VPN Tunnelling

I have two servers that are going to be in separate states.  They will 
both have eDirectory on them.  Can I use VPN Tunnelling to do it?

Other than a direct connection (which some at a corporate area is very 
hesitant to do), what is the best way to solve this?

I ask because I've always been able to have a direct connection.

TIA!
0
Duane
5/18/2005 3:58:23 PM
novell.edirectory.netware 7858 articles. 0 followers. Follow

8 Replies
435 Views

Similar Articles

[PageSpeed] 29
Get it on Google Play
Get it on Apple App Store

On 5/18/2005  Duane Fish wrote:

> Can I use VPN Tunnelling to do it?

Yes.


-- 
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !)
0
Edison
5/18/2005 4:04:13 PM
Edison,

Can you point me to how to do it?


Edison Ortiz wrote:
> On 5/18/2005  Duane Fish wrote:
> 
> 
>>Can I use VPN Tunnelling to do it?
> 
> 
> Yes.
> 
> 
0
Duane
5/18/2005 4:07:47 PM
On 5/18/2005  Duane Fish wrote:

> Can you point me to how to do it?

Depends on the VPN implementation to be used. Novell offers BorderManager
so posting in the BorderManager.VPN forum is your best bet. For other
hardware/software implementation, best to ask their tech-support. Once
you have a VPN between location, there is nothing to do at the server(s)
other than perhaps changing their default gateway or network routes.


-- 
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !)
0
Edison
5/18/2005 4:13:16 PM
Edison,

So BM needs to be on all sites that connect, or just the site that won't 
allow for a public IP?

Also, would a hardware VPN solution work or cause problems?  Thanks! 
I'll also post in BM.


Edison Ortiz wrote:
> On 5/18/2005  Duane Fish wrote:
> 
> 
>>Can you point me to how to do it?
> 
> 
> Depends on the VPN implementation to be used. Novell offers BorderManager
> so posting in the BorderManager.VPN forum is your best bet. For other
> hardware/software implementation, best to ask their tech-support. Once
> you have a VPN between location, there is nothing to do at the server(s)
> other than perhaps changing their default gateway or network routes.
> 
> 
0
Duane
5/18/2005 4:27:07 PM
On 5/18/2005  Duane Fish wrote:

> Edison,
> 
> So BM needs to be on all sites that connect, or just the site that won't
> allow for a public IP?
> 
> Also, would a hardware VPN solution work or cause problems?  Thanks! I'll
> also post in BM.

If you are looking for site-to-site communication without the need to load a VPN
client at the workstation(s), you will need a VPN server at both ends.

Any VPN solution should work for your environment.


-- 
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !)
0
Edison
5/18/2005 4:54:42 PM
I like Hardware VPNs (Will I get in trouble for that?  :) )
Another thing you may need to consider is partioning and replica designs. 
Since you said you have always had the servers in a local network.

If you have the circuits I would build a VPN at your current office and test 
the tree that way.  If you can really afford it, build a fake tree and build 
the server into the tree over the VPN.


"Edison Ortiz" <eortiz@nscsysop.com> wrote in message 
news:xn0e2eaj88rd0y00n@support-forums.novell.com...
> On 5/18/2005  Duane Fish wrote:
>
>> Edison,
>>
>> So BM needs to be on all sites that connect, or just the site that won't
>> allow for a public IP?
>>
>> Also, would a hardware VPN solution work or cause problems?  Thanks! I'll
>> also post in BM.
>
> If you are looking for site-to-site communication without the need to load 
> a VPN
> client at the workstation(s), you will need a VPN server at both ends.
>
> Any VPN solution should work for your environment.
>
>
> -- 
> Edison Ortiz
> Novell Product Support Forum SysOp
> (No Email Support, Thanks !) 


0
Craig
5/18/2005 5:09:49 PM
Craig,

I'm working on their test network and have a PIX 506 (but only one for now).


Craig wrote:
> I like Hardware VPNs (Will I get in trouble for that?  :) )
> Another thing you may need to consider is partioning and replica designs. 
> Since you said you have always had the servers in a local network.
> 
> If you have the circuits I would build a VPN at your current office and test 
> the tree that way.  If you can really afford it, build a fake tree and build 
> the server into the tree over the VPN.
> 
> 
> "Edison Ortiz" <eortiz@nscsysop.com> wrote in message 
> news:xn0e2eaj88rd0y00n@support-forums.novell.com...
> 
>>On 5/18/2005  Duane Fish wrote:
>>
>>
>>>Edison,
>>>
>>>So BM needs to be on all sites that connect, or just the site that won't
>>>allow for a public IP?
>>>
>>>Also, would a hardware VPN solution work or cause problems?  Thanks! I'll
>>>also post in BM.
>>
>>If you are looking for site-to-site communication without the need to load 
>>a VPN
>>client at the workstation(s), you will need a VPN server at both ends.
>>
>>Any VPN solution should work for your environment.
>>
>>
>>-- 
>>Edison Ortiz
>>Novell Product Support Forum SysOp
>>(No Email Support, Thanks !) 
> 
> 
> 
0
Duane
5/18/2005 6:24:46 PM
On 5/18/2005  Duane Fish wrote:

> I'm working on their test network and have a PIX 506 (but only one for now)

You can setup IPSec on the PIX and it should accept IPSec connections from
a multitude of hardware/software VPN vendors - even a cheap LinkSys ! :)

-- 
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !)
0
Edison
5/18/2005 6:44:04 PM
Reply:

Similar Artilces:

Netware 5.0 to Netware 6.5 eDirectory failed during eDirectory migration
Hello, Does anyone have a recommendation for fixing a failed eDirectory Acrross the wire migration? The file migration went fine, the backup of trustess went fine. During the eDirectory migration when it downed the source server and tried to finish up with the destination server it did not complete. It told me to copy the autoexec.mig to autoexec.ncg if it did not complete. It also had some other files to copy over as well, but I don't know what they are. Help In what state server stays? Can you get it up and running that you could run commands like dsrepair? I run i...

BM3.8: VPN-Tunnel is established (S2S) but no ping through Tunnel ...
Hi ! One question: We use BM3.8 (SP1) for a Site-to-Site VPN with IKE; configured with imanager. Both servers are "Up-to-Date" in Remote-Manager. Both servers have "Call established @<ip-addresses> ...". I can ping on both sides the local tunnel addresses but not the tunnel addresses on the other side. I checked the routes with tcpcon - they are o.k., any idea why the tunnel ip addresses on the other sides not reachable ? Many thanks. bye Erik In article <Ob2lc.1020$O92.181@prv-forum2.provo.novell.com>, wrote: > checked the routes wi...

eDirectory to eDirectory
I am trying to replicate users between trees, how do i configure the driver so that it points at the other tree? If i have two trees that are NOT identical what setting do i use: Flat, Mirrored or Department? Any help apreciated! You'll want to post in the novell.support.nsure-identity-manager group for assistance with this. Jim -- Jim Henderson, Novell Support Forums Volunteer SysOp Homepage at http://hendersj.dyndns.org eDirectory Training info at http://ediratt.dyndns.org Sorry, no support via e-mail ...

eDirectory with Netware
We are about to upgrade to Netware 65, Simple question the copy of Edir, is that only for Netware? I have a Linux box that runs a in-house system but currently authenticates through ldap. Does the licensing that we got for Netware 65 and Edir include Edir for Linux licensing. If not does anyone know how eDir for Linux is licensed I thought I saw it was about 2 bucks a license. Now is that one for every user in the tree? Any incite or direction to gather more info would be great. Jordack, > Does the licensing that we got for Netware 65 and Edir include Edir ...

eDirectory version + migrating from Netware 5.1 to Netware 6.5
Hi, I planned on migrating from Netware 5.1 to netware 6.5 My edirectory version is 8.6.2 (DS 10330.03) I saw that one of the requirements is to have at least eDir 8.6.2 installed. So my question is : Do I have to upgrade my netware 5.1 servers to eDir 8.7.3.2 to ensure the upgrade to work well? Regards, Maurice TADANG , > So my question is : Do I have to upgrade my netware 5.1 servers to eDir > 8.7.3.2 to ensure the upgrade to work well? > No. 8.6.2 SP4 should suffice. - Anders Gustafsson, Engineer, CNE6, ASE NSC Volunteer Sysop (http://support-for...

email delivery besides vpn to specific domain does not work when vpn tunnel is broken
Hi, We have 1 master 3.8sp4ir3 bordermanager server running on netware 6.5, and several slaves all over the world. One slave is located in the USA. The tunnel however at this moment is not used and all emailtraffic from the USA will be directly delivered from their exchange environment to the other domains. If they sent email from their domain to our domain, then it is succesfully delivered to our mailserver (the incoming email to our domain is delivered to our public nic of the vpn master server). However when we stop the vpn at our master server, the email to our domain sta...

Netware 5.1 (nds 8.51) to Netware 6.5 edirectory
I am planning to upgrade novell netware 5.1 with sp6 and nds 8.51 (not edirectory) to Netware 6.5. I have 20 servers all with the same version/level. What are the best way to achieve this? I am having few concerns about the nds version and do we need to update the nds first or directly upgrade to netware 6.5 as it is now? , > I am planning to upgrade novell netware 5.1 with sp6 and nds 8.51 (not > edirectory) > to Netware 6.5. I have 20 servers all with the same version/level. What > are the best way to achieve this? I am having few concerns about the nds ...

netware 5.0 server into netware 6 edirectory 8.7.1 tree
I posted this in the NETWARE 6 forum also, but posting it here may be more relevant. I have a single school on a Netware 5.0 server and want to merge them into a Netware 6.0 sp3 tree of 7 different servers and running edirectory 8.7.1. From what I read on the site about mergin with edirectory 8.7.1, both the target tree and the source tree must have the same edirectory version. BUt edir 8.7.1 says you need 5.1 or later netware server and I do not have that. Is there a way for me to merge the netware 5.0 tree as source into the netware 6 tree without having to first upgrade...

VPN on the OES Netware
Hello, why do I need in the VPN configuration a seperated Tunnel-Adress?I have a new Server and I want to log in on this Server only via VPN although it is a Server in the interne LAN.I tried a private IP for the Tunnel-Adress like 192.168.1.1 but my Client gave me the Failure-Message. Feilure with the Connection to the authentication Gateway Thank you for help Florian In article <1EIxf.548$pI5.235@prv-forum2.provo.novell.com>, wrote: > why do I need in the VPN configuration a seperated Tunnel-Adress?I have a > new Server and I want to log in on this Server o...

VPN Tunnel and Pass Through
I recently asked about VPN Passthrough in relation to Port Redirection. I am now wondering about VPN Pass Through and VPN Tunnel. Reading the Linksys manual it appears the VPN Tunnel relates only to IPsec which I don't think MS Windows supports. My present interest involves allowing Windows machines to connect to my own network which operates behind a Vigor router and has its own VPN server. All the remote computers to date have used Windows network wizard to set up a VPN connection to my network. I have had mixed success and am wondering, if the remote computer is beh...

Recommend VPN/Tunnel
What does anyone recommend for a good VPN/Tunnel for use between Win XPH (my notebook, used in various places) and Linux (my web server). Also likely to be used between my webserver and another webserver. I want a strongly encrypted VPN/Tunnel (what the he** is the difference anyway). MC I use stunnel myself for windows to windows communication. http://stunnel.mirt.net/ I hear it works on Linux. AL "MC" <REPLY.TO.NEWSGROUP@mctech.org> wrote in message news:csgpn5$2o00$1@news.grc.com... > What does anyone recommend for a good VPN/Tunnel for use betwee...

C2S VPN tunnel down?
Installed fresh NW65SP3 + BM38SP3 + BM38SP1-IR1, Client 3.8.9. Bordermanager is in DMZ zone behind NAT (netscreen), with all traffic allowed in and out (for testing, with logging) Configured BM server trough iManager with Public IP adres for VPN I can connect with client trough NMAS authentication. Policies are pushed to the Client: 10.x.x.x encrypt, any adres: no encryption, last any adres deny packets. When on client I try to ping (or tracert) to 10.x.x.x address, packets are not going to tunnel, but to default router and arrive nowhere... RIP filtering is enabled on serve...

encryption in vpn tunnel
hello, on my nw65sp5 bm38sp4 s2s vpn tunnel, i cant reach or access the other site of the tunnel. if ill try to use t1.ncf (!) in the logger screen there are no infor about the maybe ping into the tunnel. have i got a routing problem, or cant ill see the tcpip debug from the tunnel? any ideas helge In article <Wh9Ef.1853$yL4.228@prv-forum2.provo.novell.com>, wrote: > on my nw65sp5 bm38sp4 s2s vpn tunnel, i cant reach or access the other > site of the tunnel. > Can you ping the VPN tunnel address of the other side? What is the VPN tunnel address ...

Edirectory On Linux and Netware
We have a Netware server 6.5 running edirectory the tree name is NRPG. We also have a Linux server Redhat ES, running edirectory that has been added to the NRPG tree and is a replica server for NRPG. This server is using LDAP authentication pointing to the local edirectory. The goal is to add users using Console 1 to the NRPG tree and have those account pushed out to the Linux box. We have PAM authentication enabled with the following configuration in the /etc/pam.d/login: #%PAM-1.0 # This is required for console ownership access session optional /lib/security/pam_...

Web resources about - VPN Tunnelling - novell.edirectory.netware

Quantum tunnelling - Wikipedia, the free encyclopedia
... a relationship between the half-life of the particle and the energy of emission that depended directly on the mathematical probability of tunnelling. ...

Engineering Careers in Tunnelling and Underground Space - YouTube
Engineering Careers in Tunnelling and Underground Space - YouTube

Tunnelling starts on North-West Rail Link
Tunnelling has started on the $8.3 billion north-west rail link, the largest public transport project in the country.

AFL finals 2015: North Melbourne's Scott Thompson weighs in on 'tunnelling' tactics
Richmond's key defenders came under fire for alleged &quot;tunnelling&quot; tactics, but ahead of his side's final with the Tigers, North Melbourne ...

A vision splendid: tunnelling back to '80s 'modernity'
A vision splendid: tunnelling back to '80s 'modernity'

Melbourne Metro: challenge of tunnelling beneath Yarra River still unresolved
The complex engineering challenge of building the $11 billion rail tunnel has yet to be fully resolved.

Tunnelling Wealth To Vladimir Putin
Where is the Russian president's fortune?

Tunnelling prison escapees used contractors' tools
The prisoners returned the tools to their toolboxes after each night’s work.

Syria’s rebels blow up historic hotel used by government troops in Aleppo by tunnelling underneath it ...
A rebel-claimed bombing Thursday in the northern Syrian city of Aleppo levelled a once luxurious hotel near the ancient Citadel that government ...

Quantum tunnelling
Quantum tunnelling (or tunneling) is the quantum-mechanical effect of transitioning through a classically-forbidden energy state. Consider rolling ...

Resources last updated: 1/1/2016 3:05:26 PM