I am a bit confuse on this setup. Do I have to have all users login
through the Bordermanager server?

I have one server running BM3.8, and a secondary server where all users
are located. Both server have their own tree. people logon to the
secondary server and they do not login to the BM 3.8 server at all.

All that I do is just point to the proxy (192.168.2.1) and that is it. I
have set up Dynamic Only on the public card, and I am using only HTTP
Proxy, and the IPX/IP Gateway.

The issue is, the more I read about authentication, it seems that in order
to authenticate users I will need to have them logon through the BM3.8
server. Is this correct? Is my above configuration correct and secure?

Please advise.

Juan Gonzalez