Setting Up a Rule to Allow VPN Clients to Access VPN Servers

Access rules for VPN clients apply to both VPN LAN clients and to VPN clients that are attempting to connect to a VPN server using a dial-in connection.

To create an access rule for a VPN Client:

  1. In NetWare Administrator, right-click the object where the access rules are to be created and select Details.

    2.

  2. Select the Novell BorderManager 3.7 Access Rules page > click Add.

    3.

  3. In the Access Rule Definition page, specify Allow (the default).

    4.

  4. For Access Type, select VPN Client.

    5.

  5. Under Source, accept Any to apply the rule to all NDS or eDirectory objects, DNS hostnames, IP addresses, and subnets. Otherwise, select users, groups, or hosts as follows:

    1. Click Specified > click Browse.

      2.

    2. Click Add, select from among the available objects in the NDS or eDirectory tree > click OK.

      3.

    3. Add additional sources.

      4.

    4. When you have added the sources you want, click OK.

      5.

  6. Under Destination, accept Any to apply the rule to any VPN server in the NDS or eDirectory tree; otherwise select destinations as follows:

    1. Click Specified > click Browse.

      2.

    2. Click Add, select from among the available server objects in the NDS or eDirectory tree > click OK.

      3.

    3. Add additional destinations.

      4.

    4. After you have added all the destinations, click OK.

      5.

  7. (Optional) If you want the server to record all access attempts that match the rule, click Enable Rule Hit Logging.

    Logging access attempts can affect server performance; however, it is recommended that you do so to detect unathorized activity.

    8.

  8. Click OK, as necessary, to return to the Novell BorderManager 3.7 Access Rules page > click OK to update the access rules.

    9.