Sitemap

Amicuk Programming Answers

Minimal open ports for groupwise to use by vpn

-0001-11-30   Views:0

Advertisement

Hi, What are the minimal ports that need to be open to use groupwise online remotely (by use of vpn) ? We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2. - dns resolving for both udp and tcp are authorized and an user authentic

Hi,
What are the minimal ports that need to be open to use groupwise online
remotely (by use of vpn) ?
We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2.
- dns resolving for both udp and tcp are authorized and an user
authenticates to the FQDN like mail.domain.com
- port 1677 is open, but then it takes 10 minutes, before you can do
anything.
- after monitoring with an account with full rights to every protocol and
port, we see NCP being used, so after having this authorized, it is already
much better.
Still have to wait 1 minute.
Could it have something to do with the primary or dns suffix entries?
We do not use primary or dns suffix entries, so these are empty. The
connection suffix is being set by the dhcpserver. So this name differs for
each person at home.
What we see in the capture is that the groupwise server name is being
accessed by its hostname, like <servername>.<connection suffix>
An enduser can not resolve these server names remotely, unless the FQDN is
being used.
We do not wish to change primary of dns suffix entries, and prefer changes
on the serverside instead of clientside, but is this possible in this
situation?
Anyone has experience with this ?
Also some icmp request are being made. Is it required to allow icmp to the
groupwise server?
regards,
Marcel
by the way : if we remove the novell client, then only port 53, 1677 are ok
and performance is ok (within 10 seconds groupwise client opens)

The replay answer
Advertisement
Hi Craig,
Thanks for your answer, but how do you explain that adding ncp (524) over
tcp is decreasing the timeout?
In the Groupwise client options the archive and views are all located on a
netware server using the UNC syntax.
I do not see the public ip in the traces. In fact when tracing with a client
with restricted rights, I do not see anything at all. I need to trace with
all rights, to see what possibly could be used as protocol. Then I noticed
ncp (524) being accessed. So after that I authorized that and it was like a
dream came true.
However.... like I said. only with the novell client (4.91sp4) being used.
without novell client it just works fine. In vista with both novell client
and vpn client the slow gwclient also does not appear.
regards,
Marcel
"Craig Johnson" <[email protected]> wrote in message
news:[email protected]..
> GroupWise client only needs port 1677. TCP for GW Client, UDP for GW
> Notify.
>
> I often open filter exceptions to the POA for tcp port 1677 for people
> to connect remotely to the client without VPN. That's all they need.
>
> If you are trying to connect on that port, and the traffic is taking a
> long time, you might be seeing some sort of redirection attempt trying
> to take you to a public address instead of using the private IP of the
> POA.
>
> Craig Johnson
> Novell Support Connection SysOp
> *** For a current patch list, tips, handy files and books on
> BorderManager, go to http://www.craigjconsulting.com ***
>
>

Go to See the other 4 answers

Minimal open ports for groupwise to use by vpn

Category:DefaultRelease time:-0001-11-30Views:130

Hi, What are the minimal ports that need to be open to use groupwise online remotely (by use of vpn) ? We use the novell client 4.91sp4 and groupwise 7.0.3hp on windows xp sp2. - dns resolving for both udp and tcp are authorized and an user authentic[More]

Port Forwarding for Cisco ASA 5505 VPN

Category:DefaultRelease time:2015-10-11Views:130

This is the Network Linksys E2500 ---> Cisco ASA 5505 ---> Server I beleive I need to forward some ports to the asa to use the IPsec VPN I just setup. I had the SSL VPN working but only needed to forward 443 for that....I assume that IPsec tunnel is[More]

SA520: problem when trying to access HTTPS over custom port in a site-to-site vpn

Category:DefaultRelease time:-0001-11-30Views:130

We've set up a site-to-site VPN between our SA520 and our SmoothWall running at our data center. The tunnel is always connected, so that part runs fine What works fine: - Client 192.168.11.1 is able to start an RDP session (on it's default port 3389)[More]

How to manage port 80 hosts via gateway - gateway vpn (rv220w)

Category:DefaultRelease time:-0001-11-30Views:130

I replace our aging rv082 routers with wireless rv220w routers. The gateway to gateway vpn works great, however I am no longer able to manage our print servers port 80 management page. I can ping any host with success, and I can manage hosts that hav[More]

Port Forwarding for OS X Server VPN on BT Home Hub...

Category:DefaultRelease time:-0001-11-30Views:130

We have BT Infinity using a BT Home Hub 5 and I have recently installed OS X Server to create my own VPN. However, I cannot seem to get the hub to open the ports I desire using the port forwarding tool - I have tried everything I can think of includi[More]

What TCP/UDP ports need to be open for VPN Client version 4.8?

Category:DefaultRelease time:-0001-11-30Views:130

What TCP/UDP ports need to be open for Cisco VPN Client version 4.8 to work? Thanks,Normally, you need the following ports and protocol : UDP 500 UDP 4500 ESP In case, you are using IPSec over TCP you have to open, TCP port 10000 or any other port yo[More]

Lion Server: VPN external ports to open on firewall

Category:DefaultRelease time:2015-10-11Views:130

With Leopard/SnowLeopard Server, opening ports back to my server @ 500, 1701 and 4500 were sufficient for L2TP VPN.  I had no issues trying to connect to my VPN until I upgraded to Lion (which I'm quickly learning was a big mistake). Now it appears t[More]

Port Forwarding for L2TP/IPSec VPN Behind Verizon Actiontec MI424WR-GEN2 Rev. E v20.21.0.2

Category:DefaultRelease time:2015-10-11Views:130

I've got a NAS setup with various services running on custom ports to help minimize exposure (especially to script kiddies). I've tested everything both internally and externally to confirm they all work, and even had someone at a remote location con[More]

Unable to configure voice ports on cisco2811

Category:DefaultRelease time:-0001-11-30Views:130

I have configured the Voice Gateway and calls are working internally.   I recently installed a WIC-1B-S/T-V3 card to prepare to getting outside line access. To try a set of Dial-Peer and put the port command , but I have been rejected.  I've confirme[More]

Ports are being block (not responding)

Category:DefaultRelease time:-0001-11-30Views:130

Ports are being block (not responding), port forwarding is configured on the router and firewall is turned off on the server (osx 10.8).  Am I missing anything? Server has a static IP which I forwarded to ports to I'm setting up VPN server and need p[More]

Leopard VPN open ports

Category:DefaultRelease time:-0001-11-30Views:130

Hello, I use standard Leopard VPN for connecting laptop to my office network. Web and Exchange mail work fine but I cannot get connection to Perforce server (port 1666). Changing firewall settings didn't help. My Windows environment uses same VPN and[More]

Hot
I purchased R5450 vidocard via internet, put it on MB RS480M2 and the latter did not boot afterwards. (Tried everything). (It worked in another computer.....) I cannot sent it back: waited to long. Is there something with my BIOS? I have the latest o [More]
When I print from a PDF occasionally my 8500a Premium prints text in code. The format appears to be correct but the text prints in code. When I send the same PDF to another printer it prints fine. Please help.If you can't select composite CMYK it mea [More]
Hi, I need to send email (using JavaMail) to recipents on the internet. I am currently sending the email in html format. But some of the recipents got the email with html tags being diaplyed too (I know it is the client side that is unable to read/pa [More]
Hello everyone. I've got a quesiton for you Flash 8 video gurus...I've got websites that I'm using Flash 8's incredible video delivery on, for example, Billy Idol's keyboardist Derek Sherinian's site. I've been looking everywhere for a way to get the [More]
Hi    i configured the WM -PP Configuration After material staging and clicked the Proceed option in the production order . i found the TR thru lx09 (t code) and i did TO...after this i have same  stock is appearing in (production supply) -storage ty [More]
Hi all. we are using oracle 8.1.6 on windows-2000 with 2gb ram. we facing ora-12500 listner failed to start a dedicated server. error and for this we made certain changes. we also added a parameter in sqlnet.ora at server side sqlnet.expire_time=10.. [More]
I am desperate. I have a Mac Book Pro and I definitely am an Apple fan, However a year ago while an automatic software update was loading, My Safari crashed. Nobody has been able to get it to work, So I have tried other browsers, Firefox, Camino, Goo [More]
hey guys, did anyone out there manage to install sogo ( http://www.scalableogo.org/ ) on arch? i'm always failing trying to compile libfoundation. cheersTimm, you have to install gnustep-base and gcc-objc. Then add /opt/GNUstep/System/Tools to the PA [More]
I have a brand new iMac updated OS X and I can't open dmg files. It appears that I don't have DiskImageMounter. What do I need to do?The path for DiskImageMounter is Mac HD/System/Library/CoreServices. EDIT: Get Info on the .dmg and make Open With= D [More]
When exporting a swf file from CS5 how come is doesn't allow the same Flash features as in Flash? For example if you decided to zoom into a swf file in CS5 it doesn't move. However from Flash the published swf file moves when you zoom in. Is there so [More]