Good afternoon.

We are building a network system to include Groupwise 6.5 with
Bordermanager 3.8 using NAT. We would like to allow the GW remote client
to access the system without needlessly opening ports. The Novell
TID10054016 demonstrates the creation of what looks to be a wide-open in-
bound packet exception for use with Groupwise 6.

My questions are: will the method described actually leave the port open
to port scans and further intrusion? Is there a way to tighten it down
so it does not create an open hole? Did I miss something?

Thank you for your time.