Here's a good one (sorry it's so long): What we had were BM3.7 servers
running on NW5, connecting two lans (nw 4.11 & 5.x servers) in a
master-slave arrangement. Always worked, and the m/s vpn still works great.
At this time we were also able to run the VPN client from a remote laptop
and authenticate to the network over the internet(not log in) in order to
run IP-only applications like groupwise and PCanywhere. When we PINGed IP
nodes on the LAN, things worked fine. We could never access the LAN at teh
far end of the WAN, but that just may have been one NAT too many and it was
a minor issue.Worked for years.

THEN last year we added NW6.5sp3 servers to each of the LANs, as we began
our migration from nw4.11 and nw5. Once we accomplished this, we seemed to
lose the ability to access IP nodes on our LAN when we connect with the VPN
client as we could before. The client still reports a successful
authentication (even shows the correct name of the server), however we can
neither ping other objects or run our applications. And the VPN client
seems to be reporting that the client has been assigned an IP address
consistent with the private IP address of the VPN tunnel, as opposed to an
IP address that would enable the client to work on the LAN. I do not recall
if that was the case before, but I do know that I could PING things on the
LAN in the good old days.

Did the upgrade to 6.5 create some change in Edirectory (can we still just
say NDS?)to cause this non-functionality? or is something else at play? Our
VPN server is still NW 5, still BM 3.7. And although the authentication
seems to work, netware login fails as well.

Any suggestions would be appreciated. Thanks for reading. RS