The Novell IP Gateway client software must be set up on each Windows workstation that accesses the Internet through the gateway server. This task is typically the responsibility of the network administrator or the person responsible for desktop administration and support. In some cases, users set up their own gateway client software.
All gateway clients must have the gateway component of the Novell Client software installed and set up. The gateway component is installed by selecting a custom client installation and selecting Novell IP Gateway from the list of additional components to install.
All clients using the IP/IP gateway must have a TCP/IP stack installed and set up.
Refer to the following procedures for setting up Novell IP Gateway clients:
To enable the gateway client software on Windows NT or Windows 98 clients and set up a preferred gateway server:
Right-click Network Neighborhood > select Properties.
To set up a Windows 98 client, select the Configuration tab and click Novell IP Gateway.
or
To set up a Windows NT client, select the Protocols tab > click Novell IP Gateway in the Network Protocols list.
If you do not see Novell IP Gateway in the list, you probably do not have the gateway client component installed on your workstation. Do not continue with this procedure until you have installed the Novell Client software provided with the Novell BorderManager 3.7 product. For more information, refer to Installing the Novell Client Software .
Click Properties > check the Enable Gateway check box.
In the Preferred Server field > the preferred gateway server.
The correct syntax for the gateway server is the server name with -GW appended to it. You must also include the server's context with a leading period. For example, if the Novell IP Gateway is enabled on the server SJ-NW5 whose context is docs.novell, specify the preferred gateway server as .SJ-NW5-GW.docs.novell.
In the Preferred Tree field, enter the NDS or eDirectory tree where the server is located > click OK.
Restart the workstation.
A workstation running the Novell Client software and a SOCKS application is considered a SOCKS client.
To enable a SOCKS client to use the Novell IP Gateway SOCKS service, the IP address or hostname of the Novell BorderManager 3.7 server is typically set up in the SOCKS application to identify the Novell BorderManager 3.7 server as the SOCKS server.
SOCKS applications might also require the following to be set up:
For more specific information, refer to the documentation provided with your SOCKS applications.
When single sign-on is enabled, the Novell IP Gateway software can perform background NDS or eDirectory authentication for Windows 98, Windows NT clients, and SOCKS 5 clients that have the NDS or eDirectory authentication capability. With single sign-on enabled on the server, a user who is already logged in is not presented with a login dialog box to use the Novell IP Gateway's IPX/IP gateway or SOCKS services.
Before single sign-on can occur, the client workstations must be running CLNTRUST.EXE and DWNTRUST.EXE. CLNTRUST.EXE enables the client to be authenticated in the background, and DWNTRUST.EXE stays resident on the client to terminate CLNTRUST.EXE after a user logs out.
These files are located in the SYS:PUBLIC directory on the server. The gateway component of the Novell Client does not run these files automatically, nor does the SOCKS 5 client software. Although these files can be copied to client machines and run by batch files before users log in to NDS or eDirectory, it is more effective to create a login script for each user you want to be authenticated using the single sign-on feature. By implementing a login script, when a user logs in to NDS or eDirectory from any workstation, that workstation automatically runs DWNTRUST.EXE and CLNTRUST.EXE.
To create a login script:
In NetWare Administrator, right-click the container object where you want to create a login script and select Details.
Select Login Script.
In the login script field, enter the following lines that apply to the operating systems on users' workstations, where Server_Name is the name of your server:
If OS= WINNT THEN
# Server_Name\SYS\PUBLIC\DWNTRUST.EXE
# Server_Name\SYS\PUBLIC\CLNTRUST.EXE
END
IF OS = "WIN95" THEN
# Server_Name\SYS\PUBLIC\DWNTRUST.EXE
# Server_Name\SYS\PUBLIC\DWNTRUST.EXE
END
IF OS = "WIN98" THEN
# Server_Name\SYS\PUBLIC\DWNTRUST.EXE
# Server_Name\SYS\PUBLIC\CLNTRUST.EXE
END
Click OK to close the Login Script page, the Details page, and exit NetWare Administrator.
Because the Gateway Client Transparent proxy feature is enabled by default, no configuration is required. When a user logs in to NDS or eDirectory, the gateway component of the Novell Client software locates all the proxy servers that the user has permission to access. If the user starts a browser session, the Novell IP Gateway client connects to the first proxy server it finds during its search of the NDS or eDirectory database and does not make a connection through the Novell IP Gateway.