atray
08-15-2002, 06:03 PM
I have a VPN Tunnel into my network using eSoft's linux based InstagatePro. I want my user to be able to link to my Novell server, but I don't want to deal with Border Manager. Is there anything I can do?
Click to See Complete Forum and Search --> : VPN Access to NetWare 5 w/o the Expense of Border Manager
Cadillac84
05-05-2004, 08:43 PM
This will not answer your question -- it will only move the thread up the totem pole and let you know that I am wanting to do the same/similar thing.
I have a static IP and a Linux router using iptables to provide Internet access and act as a mail server. Connected to the same physical network is a NetWare 4.11 server which is accessed via IPX from inside the office via the physical network using NetWare Client from Windows 98 and XP clients.
I can use an ssh tunnel from home (I use PuTTY) to connect through the Linux box to a Windows box running VNC Server.
What I would RATHER DO is to use the NetWare Client through the ssh tunnel to log in as a user to my NetWare server.
I haven't just jumped in and tried it. Somebody told me to get a pair of Netgear model FVS318 ProSafe VPN Firewall.
http://www.netgear.com/products/prod_details.php?prodID=129&view=
Initiates up to 8 IPSec VPN tunnels simultaneously
Stateful Packet Inspection Firewall with VPN pass-through and routing
Eight ultra-fast 10/100 Mbps LAN ports
Securely connects mobile workforce and branch offices to main office resources
Easy-to-use Web browser-based setup, configuration and remote management
Those are modestly priced and I don't mind spending that kind of money. But, it occurred to me that with the Linux router already in place and with IPTABLES able to do stateful packet inspection, etc., perhaps all I needed was some "know-how."
Anyway, I hope some smart person will answer your question and that the answer will help me also. Of course, you are IP rather than IPX, but I wouldn't think that would make too much difference in the solution.
good luck -- to both of us!!
I have a static IP and a Linux router using iptables to provide Internet access and act as a mail server. Connected to the same physical network is a NetWare 4.11 server which is accessed via IPX from inside the office via the physical network using NetWare Client from Windows 98 and XP clients.
I can use an ssh tunnel from home (I use PuTTY) to connect through the Linux box to a Windows box running VNC Server.
What I would RATHER DO is to use the NetWare Client through the ssh tunnel to log in as a user to my NetWare server.
I haven't just jumped in and tried it. Somebody told me to get a pair of Netgear model FVS318 ProSafe VPN Firewall.
http://www.netgear.com/products/prod_details.php?prodID=129&view=
Initiates up to 8 IPSec VPN tunnels simultaneously
Stateful Packet Inspection Firewall with VPN pass-through and routing
Eight ultra-fast 10/100 Mbps LAN ports
Securely connects mobile workforce and branch offices to main office resources
Easy-to-use Web browser-based setup, configuration and remote management
Those are modestly priced and I don't mind spending that kind of money. But, it occurred to me that with the Linux router already in place and with IPTABLES able to do stateful packet inspection, etc., perhaps all I needed was some "know-how."
Anyway, I hope some smart person will answer your question and that the answer will help me also. Of course, you are IP rather than IPX, but I wouldn't think that would make too much difference in the solution.
good luck -- to both of us!!
mdwatts
05-06-2004, 11:30 AM
Originally posted by atray
I have a VPN Tunnel into my network using eSoft's linux based InstagatePro. I want my user to be able to link to my Novell server, but I don't want to deal with Border Manager. Is there anything I can do?
What is Border Manager doing that is affecting VPN access? Does VPN work if Border Manager is disabled?
I once had a Netware 4.11 server running with Border Manager at home with my cablemodem, but replaced that years ago when I got my Linksys Router. I never used or setup VPN though.
I would suggest you search the Novell documentation, knowledgebase & forums to see what you can find on BM and VPN as they should have something on the subject.
I have a VPN Tunnel into my network using eSoft's linux based InstagatePro. I want my user to be able to link to my Novell server, but I don't want to deal with Border Manager. Is there anything I can do?
What is Border Manager doing that is affecting VPN access? Does VPN work if Border Manager is disabled?
I once had a Netware 4.11 server running with Border Manager at home with my cablemodem, but replaced that years ago when I got my Linksys Router. I never used or setup VPN though.
I would suggest you search the Novell documentation, knowledgebase & forums to see what you can find on BM and VPN as they should have something on the subject.
Cadillac84
05-07-2004, 11:14 PM
Just a bit of followup:
I talked today with NETGEAR about the idea of using their FVS318 to provide VPN for my NetWare connection.
The answer I got was not convincing either in favor of or against being able to use the FVS318 to route IPX packets over VPN. I was finally able to convince the tech rep to kick the question up the ladder. The tech's supervisor answered that
"the FVS318 will NOT route IPX traffic."
That's it. So, I am still looking for a solution. I may actually have Border Manager, but I don't know anything about it.
It sure does seem like if PuTTY or something like the FVS318 can create a tunnel that lets me act as though I am physically connected to the network at my office, why can't I run the NetWare Client and log on to the server.
Anyway, that probably doesn't help atray, but at least it eliminates one thing that might have appeared possible. :mad:
I talked today with NETGEAR about the idea of using their FVS318 to provide VPN for my NetWare connection.
The answer I got was not convincing either in favor of or against being able to use the FVS318 to route IPX packets over VPN. I was finally able to convince the tech rep to kick the question up the ladder. The tech's supervisor answered that
"the FVS318 will NOT route IPX traffic."
That's it. So, I am still looking for a solution. I may actually have Border Manager, but I don't know anything about it.
It sure does seem like if PuTTY or something like the FVS318 can create a tunnel that lets me act as though I am physically connected to the network at my office, why can't I run the NetWare Client and log on to the server.
Anyway, that probably doesn't help atray, but at least it eliminates one thing that might have appeared possible. :mad:
jumpedintothefire
05-11-2004, 10:25 PM
Should be able to tunnel the ipx over pppd using pptp...
I just don't have a need to pull this off....
old link (http://www.google.com/search?q=cache:IwoTP5t1VJsJ:www.lakesoft.net/docs/packages/pptpd-1.0.1/html/HOWTO-IPX%2BPPTP.txt+ipx+pptp+pppd+HOWTO-IPX%2BPPTP.txt+&hl=en)
good luck, I can help with the pptp part... ipx no....
I just don't have a need to pull this off....
old link (http://www.google.com/search?q=cache:IwoTP5t1VJsJ:www.lakesoft.net/docs/packages/pptpd-1.0.1/html/HOWTO-IPX%2BPPTP.txt+ipx+pptp+pppd+HOWTO-IPX%2BPPTP.txt+&hl=en)
good luck, I can help with the pptp part... ipx no....
atray
05-26-2004, 03:47 AM
The thing of it is that Novell 5 (which I run) has the capability of pure IP connection. What I can't figure out is how these machines connect to the Novell box besides of using some particular port. I remember reading about using broadcasts, but I'm not familiar enough with broadcasting to understand how this would affect a VPN connection.
Linesiders
05-27-2004, 09:28 AM
The thing of it is that Novell 5 (which I run) has the capability of pure IP connection. What I can't figure out is how these machines connect to the Novell box besides of using some particular port. I remember reading about using broadcasts, but I'm not familiar enough with broadcasting to understand how this would affect a VPN connection. Unfortunately I've had MS networks :rolleyes: tha past 2 years and not Novell but I was doing this 3 years ago. If I remember correctly you need to run a 5x server, probably your master replica, running directory service locator protocol (or something like that) and entering the IP for that server in your NW client. This will allow your vpn client to forward NW service requests to the server which has a list of all IP based NW services on your corporate network. There were several articles on this in the Novell KB.
As long as you can get any IPSEC implementation talking across 2 points, whether linux to linux, PIX to PIX, Lkiny to Linky, PIX to Linky, whatever, you can access all of your NW functions over your IP connection (just need to tweak MTU settings).
As for tunneling IPX, have not done that in 7 years :eek: but it can be done...
As long as you can get any IPSEC implementation talking across 2 points, whether linux to linux, PIX to PIX, Lkiny to Linky, PIX to Linky, whatever, you can access all of your NW functions over your IP connection (just need to tweak MTU settings).
As for tunneling IPX, have not done that in 7 years :eek: but it can be done...
justlinux.com
Copyright Internet.com Inc. All Rights Reserved.
Copyright Internet.com Inc. All Rights Reserved.