GroupWise 6.5 POA as Internet Proxy (no, not _via_ a proxy, but *as* a proxy) - true? How can we do it?

I have a client who wants to make four GroupWise POAs accessible to
remote Internet users via one public IP address through their
BorderManager server.  We have come across several posts claiming that
GroupWise 6.5 has a *new* feature that allows the POA to *act as a
proxy* for other POAs - this means we could open *one* port on the
firewall that every outside GroupWise client could connect to.  This
port would be redirected to *one* (special purpose?) POA that would
then act *as* another Proxy and forward requests on the clients behalf
to the destination POA.

I understand the traditional process of setting up a proxied POA - you
create the proxy at the firewall, and enter that information into the
POA configuration page.  That way the POA *knows* the proxied clients
are coming in via the external address & can act accordingly.   But
we'd have to create four separate proxy addresses & make multiple
changes for this to work.

I understand the concept of the MTA Live Remote feature--this might be
useful, but we don't want to have make any major client changes.  They
should be able to connect via "mail.companyname.com" regardless of
whether they're inside or outside of the firewall.

There seems to be some very vague documentation about this on Novell's
site - but I've seen at least one post on Novell support groups
claiming it's possible to do this and that it's buried in the
GroupWise 6.5 Advanced Administration  Advanced Technical Training
manual - which we don't have access to (nor can we find anywhere).

Can anyone shed some light on this?

Thanks,
                   -Brian
0
brian
5/28/2004 6:17:48 AM
novell.groupwise.6x.agents 4226 articles. 0 followers. Follow

4 Replies
773 Views

Similar Articles

[PageSpeed] 46

Brian,

It appears that in the past few days you have not received a response to your posting.  That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:
 
- Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp 
- Check all of the other support tools and options available at http://support.novell.com in both the "free product support" and "paid product support" drop down boxes.
- You could also try posting your message again. Make sure it is posted in the correct newsgroup. (http://support.novell.com/forums)

If this is a reply to a duplicate posting, please ignore and accept our apologies and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://support.novell.com/forums/


0
Automatic
6/1/2004 8:23:17 AM
Brian Place wrote:

> Can anyone shed some light on this?

What you're describing is detailed in this article

http://www.novell.com/connectionmagazine/2004/05/tech_talk_4.html

There are two basic ways to make your POAs accessible, and both use the
"proxy IP address" feature found only in 6.x. The difference between the two
methods is whether you allow direct access to the POs (through your firewall
or proxy), or if you need a DMZ-type setup where you put a special POA in
the DMZ that exists only to handle and redirect internet requests. IMO the
DMZ scenario is overkill as there's nothing wroing with attaching to a POA
directly, assuming you have tight filters and/or a tight generic proxy.

--
Jim
NSC SYsop
0
Jim
6/1/2004 1:54:03 PM
Jim Michael wrote:
> Brian Place wrote:
> 
> 
>>Can anyone shed some light on this?
> 
> 
> What you're describing is detailed in this article
> 
> http://www.novell.com/connectionmagazine/2004/05/tech_talk_4.html
> 
> There are two basic ways to make your POAs accessible, and both use the
> "proxy IP address" feature found only in 6.x. The difference between the two
> methods is whether you allow direct access to the POs (through your firewall
> or proxy), or if you need a DMZ-type setup where you put a special POA in
> the DMZ that exists only to handle and redirect internet requests. IMO the
> DMZ scenario is overkill as there's nothing wroing with attaching to a POA
> directly, assuming you have tight filters and/or a tight generic proxy.
> 
> --
> Jim
> NSC SYsop

Well ... I've read the nice tech-talk article linked above. And, I've 
been trying to set up a POA in my DMZ. I am having difficulty. Even 
though I can ping to the main server, the POA in the DMZ cannot find the 
wphost file on my server. I suspect in has something to do with the 
syntax on the home directory command in the strtupus.poa file which 
reads:  /home-\\x.x.x.x\vol1\post\pod
This install is on a Windows2000 box.  I am wondering if I need the 
server name, or some colons and dashs that I am missing.

By the way ... we currently use the direct connection to port 1677 
through a pinhole in a hardware firewall with NAT enabled. If this is 
secure in your opinion Jim. I'd be happy to give up on the DMZ senario.
0
dhlb1
6/2/2004 6:47:16 PM
dhlb1 wrote:

> By the way ... we currently use the direct connection to port 1677
> through a pinhole in a hardware firewall with NAT enabled. If this is
> secure in your opinion Jim. I'd be happy to give up on the DMZ senario.

In my opinion, its secure enough. All client-server communications to
groupwise POAs are encrypted by default, and the truly paranoid can enable
SSL to wrap the packets further, if they so desire. Aside from the "padlock"
fiasco a few years ago, to my knowledge there has never been an exploit to
the POA discovered, either. \

We've been using a pinhole to 1677 for years without issue, but your mileage
may vary. In my opinion in this day of stateful filters and proxies, the
entire DMZ idea is outdated.
--
Jim
NSC SYsop
0
Jim
6/2/2004 10:22:16 PM
Reply:

Similar Artilces:

proxy to proxy
We will connect with our Bordermanager to an other proxy. but there is a syntax-problem our BM-Proxy will build the connection with(Trace) ....cyberbanking.bankkoop.ch:443/ HTTP/1.0..... but there should not be / according to RFC there is no "/" Slash allowed. Beat Brunner <<...cyberbanking.bankkoop.ch:443/ HTTP/1.0..... that has been fixed in the latest patches Gonzalo > <<...cyberbanking.bankkoop.ch:443/ HTTP/1.0..... > > that has been fixed in the latest patches > > Gonzalo > what do you meen with lastes patches ...

to proxy or not to proxy that is the ?
ok, i had jconect on NT and my AIX Sybase database on an RS/6000, so i used the proxy...fine. i have installed jconnect on the rs/6000, installed netscape fasttrack and i STILL have to use the proxy to avoid those -1 erro messages. does this mean that jConect always has to use that proxy no matter where anything lives? i am confused.... please enlighten me This is a multi-part message in MIME format. --------------6A7C6750A66874EBD6E2677A Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit If you remove the "proxy" connection property fro...

Proxy to proxy
Hi. We use BM 3.8 as a proxy server and the main task is to restrict which url's the users can use. In the network there is another proxy server with internet access. Is it possible to setup BM to use another proxy server to connect to internet? And if yes, how ? Magne Absolutely. Search under "Cache Hierarchy Client". Basically....enable the client on the BM box, add you upstream proxy (Neighbor Hostname) add the correct port for the type of upstream proxy, add the type of proxy, usually you can just leave the priority at "1". looks like this...

to Proxy or not to Proxy ?
Hi all, Could I ask for some opinions regarding using a proxy ? Here in the UK, I use Freeserve as my dial-up ISP. There is a web-cache proxy available for use if required, tho' IE6 works fine with or without (a small increase in page loads occurs if I use the proxy). The problem is, that if I use the proxy, then my Outpost Firewall logs only register connections to it, so I suffer from a serious lack of information about where my browser connections are going and what I could block (like adclick connections etc). I'm really not sure about the merits of with/without the pr...

GroupWise 6.5 Internet Proxy Client / Server over SSL
Hi there, where can I find documentation on running Internet Proxy Client / Server Sessions from the GroupWise 6.5 POA over SSL. SSL is already setup and working for Local Client / Server Operations, I just don't know how to get it working for users outside the firewall. Will I have to open port 1677 to the server hosting the POA? Cheers, Andy. -- Andy Simpson CNE MCSE Andy, It appears that in the past few days you have not received a response to your posting. That concerns us, and has triggered this automated reply. Has your problem been resolved? If not...

Groupwise 5.5.6.1 and Proxied Calender
The situation is that we are using a user account for email and we have many users proxied to the email account. One user was setting up all the calender events and 2 other users cannot see any of the events. I can see all the events on my proxy to the email. Is there some setting where they have to show all the users the calender? Or is this something in the proxy rights? They have all rights except Modify options/rules/folders. "Phil Halbasch" <abc@hotmail.com> wrote in message news:<CIRub.5319$I04.4771@prv-forum2.provo.novell.com>... > T...

GroupWise 6.5 Proxy Help
I have a group called -Lexington Secretaries with the nickname appmaker. In the group there are 3 users. On each client in the company I added the name appmaker under security/proxy access and gave appmaker read/write for appointments. This should allow anyone in the group -Lexington Secretaries able to proxy to a users calendar and put in an appointment. For example, if I call in sick someone from the group could edit my calendar and say i am out sick. This used to work on GroupWise 6.0 and since we upgraded all our servers to 6.5 it seems to have stopped working. Will this...

GroupWise 6.5 WebAccess Proxy through BorderManager
We've just installed the WebAccess for GroupWise 6.5 and have it working nicely inside our network. The next step is to open a hole in our firewall (BorderManager) to let users outside have the same access. What ports and generic proxy's should I use to allow this to work? You will need a NAT through the BM server to the GW WA server. Then you will need the web ports open. Ports 80 and 443 are the default. -- Timothy Leerhoff Principal Consultant Independant Experts Novell Support Forums Sysop We don't use NAT. We use Proxy's and Packet...

Signatures and Proxy with GroupWise 6.5.2
Client: GroupWise 6.5.2 recently upgraded from 5.2.6 System: GroupWise 6.5.2 recently upgraded from 5.2.6 When a UserA proxies into userB's email and wants to reply to a email sent from there she wants to add her own signature. With the GroupWise 5.2.6 client when the client was set to prompt for signature it would prompt her, display and add her signature and then send the email from the proxied account. With the GroupWise 6.5.2 client the user is prompted for her signature but the box is empty. She can type in any info she wants but it used to automatically put her sign...

GroupWise 6.5 WebAccess Proxy through BorderManager
We've just installed the WebAccess for GroupWise 6.5 and have it working nicely inside our network. The next step is to open a hole in our firewall (BorderManager) to let users outside have the same access. What ports and generic proxy's should I use to allow this to work? In article <ySNzb.1755$gd.1357@prv-forum3.provo.novell.com>, wrote: > We've just installed the WebAccess for GroupWise 6.5 and have it working > nicely inside our network. The next step is to open a hole in our firewall > (BorderManager) to let users outside have the same a...

No Proxy Access to Resource
I deleted a user who was the owner of 2 meeting room resources. The Resources still work perfectly but I wanted to change the auto reply so I made myself the owner. When I login to Groupwise as my self and proxy to one of the meeting rooms I don't have the access that being owner should give me. I can see the number of mail in the inbox "Inbox (32)" but cant see any mail. Rules and Options are greyed out. I can manage other resources no problem. In console One the Resource has my name to it. David Farrell Tried logging in directly as the resource ? Cheers Dave ...

Groupwise 6.5.4 Proxy problem
This is a multi-part message in MIME format. ------=_NextPart_000_0084_01C580C1.BB81B310 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Dear all, I just upgraded to Groupwise 6.5.4. After that, I found a problem on proxy. If I new a email, I can choose the proxy user in the From field, so that = the email sent out will appear as the proxy user. However, if I reply an = email, I cannot choose proxy in the From field? I am sure this is working in Groupwise 6.0.x version, but don't know = whether it is working in pre...

Groupwise 6.5 Proxy and Palm Syncing
We just upgraded to Groupwise 6.5. We have a user who proxies into another users calender and syncs his Palm V calender. They are both running Intellinsync 5.1.2,Palm 4.1, Windows NT SP6,Novell client 4.83, with Zen 3.2. When she tries to sync after proxying into this person's calender the palm is wanting to add her data to the palm, instead of his data. This was working correctly under Groupwise 6. Any suggestions would be greatly appreciated. First, make absolutely sure Notify and GroupWise aren't running before synchronizing. Second, go into the Intellisy...

Open Proxy Detection on a Groupwise 6.5 Box.
Hi All, I run (among other things) a groupwise 6.5 box with webaccess. This has been setup for about 8 months now and I have not had any problems with it. Since the spam issues on the internet have been getting more and more ridiculous it seems some places are using every open relay database under the sun. Well one of the universities it seems is using a service that also does proxy scans. In recieving an email back saying that the school I work at is an open relay i took some time and investagated why. It seems that this particular service believes that when apache takes w...

Groupwise 6.5 cannot open archive when in proxy resource
User cannot open archive (option is greyed out) when proxied into resource. Found the following TID: http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090013.htm User had Groupwise 6.5.1 client, upgraded to 6.5.2 according to TID, but archive option is still greyed out. If the user logs in with /u@? switch into the resource directly instead of proxying, then he can open archive. Any help would be appreciated! Thank you! Works OK here with 6.5.2, did you upgrade the client or the agents on the server as well ? Cheers Dave -- Dave Parkes [NSCS] Occasiona...

Web resources about - GroupWise 6.5 POA as Internet Proxy (no, not _via_ a proxy, but *as* a proxy) - true? How can we do it? - novell.groupwise.6x.agents

GroupWise - Wikipedia, the free encyclopedia
GroupWise is a messaging and collaboration platform from Novell that supports email , calendaring , personal information management , instant ...

BlackBerry Enterprise IM Clients (OCS, Sametime, GroupWise) Get v2.5 Update
Most of RIM's enterprise-specific BlackBerry instant messaging and collaboration clients have been updated to version 2.5, adding credence to ...

Los Angeles goes Google; dumps GroupWise; shuns Microsoft; ignores IBM
The City of Los Angeles has had it with GroupWise, and will replace it with Google Apps. It's a big win for la GOOG, especially as it beat Microsoft ...

Collaboration: Novell Releases GroupWise 2014
Novell has put the finishing touches on GroupWise 2014, marking the first time the company has updated the collaboration platform since 2012. ...

Novell GroupWise goes mobile with iPhone support
The company’s new mobile solution will work with any ActiveSync-enabled device Novell's messaging and collaboration platform, GroupWise, has ...

No One Cares That Novell Has A New Version of GroupWise
Today Novell released its 2012 version of its email software GroupWise , and the announcement was greeted by most with a big yawn. GroupWise? ...

Kernel for Novell GroupWise to Outlook
Kernel for Novell GroupWise to Outlook is a professional tool for the migration of GroupWise mailboxes to MS Outlook. Many GroupWise...

App Store - DejaOffice
Get DejaOffice on the App Store. See screenshots and ratings, and read customer reviews.

Email - Wikipedia, the free encyclopedia
Electronic mail , commonly known as email or e-mail , is a method of exchanging digital messages from an author to one or more recipients. Modern ...

SBS looks to Cloud services - cloud computing, email, GroupWise, Klaus Schelp, Microsoft Office 365 ...
When Klaus Schelp started at SBS at the beginning of this year he focused on business outcomes ahead of technology operations. As the head of ...

Resources last updated: 1/4/2016 7:50:25 AM