We're working on the same thing currently. Our solution is to set up
a Netware 5 server running compatibility mode. The users do not log
into this machine, they just use it to convert their ip traffic to ipx
and send it on to the IPX Netware servers. This is transparent to the
end users. This will not get you back into the DMZ however, because
your firewall can't route IPX. It will get you away from PPTP. This
solution will deal with Secure Remote, and site to site VPNs. Your
remote netware clients have to be set up for compatibility mode.
Alternatively you can look into Novell's Border manager, which has
some firewall capabilities. Don't know much more about though.
THX,
Pete Goodridge
Abt Associates Inc.
______________________________ Reply Separator _________________________________
Subject: IPX
Author: Carric Dooley <[EMAIL PROTECTED]> at internet
Date: 6/9/1999 3:52 PM
I have a quick question that I was hoping to find some input on.
I have a requirement for getting IPX into my network over and IP VAN.
There is a proposed solution currently that I DON'T like, but I want to
see how many viable alternatives there are.
The current proposal is to creat a PPTP tunnel right into our network, and
just tunnel IPX through it. All other IP traffic is pumped into our
Private DMZ.
I have proposed SecuRemote (as FW-1 firewalls are involved) but that was
immediately poo-poo'd. Given PPTP's track record, I don't really trust
it.
I want to know what alternatives there might be for safely encapsulating
IPX and getting it inside the network without introducing too much danger.
Please let me know what you think.
Thank you
Carric Dooley
COM2:Interactive Media
http://www.com2usa.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
