Using Novell BorderManager as an Address Translator

In this scenario, Acme Company wants all users on the private network to be able to access the Internet without registered IP addresses. Acme also wants to make the SMTP and Web servers on the intranet available to public clients. Acme has the following requirements:

• Configure a Novell BorderManager 3.7 server with NAT in dynamic mode to allow private users to access the Internet
• Make private SMTP and Web servers available through NAT static mode
• Consider filter settings for SMTP and Web servers on the NAT interface

The following Novell BorderManager 3.7 components are used to implement this scenario, as shown in the following figure:

• Packet filtering
• NAT

NOTE:  This scenario might not apply if your intranet Web server has links to other intranet Web servers, or if your intranet SMTP server has links to other intranet SMTP servers.

Figure 29
Using Novell Novell BorderManager 3.7 as an Address Translator

To use Novell BorderManager 3.7 as an address translator, Acme Company must perform the following general sequence of steps:

1. Install Novell BorderManager 3.7, enabling packet filtering on public interfaces.

   For more information and Novell BorderManager 3.7 installation procedures, refer to the Novell BorderManager 3.7 installation documentation.

2. Using the FILTCFG utility at the server console, enable the following filters:
   • For the intranet SMTP server, insert filter exceptions on the NAT interface to allow inbound SMTP requests and outbound SMTP responses.
   • For the intranet Web server, insert filter exceptions on the NAT interface to allow inbound HTTP requests and outbound HTTP responses.

3. Using NIASCFG, enable and configure NAT to use dynamic and static mode.

   For more information and configuration procedures, refer to the Novell IP Gateway and NAT online documentation.