C2S VPn on BM 3.8 behind a Efficient 5930 gateway(firewall/router)

Hi,

I need to setup a Client-to-Site VPn connection to a NSBS 6.5 server with 
BM 3.8 running.
I have one public IP on the Efficient router/gateway.
I have a DMZ private range where the Efficient router and the NSBS 6.5 is 
in. (192.168.254.0/24)
I have a private range where all the workstations are in. (10.1.0.0/24)

The server is now available from the outside for mail by NAT-ing port 25 
to the 10.1.0.x address of the server.

How do I setup this BM server to get a C2S connection?

Thanx,

Lars Dam
0
l
10/26/2004 10:03:43 AM
novell.bordermanager.vpn 2677 articles. 0 followers. Follow

3 Replies
504 Views

Similar Articles

[PageSpeed] 34
Get it on Google Play
Get it on Apple App Store

L,

It appears that in the past few days you have not received a response to your posting.  That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:
 
- Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp 
- Check all of the other support tools and options available at http://support.novell.com in both the "free product support" and "paid product support" drop down boxes.
- You could also try posting your message again. Make sure it is posted in the correct newsgroup. (http://support.novell.com/forums)

If this is a reply to a duplicate posting, please ignore and accept our apologies and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://support.novell.com/forums/

0
Automatic
10/29/2004 5:20:35 PM
In article <3ipfd.3436$%e6.2859@prv-forum2.provo.novell.com>,  wrote:
> How do I setup this BM server to get a C2S connection?
>
You need to configure the BMgr server VPN in the usual manner, except 
you need to use the Efficient router's public address as the VPN 
address in the iManager config.  The router needs to be forwarding all 
packets to the BMgr server's 'public' IP address (that is, use 'DMZ' 
mode).  You can redirect specific ports to other addresses, but you 
need the VPN-related traffic to end up on the BMgr public nic.  (You 
can get specific ports nailed down if you need to).

Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on 
BorderManager, go to http://www.craigjconsulting.com ***

0
Craig
10/30/2004 6:01:08 PM
Hi Craig.

> You need to configure the BMgr server VPN in the usual manner, except 
> you need to use the Efficient router's public address as the VPN 
> address in the iManager config.  The router needs to be forwarding all 
> packets to the BMgr server's 'public' IP address (that is, use 'DMZ' 
> mode).  You can redirect specific ports to other addresses, but you 
> need the VPN-related traffic to end up on the BMgr public nic.  (You 
> can get specific ports nailed down if you need to).

I'll try that and will report back in this forum about my findings.

Greetings,

Lars

0
l
11/1/2004 8:33:39 AM
Reply:

Similar Artilces:

VPN 3.8 Client behind Netgear Router and BM 3.8 behind Linux IPTABLES
I ve configured my BM 3.8 Client behind my Netgear DSL Router (NAT). I ve configured my BM 3.8 SP1 Server behind Linux (IPTABLES NAT) not a filter problem. In this configuration I can do all at BM 3.8 server. I ve configured my BM entry policies from Craigs Johnsons book Authentication with NMAS (NDS). Now if I connect to BM server I got following NMAS error (error authentication gateway FFFFF996. The same error if I configure my vpm client in same network like my natted linux interface. I m not sure where I should look at first. I ve heard BM is running a linux na...

VPN Client 3.8 behind Netgear Router VPN Server C2S behind Linux IPTABLES
I configured my vpn client behind a Netgear router in NAT modus. MY BM 3.8 C2S is running behind Linux IPTABLES in static NAT Modus. If configured my bm policies after the book from john craig (NMAS / PASSWORD/ NDS) If I connect from my VPN Client I get NMAS error "error authentication FFFF996" but nothing in nmasmon (ver 1.21) If I connect the client can read the name of Tree but then occured the error. The same error I get if I configure my vpn client in the same network like linux public interface and attach from there my BM about linux nat interface. Does any...

BM 3.8 VPN Server behind NAT router
I've received different impressions from some of the information that I've read about BM 3.8 and NAT. Then I see a post from Cat saying "yes, provided that the CIsco is not doing NAt (for BM3.6). With BM3.8 should work in any case." So, to ask the question clearly of those most likely to know: Can a BM 3.8 server be positioned behind a NAT router, with a single interface, and work correctly with a client PC which is also behind a NAT router (assuming that the private network ranges are different, of course)? I'm considering an upgrade to SBS6.5, which has BM...

BM 3.8 VPN Client Behind Firewall-1
Hi,, Got a customer running a BM 3.8 server, he needs to place out a PC at another site where they run Firewall-1, They have been trying to use the BM 3.8 VPN client from inside that network ( behind the firewall-1) to connect to the BM 3.8 server. No Luck.. Also, by phone,, I've been trying to help out by getting him to test a couple of our BM servers, 1 -BM3.7 and 1 - BM 3.8. No luck there either, Using the realtime monitor and aquire the detailed log from the BM 3.8 on our network does NOT reveal anything, no kind off traffic at all from him... Accordin...

BM 3.5 to BM 3.8 w/VPN
Bordermanager 3.5 server on Netware 5.1 providing firewall and proxy services for users on internal network. This box is also acting as the Master VPN server with multiple site-to-site VPN links to BM 3.5 slave servers. Primary Goal Replace the existing Bordermanager 3.5 master VPN server hardware with a new server running Bordermanager 3.8 on Netware 6.0. It is possible to have both servers online during migration. Must minimize disruption to firewall, proxy & VPN services. Secondary Goal: No changes (or minimial changes only) to the slave servers running BM 3.5. (T...

C2S VPN , BM 3.8 server
Hello, I had posted a question regarding this issue before, but nothing ever really came of it until now, because we have a customer who is needing this issue fixed. We have 1 server that runs NWSB 6.5 sp2. It has all the company files, information ,etc, basically everyone logs into this server. We want to run a C2S VPN server on it. I have the general setup, and install done. However when I log in to the VPN server using C2S, I can't get to any of the volumes or for that matter the BM server itself. In my testing lab this wasn't an issue because I had two or more servers ...

BM 3.8 VPN C2S with ActivCard
Hello After upgrading BM3.6 with VPN C2S and ActivCard One to 3.8 I can authenticate VPN without entering token password using backward compability. In the VPN-client 3.8.7 readme -file it states: The ActiveCard token authentication method will work if the ActiveCard token method is configured for the user in eDirectory. The only method i can find is the Universal smart card. Is there a way to make my ActivCard One tokens to work with BM 3.8 VPN? If not, whitch tokens work with 3.8 NMAS/VPN client and BM 3.8? Thank you in advance. Thomas Brod´┐Żn ...

Vpn routers as slave with BM 3.8
HI I need to setup a site to site with BM 3.8. I am tempted to install another BM 3.8 server. Or I thought I could try a VPN router like linksys or Netgear. The goal is go a site to site and then also be able to do a client to be able to remote control PC. OR should I try that new Linux system Novell has? Can that do Site to Site with BM? Thanks Will In article <k57Ne.1314$_g4.306@prv-forum2.provo.novell.com>, Will k wrote: > Or I thought I could try a VPN router like > linksys or Netgear. > A Linksys BEFSX41 works fine as a 3.8 slave server in a S2...

BM 3.8 sp2 VPN c2s
We have installed a NW 6 SP4 server, with BM 3.8 SP2, and are trying to get VPN C2S working. We do have Craig Johnson's book as a guide, but we are still experiencing the following problems. 1.) We are not able to login into the Netware server, we receive the following Netware login attempt failed, user is not logged in to Netware(this happens after about two minutes of trying) We thought that we had this fixed when we added a host entry into the PC's hosts file. This worked when the PC was connected to the internal side of the network(at least on our one test PC), however still...

Can I import VPN setting from BM 3.7 into BM 3.8
Hi all, we have a Netware 6.5 server with Bordermanager 3.7. (after migration from NW 5.1) This worked fine for a year, but now the server abends several times a day. Bordermanager is only used for Proxy and VPN. I want to replace the server with a new installed NW6.5 with BM 3.8. Can I quickly and easy import my current VPN settings from BM 3.7? Greetz, Erwin hi Erwin, You can't really "import" the VPN from a server to another one, unless you image it (but at the end you would have an identical server, i.e. 3.7). The safest way is to reconfigure the VPN in t...

BM 3.8 C2S VPN Server is not responding
Hello, I have some problems with VPN Client-to-site. I installed BorderManager 3.8 with SP1a on a NW 6.5 server and configure C2S in backward comp. mode (VPNCFG and rules with iManager). Client can connect and authenticate with eDirectory user/ password to BM server and I can ping the internal LAN (172.16.x.x), BUT after 10 to 15 seconds a windows pops up and says "Server is not responding. Connection will be disconnected." and the client disconnects ! Problems occurs with different Client OS (W2K, XP) and different VPN Clients (3.7 and 3.8.x). Thank for help. ...

Microsoft VPN client Behind a BM 3.8
We've got a client that has some users that needs to run some apps through a MS vpn connection, They have a Firewall 1 and a BM server, they have issues with the Firewall 1 and almost no support for it, so,, they like us to help them get the users going out through the BM 3.8 instead.. Any ideas if it'll work..??,, and if so,, which exceptions should be needed on the BM..?? I've got craigs books,, but,, havent found the relavant info there yet THanks, MS VPN uses GRE encryption protocol. GRE does not work through Novell's NAT. Craig Johnson N...

BM 3.8 VPN behind Sonicwall TZ170
Has anyone had success setting up a BM 3.8 C2S VPN behind a Sonicwall TZ170 or any sonicwall for that matter. Some of my customers are looking for a two layered firewall solution and several purchased these before I had a chance to check functionality. Thanks in advance. Reposted in VPN forum > Has anyone had success setting up a BM 3.8 C2S VPN behind a Sonicwall TZ170 or any sonicwall for that matter. Some of my customers are looking for a two layered firewall solution and several purchased these before I had a chance to check functionality. Thanks in advance. ...

VPN 3.6 slave to VPN 3.8 master
I have more or less gone through what I could to set this up. I exported the BM 3.8 master encryption key (minfo.vpn) and imported that to the BM 3.6 slave without any issue. I then created the slave (sinfo.vpn) file. I had setup the vpn tunnel ip's as 192.168.10.1 and when these were both masters, clients could access either one perfectly. We know the VPN's work. I changed 1 to a slave, but I halted what I was doing as I noted that the master and slave networks both are using 192.168.0.x for the private IP's. Questions: 1. Can a 3.6 slave talk to a 3.8 master?...

Web resources about - C2S VPn on BM 3.8 behind a Efficient 5930 gateway(firewall/router) - novell.bordermanager.vpn

Resources last updated: 11/29/2015 7:39:14 AM