of new features in firmware release 2.3.0, especially support for IPSec tunnels negotiated with IKE, the maximum number of connected tunnels supported in the 2000 series has changed.  The major changes include:

NOTE:  These changes do NOT affect ePipe ServerWare.

The following table shows the new and previous limits.

Tunnel Limits in ePipe 2000 series

Feature Set Tunnel Type Limit (2.3.0 and beyond) Limit (earlier than 2.3.0)
FREE Limited tunnel support (No VPN Feature Sets required) E2B-IPSec 2 client
2 server
-
IKE-IPSec 1 * -
PPTP 2 -
SSV E2B-IPSec  16 client
50 server
16 client
16 server (2100 series)
64 server (2200 series)
IKE-IPSec 4 * Not supported
SRA PPTP 20 32

* IKE-IPSec tunnels can be client, server or peer-to-peer.

IKE-IPSec are not supported on ePipe 2100 series units.

TOP

Related information

TOP

about ePipe | products | solutions | support | information center | contact us

Copyright © 2002 ePipe Pty. Ltd. All rights reserved.