What version of Netware are you running on the server? If it 5 or 6, it's native IP, so basically you're sending IP traffic out of the Pix, which should work. It sound as if your problem may be with the packet actually coming back into the Pix. Do you have any rules that may be preventing the server from responding back to the client? Here is the information from Novell's website listing the port that Novell uses
TCP and UDP are both used by NetWare 5.1 and NetWare 6.0 for Pure IP connectivity. The following ports are used for communication. TCP 524 - NCP Requests - Source port will be a high port (1024-65535) UDP 524 - NCP for time synchronization - Source port will be a high port UDP 123 - NTP for time synchronization - Source port will be the same UDP 427 - SLP Requests - Source port will be the same (427) TCP 427 - SLP Requests - Source port will be the same (427) TCP 2302 - CMD - Source port will be a high port UDP 2645 - CMD - Source port will be the same (2645) Not bad for "junk" as you call it. ----- Original Message ----- From: "Brian Zeitz" To: Sent: Tuesday, August 13, 2002 2:02 PM Subject: RE: Cisco PIX & Novell [7:51303] > Usually people set up a web interfaces for this. I don't really know the > Novell Junk, but I would start by upgrading the client to Novell 6, if > you even want to attempt VPN, if that's what you are trying to do. > > If the server is on the DMZ, you want cut though proxy (probably doesn't > work with Novell). If you server is on the internet, you don't want to > transmit your passwords over the internet in clear text so you need VPN. > > Save yourself a lot of headaches and trouble and switch to Microsoft or > Unix. > > -----Original Message----- > From: John Chang [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 13, 2002 1:24 PM > To: [EMAIL PROTECTED] > Subject: Cisco PIX & Novell [7:51303] > > We have a Cisco PIX 525. The Novell 5.1 user/client is behind the > firewall. The server is outside the firewall. What do I need to do > make > the client be able to sign into the server? We have it configured so > that > anyone in the inside can do any ip to the outside? The Netware client > is > set to use IP as the preferred method. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51325&t=51303 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
