Novell Border Manager Setup for  FTP 

Q.  If I need to...How do I configure the Novell Border Manager FTP Application Proxy?

A.  You configure the FTP Proxy from NWADMIN.  Follow the steps below:

1.  From NWADMIN BorderManager Setup page enable the FTP Proxy service.
2.  Select FTP Proxy and click the Details button.
3.  Change the Separator character if desired.  The Username/Password Separator is the character that separates the NDS username, FTP username, and FTP hostname.  The default character is the dollar sign ($).  Some users prefer to use the @ symbol.
4.  Enable Userbased Authentication if desired.  If this parameter is not enabled, the user will not be required to enter their NDS username and password when accessing the FTP proxy server.  If you want to configure Access Control based on NDS User or Group you will need to enable this feature.
5.  Enable Logging if desired and then select OK to exit page and save settings.
6.  Select OK again and wait for the time stamp synchronization to complete

Q.  What USER and PASSWORD syntax is used in a client FTP application when NDS Authentication is Disabled?

A.  When NDS Authentication is Disabled you should use the following syntax when prompted for the Username and Password:

USER:   ftpUser@ftpHost  (example: anonymous@hurrevac.com)
PASSWORD:  ftpPass  (example: youremailaddress@company.com)

Q.  What USER and PASSWORD syntax is used in a client FTP application when NDS Authentication is Enabled?

A.  When NDS Authentication is Enabled you should use the following syntax when prompted for the Username and Password:

USER:   ndsUser$ftpUser$ftpHost    
(example: admin.company$anonymous$ftp.novell.com)
note this assumes you use  $ as separator in step 3. above

PASSWORD:  ndsPass$ftpPass    
(example: NDSpassword$youremailaddress@company.com)
note this assumes you use  $ as separator in step 3. above

When using NDS Authentication a user must enter a fully distinguished NDS username

Q.  How do I use FTP proxy with a GUI FTP client like Hurrevac?

A.  You will use the same User and Password syntax discussed above to configure your  FTP client to use the FTP proxy. 

Example of Hurrevac2000   Internet Setup Panel
( File | Program Setup | General Setup... | Internet )

If Border Manager NDS Authentication is DISABLED

FTP Password:  youremailaddress@company.com   (See syntax question above for more information)
IP Address of your firewall:  192.168.0.1  (This is just an example - the private IP address of your BorderManager 3.0 server)
Firewall Logon User ID:  anonymous$hurrevac.com   (assumes you have $ as your separator in setup line 3. above

If Border Manager NDS Authentication is ENABLED

FTP Password:  ndsPass$youremailaddress@company.com    
(where ndsPass is your NDS Password)
note this assumes you use  $ as separator in step 3. above
IP Address of your firewall:  192.168.0.1  (This is just an example - the private IP address of your BorderManager 3.0 server)
Firewall Logon User ID:   ndsUser$anonymouse$hurrevac.com    
(where ndsUser is your NDS User ID)
note this assumes you use  $ as separator in step 3. above

Depending on how your Border Manager is set up, you may want to try  first checking the Hurrevac Internet Setup    NOT behind a firewall option and then if not successful, check the Behind a firewall option.      Likewise with the DISABLE Passive Connection checkbox until successful.

Source of this information is....

Check out the following link for the Novell web page on setting up FTP with Border Manager. BorderManager 3.0 FTP Application Proxy FAQ - TID10014040   at

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10014040.htm

Finally, Craig Johnson, an expert on Border Manager setup, advises us that setting up for FTP with BM requires that you  " will need FTP filter exceptions added, and dynamic NAT.  I suggest ... a port-pasv-ftp-st exception" .   For more detailed information on  Border Manager filtering issues see

http://www.craigjconsulting.com/filtbook.html