To install Novell BorderManager 3.7 from a CD on the server:
Verify that you have NetWare 5.1 Support Pack 4 or NetWare 6.0 Support Pack 1 or later software on your server.
Mount the NBM 3.7 CD from server by typing CDROM on the server console.
On the server side, go to the X-Server graphical console. If X-Server graphical console is not loaded, type STARTX on server console.
If STARTX was already loaded, press Ctrl+Esc and select the X-Server Graphical Console.
Installation of Novell BorderManager 3.7 from NWCONFIG is disabled. The installation can be done only from the X-Server graphical console.
Click the Novell logo > select Install to display the currently installed products.
Click Add > browse to the root of the CD > click OK.
Select the Welcome page > click Next.
Read the license agreement. If you accept the terms of the agreement, click I Accept.
Refer to End User License Agreement for more details.
Check the check box for each Novell BorderManager 3.7 service you want to install.
NOTE: Regardless of what Novell BorderManager 3.7 services you select, licenses for all the services will be installed.
To install the licenses now, insert the Novell BorderManager 3.7 License diskette and enter the path to the license directory (for example A:\LICENSE) > click Next. Otherwise, check the Skip License Install check box > click Next so that it can be installed later.
You can install the system files without installing the license; however, Novell BorderManager 3.7 will not load until a valid or trial license is installed.
You can choose the trial licenses from the drop-down menu on this page.
At the login dialog box, log into the NDS or eDirectory tree with a fully distinguished name (with administrative rights).
You must have administrative rights to the root of the NDS or eDirectory tree. This requirement applies to any user who is a trustee with Supervisor rights at a container at the same level as the server. Administrative rights are required to extend the eDirectory schema to the tree, install product licenses, and configure Novell BorderManager 3.7 for the first time.
If you are installing BorderManager firewall/caching services or BorderManager VPN services, review the list of network interfaces and their IP bindings. Specify each interface as public, private, or both.
If you are upgrading, go to Step 16.
For both firewall/caching and VPN services, you must specify a public IP address to use with Novell BorderManager 3.7 to secure your network border. Public IP addresses specify server interfaces to a public network, typically the Internet. Private IP addresses specify server interfaces to a private network or intranet.
Specify a public IP address.
Specifying an interface as public makes the Set Filters to Secure All Public Interfaces check box available. Check this check box to deny all traffic into and out of the public interfaces. If this is an upgrade, existing filters are preserved and the option Deny All Filters is not set on public interfaces.
Specify a private IP address.
Select the check box Set Filters to Secure All Public Interfaces to set the default IP and IPX filters for the checked public interfaces. If this is an upgrade, the existing filters will be preserved.
Specify a gateway. If the Gateway IP field is empty, type the default gateway name.
Click Next.
If you have not specified a private IP Address go to Step 14; otherwise, go to Step 12.
Check the check boxes for the services that you want to enable. Filter exceptions for these services will be created on the public interface > click Next.
After installation, configure the Mail and News Services manually with NetWare Administrator.
NOTE: If there is only one interface and has a public filter, exceptions will not be created.
The check box for Access Control is enabled by default. We recommend that you accept the default. Access control enforces additional security by denying all traffic. Access control rules can be set by using the NetWare Administrator utility. Access rules are used to allow or deny access from any source or to any destination. This option comes up only if you select one or more services on the previous screen.
Enter a unique DNS domain name for your network > click Next.
Click Add to enter at least one or up to three DNS server IP addresses.
By default, the existing DNS entry will be listed.
Click Finish if you are done, or click Back to return to previous windows and modify your selections.
Do one of the following:
After rebooting, verify that FILTSRV.NLM is not loaded. If it is loaded, unload it. If it fails to unload, unload all FILTSRV.NLM dependent NLM files > unload FILTSRV.NLM.
Enter FILTSRV MIGRATE on the console prompt to migrate the existing filters to eDirectory.
Unload FILTSRV and load it in normal mode (Enter FILTSRV on the console prompt).