Setting Up a Rule to Allow Access through the Novell IP Gateway

Access rules created for ports apply to users logged in from a Novell IP Gateway or SOCKS client. This section describes how to create an access rule for a port.

To allow users to access specific services through the Novell IP Gateway:

  1. In NetWare Administrator, right-click the object where the access rules are to be created and select Details.

    2.

  2. Select the Novell BorderManager 3.7 Access Rules page > click Add.

    3.

  3. In the Access Rule Definition page, specify Allow (the default).

    4.

  4. For Access Type, select Port.

    5.

  5. Specify the following under Access Details:

    • Select a service from the Service drop-down menu.
      •
    • Enter an origin server port or range of ports.
      •
    • Select a transport protocol from the Transport drop-down menu.
      •

  6. Under Source, accept Any to apply the rule to all NDS or eDirectory objects, DNS hostnames, IP addresses, and subnets, click OK. Otherwise, select users, groups, or hosts as follows:

    1. Click Specified, then click Browse.

      2.

    2. Specify an NDS or eDirectory object, a DNS hostname, an IP address or range of addresses, or a subnet, including its subnet mask, and click Add.

      For DNS hostname specifications, you can use the wildcard character (*) in your entry.

      3.

    3. Add additional sources.

      4.

    4. After you have added the sources you want, click OK.

      5.

  7. Under Destination, specify Any to apply the rule to any destination > click OK. Otherwise select destinations as follows:

    1. Click Specified > Browse.

      2.

    2. Specify a DNS hostname, an IP address or range of addresses, or a subnet, including its subnet mask, and click Add.

      For DNS hostname specifications, you can use the wildcard character (*) in your entry.

      3.

    3. Add additional destinations.

      4.

    4. After you have added all the destinations, click OK.

      IMPORTANT:  If you create a rule that allows access to any destination whose hostname must be resolved by a DNS name server, you must create another rule that allows the Novell BorderManager 3.7 server to resolve the hostname. Refer to Setting Up a Rule to Allow the Server to Resolve Hostnames.

      5.

  8. (Optional) If you want the server to record all access attempts that match the rule, click Enable Rule Hit Logging.

    Logging access attempts can affect server performance; however, it is recommended that you do so to detect unathorized activity.

    9.

  9. Click OK to close the Access Rule Definition page.

    10.

  10. Repeat the steps for each service you want users to be able to access.

    11.

  11. Click OK, as necessary, to return to the Novell BorderManager 3.7 Access Rules page > click OK to update the access rules.

    12.