Hello BM experts, I am a Network admin for a government school. We are
just
one school in a huge intranet where there is approx. 2,200 schools of
all
different sizes and locations. We are given the selection of NOS' and
appox.
500 of these schools have Netware 6. We also have licenses for Zen4
and
BM3.7. The problem I've just discovered is that although the schools
love
their netware servers none of them know how to configure BM3.7 and are

leaving this out of their network. Consequently there is no control of
any
sort on Internet traffic. The govt has even moved each school upto a
broadband link to this intranet.
Could someone please,please help me configure BM3.7 so that I can get
the
ball rolling and show the other schools what a great tool it is.
Here is the setup of the school configurations:

1. All schools are given internal IP's in the form 10.x.y.z (1<z<255)

where certain IP's are reserved for certain services e.g 10.x.y.1 is
the
router and if you choose to have a proxy then it has to be 10.x.y.20

2. Numerous school are using 'out a box' solutions even in a netware
environment but with no NDS connectivity. They have been shown how toconfigure their conf files as follows:
************************************************** **************************

***********************
****************If their using squid: alter the squid .conf file as
follows:***********************
************************************************** **************************

***********************
Firstly, find the cache_peer tag and set it as follows:

cache_peer wcomedu.schools.nsw.edu.au parent 8080 3130 no-query
no-digest

This will set the correct parent and proxy port and stop the use of
ICP
which is not supported in our network.

Secondly, find the ACL (Access Control List) - acl all src
0.0.0.0/0.0.0.0
and then add this information in the order presented:

# these access control lists contain everything in the internal DET
network
acl local-domains dstdomain .det.win .tafensw.edu.au .tafe.nsw.edu.au..det.nsw.edu.au .det.nsw.gov.au .schools.nsw.edu.au
acl local-networks dst 10.0.0.0/255.0.0.0 172.16.0.0/255.240.0.0
192.168.0.0/255.255.0.0 153.107.0.0/255.255.0.0
203.15.80.1/255.255.255.255
203.15.80.2/255.255.255.255 144.130.7.5/255.255.255.255
144.130.4.5/255.255.255.255 157.85.12.0/255.255.255.0
166.100.23.144/255.255.255.248

# then specify an acl for everything else
# this can be locked down to just clients on the local network if
desired
acl all src 0.0.0.0/0.0.0.0

Following this find the never_direct tag and then add this information
in
the order presented:

#this double negative makes the proxy go direct for the sites in this
acl
never_direct deny local-domains
never_direct deny local-networks

#this makes everything else go via the parent
never_direct allow all

************************************************** **************************

***********************
************* IF their using an ISA proxy then they configure their
10.x.y.20 as follows: *********
************************************************** **************************

***********************
Open the ISA Management application.
expand "Network Configuration" in the tree
select "Local address table"
add the following network ranges by right clicking and selecting "New
>> LAT

Entry"

10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
153.107.0.0 to 153.107.255.255
203.15.80.1 to 203.15.80.2
144.130.7.5 to 144.130.7.5
144.130.4.5 to 144.130.4.5
157.85.12.0 to 157.85.12.255
166.100.23.144 to 166.100.23.151

select "Local domain table"
add the following domains by right clicking and selecting "New >> LDT
Entry"

*.det.win
*.tafensw.edu.au
*.tafe.nsw.edu.au
*.det.nsw.edu.au
*.det.nsw.gov.au
*.schools.nsw.edu.au

select "Routing"
Edit the default rule
select the action tab
select "Routing them to a specified upstream server"
click on "settings"
In "server or array" put wcomedu.schools.nsw.edu.au
set "port" and "SSL port" to 8080
UNcheck the other boxes
OK. OK.

Add a new rule
name: internal
applies to: all internal destinations
action: retrieve directly
all other settings: accept the default


!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
We need a BM3.7 configuration.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Could anyone interpret the above and convert it to a BM3.7
configuration. If
you can your help would be greatly appreciated and I'm sure lots of
schools
would move over to BM once they find they can track and log every
movement
that every user on their network does!

much appreciated
sam russo
sam@duval.nsw.edu.au