We have users on a MS network with workstations that have Client32 4.90 or
4.91 installed, They need to log in to a BM3.8 proxy on a NW6.5 network on
the other side of a router.

User - WinXP/ Client32 4.90
Server BM3.8/NW6.5

The user has a valid account on the NW6.5 network
Users on the NW6.5 network log in to BM3.8 using SSO and Clntrust.

The users on the MS network initially log in to MS only, but can
successfully log in to the NW6.5 network after the initial login. They can
also log in to the BM3.8 proxy using SSL and the Http login page.

What I would like is that users on the MS network are able to log in to the
BM3.8 proxy using Clntrust. What, specifically, is needed before Cln trust
works for them?
What ports need to be open on the router for Clntrust to work?
I presume that a user would first have to log in to NW?

Are there any other way I can have the MS users log in to BM3.8 with
minimum effort and still be accountable via the BM3.8 proxy?

Geoff Taylor BSc Dip Ed