I'm having trouble getting the VPN to load/work.

I'm using BM3.8 running on a NW6.5sp1a server.

I've configured the system per "A Beginnerís Guide To
BorderManager 3.x" for a BM3.8 VPN as I do not require the legacy services.

When I try to connect with the client I get an error: "Either X.X.X.X is
an invalid VPN server address or the authentication gateway is not
loaded on the VPN server"

I've tried connected as the client with and without the filters loaded,
the only difference is that when the filters are not loaded, I get that
error message immediately - when the are, it takes 30 seconds or so to
come up.

I've attached two log files, the logger screen for when I run
startbrd.ncf as well as the SCMLOG from running "runvpn.nlm -l3" (I
slightly modified "startvpn.ncf" to get all the information from just
running "startbrd.ncf"). I didn't see any obvious error messages to try
and fix. I've also tried some suggested solutions in the Novell
knowlegdebase for authgw.nlm and ike.nlm problems.

I'd have just wiped the server and tried to reinstall from scratch,
however this server hosts the CA for our network (I'd have preferred to
have it on a different server, but the firewall was the first system in
our new tree.).

I've noticed the following things which may or may not have to do with
the problems I'm having.

1. The filtering side of BorderManager is working great.
2. The authgw.nlm and ike.nlm modules are not loaded after I run
"startbrd.ncf"
3. There is not a VPTUNNEL board in INETCFG nor are any of the LAN or
NLM's loaded after I've run "startbrd.ncf". I don't know very much
about BM3.8 yet, so I wasn't sure if having this was still required...
If so, when was it supposed to be created?
5. Sometimes the server hangs when trying to unload "AUTHGW" when I run
"stopvpn.ncf." I've been unable to discern what difference there is
when I get a clean exit and when I do not.
6. "SCMAGENT.NLM" doesn't always seem to unload cleanly when I run
"stopvpn.ncf." I need to run "java -exit" to remove it.
7. Both "pkdiag" and "dsrepair" come back clean for all servers on my
network.


<F1> for Help-----Top Of Screen Buffer Cleared - Lines Lost: 0
Loading module RUNVPN.NLM
Novell Startup and shutdown module for VPN Services
Version 1.00.07 October 1, 2003
Copyright (C) 2002-2003 Novell, Inc. All Rights Reserved
Module RUNVPN.NLM load status OK
Loading module NETDB.NLM
This module is ALREADY loaded and cannot be loaded more than once.
Module NETDB.NLM load status NOT MULTIPLE
Loading module VPMON.NLM
This module is ALREADY loaded and cannot be loaded more than once.
Module VPMON.NLM load status NOT MULTIPLE
Loading module BRDSRV.NLM
Module SCMAGENT.NLM unloaded
Novell Border Server Service NLM PXY060
Version 3.60.04 September 19, 2003
Copyright (C) 1996-2003 Novell, Inc. All Rights Reserved
Module BRDSRV.NLM load status OK
Loading module NBMALERT.NLM
Novell Border Manager Alert Utility BM35_G.01
Version 1.05.01 May 19, 1999
Copyright (c) 1998 Novell, Inc. All rights reserved.
Module NBMALERT.NLM load status OK
Loading module PROXY.NLM
Novell Internet Proxy Server NLM PXY060_3
Version 4.01.09 October 17, 2003\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0 \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
Copyright (C) 1996-2003 Novell, Inc. All Rights Reserved
Auto-Loading Module ACLCHECK.NLM
Auto-loading module ACLCHECK.NLM
Novell ACL Check NLM PXY060_1
Version 4.70.15 September 26, 2003
Copyright (C) 1991-2003 Novell, Inc. All Rights Reserved
Module ACLCHECK.NLM load status OK
Auto-Loading Module PROXYCFG.NLM
Auto-loading module PROXYCFG.NLM
Novell Proxy Configuration NLM PXY060
Version 4.00.02 June 6, 2003
Copyright (C) 1991-2003 Novell, Inc. All Rights Reserved
Portions (C) Copyright 1986-1990 RSA Data Security, Inc.
Module PROXYCFG.NLM load status OK
Auto-Loading Module AUTHCHK.NLM
Auto-loading module AUTHCHK.NLM
Novell Background Authentication NLM
Version 3.70.05 July 10, 2003
Copyright (C) 1996-2003 Novell, Inc. All Rights Reserved
Module AUTHCHK.NLM load status OK
Portions (C) Copyright 1986-1990 RSA Data Security, Inc.
Module PROXY.NLM load status OK
Loading module BRDMON.NLM
Border Service SNMP/NCP Monitor NLM PXY038_2
Version 3.80.18 September 4, 2003
(c) Copyright 1996-2000 Novell, Inc. All Rights Reserved.
Module BRDMON.NLM load status OK
Loading module SCMAGENT.NLM
Novell SCM Agent
Version 1.00.13 September 30, 2003
Copyright (C) 2000-2003 Novell, Inc. All Rights Reserved
Module SCMAGENT.NLM load status OK
Loading module JAVA.NLM
java.nlm (based on 1.4.2_02) Build 03120114
Version 1.42 December 1, 2003
Copyright (c) 2003 Novell, Inc. Portions Copyright (c) 2003 Sun Microsystems
Auto-Loading Module JSOCK.NLM
Auto-loading module JSOCK.NLM
Support For Java Sockets (loader)
Version 1.42 December 1, 2003
(C) Copyright 2000-2003 Novell, Inc. All Rights Reserved
Module JSOCK.NLM load status OK
Loading module JSOCK6X.NLM
Module JAVA.NLM load status OK
NetWare 6.x Support For Java Sockets (JDK 1.4.2)
Version 1.42 December 1, 2003
(C) Copyright 2000-2003 Novell, Inc. All Rights Reserved
Module JSOCK6X.NLM load status OK
Loading module JVM.NLM
Java Hotspot 1.4.2_02 Interpreter
Version 1.42 December 1, 2003
(C) Copyright 2003-2004 Novell, Inc. All Rights Reserved.
Module JVM.NLM load status OK
Loading module VERIFY.NLM
Java verify (based on 1.4.2_02)
Version 1.42 December 1, 2003
Copyright (c) 2003 Novell, Inc. Portions Copyright (c) 2003 Sun Microsystems
Module VERIFY.NLM load status OK
Loading module JVMLIB.NLM
Java jvmlib (based on 1.4.2_02)
Version 1.42 December 1, 2003
Copyright (c) 2003 Novell, Inc. Portions Copyright (c) 2003 Sun Microsystems
Module JVMLIB.NLM load status OK
Loading module ZIP.NLM
Java zip (based on 1.4.2_02)
Version 1.42 December 1, 2003
Copyright (c) 2003 Novell, Inc. Portions Copyright (c) 2003 Sun Microsystems
Module ZIP.NLM load status OK
Loading module JNCPV2.NLM
Native Wrapper Java Class Libraries for NetWare
Version 1.10 November 13, 2003
Module JNCPV2.NLM load status OK
Loading module SCMLIB.NLM
Service Configuration Manager Library Agent
Version 1.00 October 8, 2003
Copyright 2000 Novell, Inc. All Rights Reserved.
Module SCMLIB.NLM load status OK
Loading module JNET.NLM
Java jnet (based on 1.4.2_02)
Version 1.42 December 1, 2003
Copyright (c) 2003 Novell, Inc. Portions Copyright (c) 2003 Sun Microsystems
Module JNET.NLM load status OK
Loading module VPMASTER.NLM
VPN SERVER COMPONENT - NetWare VPN Master Control
Version 7.02.17 October 17, 2003
Copyright 1996-2003 Novell, Inc. All Rights Reserved.
Portions Copyright 1986-1995, RSA Data Security, Inc.
Auto-Loading Module VPNINF.NLM
Auto-loading module VPNINF.NLM
VPN SERVER COMPONENT-NetWare VPN Control Interface Module
Version 7.02.22 October 14, 2003
Copyright 1996-2003 Novell, Inc. All rights reserved.
Module VPNINF.NLM load status OK
Module VPMASTER.NLM load status OK
My Public(128):
Portions (C) Copyright 1986-1990 RSA Data Security, Inc.

3/11/04 1:23 PM NBM SCM: Initializing SCM Event Manager...
3/11/04 1:23 PM Server Name --> FIREWALL-TR-FA-1
3/11/04 1:23 PM Full DN Name of the server --> FIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM TREE name --> LKFD-TREE
3/11/04 1:23 PM Successfully created the dirCtx
3/11/04 1:23 PM Load VPN Modules --> vpnServerRole = 65536
3/11/04 1:23 PM MasterID=HOST DN=FIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED SERVER_OR_SERVICE --> DN=FIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM MasterID=VPNS2S DN=VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED SERVER_OR_SERVICE --> DN=VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED UNKNOWN --> DN=MemberContainer.VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED SERVER_OR_SERVICE --> DN=FIREWALL-TR-FA-1.MemberContainer.VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED RULE --> DN=Default_Traffic_Rule.VPNRules.VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED ACTION --> DN=Action.Default_Traffic_Rule.VPNRules.VPNS2SFIRE WALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Service.Default_Traffic_Rule.VPNRules.VPNS2SFIR EWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM MasterID=VPNMEMBER DN=FIREWALL-TR-FA-1.MemberContainer.VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM UNCHANGED SERVER_OR_SERVICE --> DN=FIREWALL-TR-FA-1.MemberContainer.VPNS2SFIREWALL-TR-FA-1.TR.LF
3/11/04 1:23 PM MasterID=VPNC2S DN=Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED SERVER_OR_SERVICE --> DN=Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED RULE --> DN=Default_Traffic_Rule.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED ACTION --> DN=Action.Default_Traffic_Rule.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Service.Default_Traffic_Rule.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Server.Default_Traffic_Rule.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=User.Default_Traffic_Rule.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED RULE --> DN=AdminToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED ACTION --> DN=Action.AdminToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Service.AdminToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Server.AdminToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=User.AdminToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED RULE --> DN=VPNUsersToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED ACTION --> DN=Action.VPNUsersToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Service.VPNUsersToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Server.VPNUsersToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=User.VPNUsersToAll.VPN Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED RULE --> DN=AllowNMAS.Authentication Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED ACTION --> DN=Action.AllowNMAS.Authentication Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=Authentication.AllowNMAS.Authentication Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM UNCHANGED CONDITION --> DN=User.AllowNMAS.Authentication Rules.Lakefield-C2SVPN.TR.LF
3/11/04 1:23 PM NDS Change Event Received
3/11/04 1:23 PM Changed object = Profiles.VPNS2SFIREWALL-TR-FA-1.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Service Profiles.Profiles.VPNS2SFIREWALL-TR-FA-1.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Action Profiles.Profiles.VPNS2SFIREWALL-TR-FA-1.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Host Profiles.Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Service Profiles.Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = User Profiles.Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Action Profiles.Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Authentication Profiles.Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED
3/11/04 1:23 PM Changed object = Auth Action Profiles.Profiles.Lakefield-C2SVPN.TR.LF Change Type = ADDED