Novell Home

My Favorites

Close

Please to see your favorites.

How to set up an IP device behind BorderManager using Static and Dynamic NAT.

(Last modified: 02Jan2003)

This document (10053602) is provided subject to the disclaimer at the end of this document.

goal

How to set up an IP device behind BorderManager using Static and Dynamic NAT.

fact

Novell NetWare 4.11

Novell NetWare 5.0

Novell NetWare 5.1

Novell BorderManager 3.0

Novell BorderManager 3.5

symptom

An IP device, such as a web server, email server, or FTP server, is located on the Private NetWork and has to be accessed through the BorderManager Firewall with NAT enabled.

fix

"Add Secondary IP Address X.X.X.X" on the server console prompt.  This is another public address that comes from your ISP.

This is needed so that clients on the public side of the network will be able to reach the IP device on the private side.  The Firewall has to translate the public address to the private address before the clients can get to that IP device.

Enable NAT in STATIC and DYNAMIC MODE.

INETCFG | Bindings | Select your public NIC | Expert TCP/IP Bind Options | Network Address Translation | Status - Change this to Static and Dynamic

Next you will select: Network Address Translation Table: | then hit "insert" to insert the secondary address you added in the beginning as the "Public Address" mapping to the "Private Address" of the internal web server.

You can test that the secondary is working by pinging it. Make sure that the device on the private side which you are doing a static NAT for has a default route to the private IP address of BorderManager.

Also keep in mind that from the Private NetWork incoming and outgoing traffic will be blocked by filters until filter exceptions are created.(Refer to TID#10013565 for Web Server filters, as an example)

Also, if you have problems with not being able to ping the secondary ip address you have set up, test with another one to make sure it is or isn't the IP address.

Another option to consider which would accomplish the same task but has some cacheing options is to configure a Generic Proxy (TCP or UDP).  These options are available in BorderManager Setup under the Application Proxies.  Refer to TID # 10011006

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

  • Document ID:
  • 10053602
  • Solution ID: NOVL13260
  • Creation Date: 30May2000
  • Modified Date: 02Jan2003
    • NovellGroupware

      NetWare

      BorderManager Services

Did this document solve your problem? Provide Feedback