Currently, I work for an agency that is part of a larger organization.
particular agency has 11 locations, and we share the same frame relay

cloud with about 70 other activities. As a result, when I browse for
specific tree, I have about 70 to choose from. Currently, the routers

serve as DHCP servers, as well.

My remote offices are small (average 3 pc's per site, no servers),
about 50 at my primary location (plus all servers). I want to secure
servers and regulate internet access for all clients both local and

My conclusion was to use BorderManager 3.7 to firewall off my primary

location, drop IPX and go with straight TCP (and SLP). Then, I would

implement proxy services and firewalling, install DNS/DHCP services
the main site only), and implement a site to site VPN for my remote
offices. I also intend to ask for ACL's to be set up on the routers
added security.

Questions are as follows:

1) Does this set-up make sense?

2) Since the routers are currently acting as DHCP servers as well, I
I would need to configure my primary netware server as a DNS/DHCP
for my internal network. I guess I could go from the current (for
example) 10.1.1.x ( is the gateway) to a static public
of and a private interface of I would then use
on the public interface, with as the gateway.

I just want to make sure that the public address of (my
router interface is 10.1.1.x) is going to get me the correct
with the WAN.

3) I know if I want to allow some of my users to connect from home, I

would need the routers external IP. Would I need the DLCI
information, as
well? In other words, set up a WAN board interface?

Thanks in advance for all of your insights!

Pat B.