Craig

thanks for the reply

as my NBO appliance is behind another NAT hop and doesn't have an A
record anyway I won't be accessing it to login or manage from my main
office so for this particular application I only need

636 for Secure LDAP from NBO to main office LDAP server (it is how
remote users are authenticated to main tree)
and
873 for Rsync as I want the data on NBO appliance to replicate back to
main office

as far as I can make out the others would be required under the
following situations:
20 and 21 for FTP access to NBO - i have this dissabled anyway
80 HTTP and 443 HTTPS would be for user on net, or in main office, to
access NBO app
111 NFS would only be for windows clients to map drives to NBO
631 IPP required if I want backup print queues in main office incase
NBO goes down
1229 for ZenWorks - can't use as I don't have ZenWorks 4 Servers
2049 NFS allows unix clients to mount drives from NBO
2121 if you wish to administer NBO via FTP - i have it disabled
2222 port for NBO app administration pages
8080 port for main office iManage pages for LDAP config

have set up 636 and 873 as Generic Proxies with filter exceptions
similar to your Intro books example for NetWare Web Manager

seems to be working ok, thanks for the help

Simon


>>> Craig Johnson<craigsj@ix.netcom.com> 03/05/03 05:00:02 >>>

In article <OHtsa.8893$jU.1963@prv-forum2.provo.novell.com>, Simon
Shilton wrote:
> Port Used For
> 20 FTP
> 21 FTP


If you need FTP.

> 80 HTTP


Yep.

> 111 NFS


Probably don't need it.

> 443 HTTPS


Yep.

> 631 IPP (Printing)


Maybe - if you need to print across the firewall.

> 636 LDAPS


I'm skeptical.

> 873 RSync


Probably.

> 1229 ZENworks for Servers Tiered Electronic Distribution


New one on me.

> 2049 NFS


Skeptical

> 2121 FTP administration


New one on me.

> 2222 Web-based administration utility


iManager secure port?

> 8080 iManager


Yep.


Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files, books and
consulting services for BorderManager, go to
http://nscsysop.hypermart.net ***