Product Guides
Looking for a proxy server for my EVDO devices
We are using EVDO cards in our vehicles to connect back to the office. We have a T1 from the vendor which directs all traffic through our network. This requires a proxy server for the vehicles to use for Internet access, and for VPN to authenticate to AD.
We are using two Microsoft ISA servers, but I am not sure this is best of breed. We are having trouble with the servers staying operational. Thus the need for two.
Any recommendations would be greatly appreciated.
Expert's answerMicrosoft's ISA proxy server is a pretty stout solution and many networks handle very large amounts of traffic with them. If all your EVDO traffic is being routed back to you over a single T1 you may simply have a bottleneck creating problems for your ISA proxy connections. Eight 50% active 400 Kbps EVDO connections can fill an Internet T1 circuit. Two 50% active EVDO Rev. A connections could fill your T1 as well. Without seeing the network map I can't tell you whether to look at your proxy placement or the proxy configuration first. Is the majority of your traffic bound for the office network or the Internet? Are you bringing the traffic in over the T1 into the VPN and then going back out to the Internet or proxying the Internet traffic at the T1 entrance to the office network? I would start with a thorough examination of the ISA proxy logs to try and identify what events are interfering with continuous operation. I would also look at the network elements between the T1 demarcation point on your premises and the ISA proxies. You may need to enable debug/logging features in the routers and switches to gather data for analysis. Remember to turn the debug/logging settings back down after you gather your data. There are alternatives to ISA. CacheXpress is one Windows cache server that provides a 15 day free trial but it does not provide all the firewall features found in ISA. Perhaps the readers have other ideas to share that could help. |
Another option for your question
Another option to consider is get one of the EVDO carriers to setup a private network for your devices. What basically happens is that when they see one of your devices come up on their network, they are placed onto a private network where they can only see the other devices that you have and your network. This solution requires that you have a T1 installed between your network and the carriers point of presence. With this option, you shouldnt have to install a VPN client on the devices that are in your vehicles and may help present a simple method of working with the devices for your employees.
You will need to talk to someone from the Commercial or Business side of the carrier. The folks in the phone store probably have any idea of what you are wanting to do, so if you dont have anyone from that part of the carrier to talk to, either call into the carriers 800 number for the Help Desk or ask to speak to the manager of the phone store you have been dealing with and they should be able to make some calls and get the process started for you to talk to the right person.
With this type of connection, you should be able to directly authenticate to the AD servers and shouldnt need to use either a VPN or Proxy server. You could still use a VPN server for an additional layer of security but at this point, it might become an option instead of a requirement.
Ron Nutter
Help Desk Editor
Network World
Post new comment