We were enabling our users to access iPrint from the outside (requires a firewall filter, but doable). However, we wanted to "Secure" access to the WEB page. Opened a SR with Novell since I couldn't find any TID on this issue. After working with the Tech I was able to accomplish this. This is how we did it.

Firewall Filter:

Current BM FiltersServerIDSource InterfaceSource AddressProtocolDestination PortSource PortackFiltstFiltDestination InterfaceDestination AddressComments
1PUBLICTCP63101PRIVATEXXX.XXX.XXX.XXXTo allow iPrint services


ConsoleOne Settings:
Properties of LDAP Server - IPrintServerName - SSL/TLS Configuration Tab - Uncheck the "Require TLS for all Operations".
- Restrictions - Bind Restrictions is set to "None" and all "Limit" and "Timeout" options are set to "0".

Server Apache2 Settings:
Edit the \\ServerName\sys\Apache2\iprint\ipp.conf file and make the following within you file changes. (Search for the "IfModule mod_ipp.c" section and edit.)

************************************************** **********
# Changed this to require login
# this is the default config for secure printing
<IfModule mod_ipp.c>
<Location /ipp>
#Require valid-user
Order allow,deny
#Allow from all
#Type in the IP Segment for your Environment
Allow from XXX.XXX
Require valid-user
Satisfy Any
AuthType Basic
AuthName "Tree_Name"
AuthLDAPURL "ldaps://localhost:636/???(objectClass=user)"
AuthLDAPRemoteUserIsDN on
<IfModule mod_auth_ldap.c>
AuthLDAPEnabled ON
</IfModule>
AuthLDAPDNAuthoritative On
AuthLDAPAllowDNAuth On
</Location>

<Location /ipps>
Require valid-user
Order allow,deny
#Type in the IP Segment for your Environment
Allow from XXX.XXX
Require valid-user
#Satisfy Any
AuthType Basic
AuthName "Tree_Name"
AuthLDAPURL "ldaps://localhost:636/???(objectClass=user)"
AuthLDAPRemoteUserIsDN on
<IfModule mod_auth_ldap.c>
AuthLDAPEnabled ON
#Off
</IfModule>
AuthLDAPDNAuthoritative On
AuthLDAPAllowDNAuth On
</Location>
</IfModule>
************************************************** ***********

Stop and restart your Apache services. I used two NCFs to stop and then start Apache.

AP2WEBDN.NCF
***********************
# Shutdown for Apache Web Server for Netware

unload address space = os apache2
***********************


AP2WEBUP.NCF
***********************
# Startup for Apache Web Server for Netware
# This is called from autoexec.ncf

# Make sure that httpstk isn't listening on 80
httpcloseport 80 /silent

load apache2 -E sys:\apache2\logs\startup.err
************************

Now users who access our iPrint WEB Page from outside of our Network are prompted to log into NW via LDAP to access the page:

https://XXX.XXX.XXX.XXX/ipps

They would use their NW login name and their NW password.