Sitemap

Amicuk Programming Answers

Minimal open ports for groupwise to use by vpn

-0001-11-30   Views:0

Advertisement

Hi, What are the minimal ports that need to be open to use groupwise online remotely (by use of vpn) ? We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2. - dns resolving for both udp and tcp are authorized and an user authentic

Hi,
What are the minimal ports that need to be open to use groupwise online
remotely (by use of vpn) ?
We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2.
- dns resolving for both udp and tcp are authorized and an user
authenticates to the FQDN like mail.domain.com
- port 1677 is open, but then it takes 10 minutes, before you can do
anything.
- after monitoring with an account with full rights to every protocol and
port, we see NCP being used, so after having this authorized, it is already
much better.
Still have to wait 1 minute.
Could it have something to do with the primary or dns suffix entries?
We do not use primary or dns suffix entries, so these are empty. The
connection suffix is being set by the dhcpserver. So this name differs for
each person at home.
What we see in the capture is that the groupwise server name is being
accessed by its hostname, like <servername>.<connection suffix>
An enduser can not resolve these server names remotely, unless the FQDN is
being used.
We do not wish to change primary of dns suffix entries, and prefer changes
on the serverside instead of clientside, but is this possible in this
situation?
Anyone has experience with this ?
Also some icmp request are being made. Is it required to allow icmp to the
groupwise server?
regards,
Marcel
by the way : if we remove the novell client, then only port 53, 1677 are ok
and performance is ok (within 10 seconds groupwise client opens)

The replay answer
Advertisement
Hi Craig,
Thanks for your answer, but how do you explain that adding ncp (524) over
tcp is decreasing the timeout?
In the Groupwise client options the archive and views are all located on a
netware server using the UNC syntax.
I do not see the public ip in the traces. In fact when tracing with a client
with restricted rights, I do not see anything at all. I need to trace with
all rights, to see what possibly could be used as protocol. Then I noticed
ncp (524) being accessed. So after that I authorized that and it was like a
dream came true.
However.... like I said. only with the novell client (4.91sp4) being used.
without novell client it just works fine. In vista with both novell client
and vpn client the slow gwclient also does not appear.
regards,
Marcel
"Craig Johnson" <[email protected]> wrote in message
news:[email protected]..
> GroupWise client only needs port 1677. TCP for GW Client, UDP for GW
> Notify.
>
> I often open filter exceptions to the POA for tcp port 1677 for people
> to connect remotely to the client without VPN. That's all they need.
>
> If you are trying to connect on that port, and the traffic is taking a
> long time, you might be seeing some sort of redirection attempt trying
> to take you to a public address instead of using the private IP of the
> POA.
>
> Craig Johnson
> Novell Support Connection SysOp
> *** For a current patch list, tips, handy files and books on
> BorderManager, go to http://www.craigjconsulting.com ***
>
>

Go to See the other 4 answers

Minimal open ports for groupwise to use by vpn

Category:DefaultRelease time:-0001-11-30Views:130

Hi, What are the minimal ports that need to be open to use groupwise online remotely (by use of vpn) ? We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2. - dns resolving for both udp and tcp are authorized and an user authentic[More]

Port Forwarding for Cisco ASA 5505 VPN

Category:DefaultRelease time:2015-10-11Views:130

This is the Network Linksys E2500 ---> Cisco ASA 5505 ---> Server I beleive I need to forward some ports to the asa to use the IPsec VPN I just setup. I had the SSL VPN working but only needed to forward 443 for that....I assume that IPsec tunnel is[More]

SA520: problem when trying to access HTTPS over custom port in a site-to-site vpn

Category:DefaultRelease time:-0001-11-30Views:130

We've set up a site-to-site VPN between our SA520 and our SmoothWall running at our data center. The tunnel is always connected, so that part runs fine What works fine: - Client 192.168.11.1 is able to start an RDP session (on it's default port 3389)[More]

How to manage port 80 hosts via gateway - gateway vpn (rv220w)

Category:DefaultRelease time:-0001-11-30Views:130

I replace our aging rv082 routers with wireless rv220w routers. The gateway to gateway vpn works great, however I am no longer able to manage our print servers port 80 management page. I can ping any host with success, and I can manage hosts that hav[More]

Port Forwarding for OS X Server VPN on BT Home Hub...

Category:DefaultRelease time:-0001-11-30Views:130

We have BT Infinity using a BT Home Hub 5 and I have recently installed OS X Server to create my own VPN. However, I cannot seem to get the hub to open the ports I desire using the port forwarding tool - I have tried everything I can think of includi[More]

What TCP/UDP ports need to be open for VPN Client version 4.8?

Category:DefaultRelease time:-0001-11-30Views:130

What TCP/UDP ports need to be open for Cisco VPN Client version 4.8 to work? Thanks,Normally, you need the following ports and protocol : UDP 500 UDP 4500 ESP In case, you are using IPSec over TCP you have to open, TCP port 10000 or any other port yo[More]

Lion Server: VPN external ports to open on firewall

Category:DefaultRelease time:2015-10-11Views:130

With Leopard/SnowLeopard Server, opening ports back to my server @ 500, 1701 and 4500 were sufficient for L2TP VPN.  I had no issues trying to connect to my VPN until I upgraded to Lion (which I'm quickly learning was a big mistake). Now it appears t[More]

Port Forwarding for L2TP/IPSec VPN Behind Verizon Actiontec MI424WR-GEN2 Rev. E v20.21.0.2

Category:DefaultRelease time:2015-10-11Views:130

I've got a NAS setup with various services running on custom ports to help minimize exposure (especially to script kiddies). I've tested everything both internally and externally to confirm they all work, and even had someone at a remote location con[More]

Unable to configure voice ports on cisco2811

Category:DefaultRelease time:-0001-11-30Views:130

I have configured the Voice Gateway and calls are working internally.   I recently installed a WIC-1B-S/T-V3 card to prepare to getting outside line access. To try a set of Dial-Peer and put the port command , but I have been rejected.  I've confirme[More]

Ports are being block (not responding)

Category:DefaultRelease time:-0001-11-30Views:130

Ports are being block (not responding), port forwarding is configured on the router and firewall is turned off on the server (osx 10.8).  Am I missing anything? Server has a static IP which I forwarded to ports to I'm setting up VPN server and need p[More]

Leopard VPN open ports

Category:DefaultRelease time:-0001-11-30Views:130

Hello, I use standard Leopard VPN for connecting laptop to my office network. Web and Exchange mail work fine but I cannot get connection to Perforce server (port 1666). Changing firewall settings didn't help. My Windows environment uses same VPN and[More]

Hot
I completed a search for this problem here and other forums, and found very useful information, however, I still need help. My laptop is an HP Pavillion dv1000, Intel Centrino, Windows XP, 1.24G of RAM; Camera is a Canon 5D, shooting JPEG only. After [More]
I created an oracle report to generate (Oracle reports 10g) PDF output and called it from APEX through rwservlet and I am getting the output without any issues but if I repeat the same process for CSV output i am getting unwanted output. it not resem [More]
about 6 monhs ago the printer stopped printing stating it was a out of ink (black) after i replaced the cartridge it stopped again after about 10 days. i contacted HP and they basically told me to get a new printer. i decided to try a new cartridge a [More]
I'm getting ready to get a new - or maybe just old - Mac Pro. My choices are the 2.66 Quad core (early 2009) that should be dropping in price very soon or 3.33 hexacore (2010). I'd be putting in 24-32 GB of Ram in whichever machine I get, plus a SSD [More]
Hi All, Is it normal thing for Sync messages to have more latency time than async messages in PI. if yes then what is the reason behind it? Also whats the appropriate latency time in PI? ThanksHi XIer, synchronous message sender need to wait for a re [More]
I just bought a new high-fi system, made for connecting to the new input of the iPhone 5, but all of my music is on my iPod classic, with old input design. Is there an adapter available for this set-up? I've only ever seen this problem the other way [More]
hi all i have created a report in apps 11i in Oracle HRMS but i am getting the message "The file is damaged and could not be repaired" could anyone please tell me the reasonhi template.fmb is for forms rite my requirement is to create a form let [More]
Hi! All I have the following user requirement: The Material number in one of the client system is in the following format- 70000-00001, which is a symbolic number. There are already 54000 records in that particular system. These records needs to be c [More]
How does one create multiple devices for the many ipod/ipad products in one household. Each serial number should have it's own device name! Using the minor device number is what I would do if I was writing an ethernet driver for example. But all I wa [More]
Need desparate help please... A very strange thing is happening. I have DATA_ITAB for ALV display. The ITAB has 2 extra fields one for STYLE one for COLOR as follows:- TYPES : cellstyles TYPE lvc_t_styl , *for editing cells For cell coloring cellcolo [More]