I hate to say it but the Novell client is a kluge. We spent quite a bit of
effort to get it working with SC and the results have been marginal at
best. The client was designed with the assumption that the it would always
be a short distance away from the server. High-latency links that involve
numerous levels of encapsulation, such as VPN, give the client fits. That
said, and if you really must have the functionality, here are some tips...
* use an external DHCP server -- the built-in DHCP server doesn't support
the needed Novell options. If you don't have an external DHCP server then
you need to define a static Scope and Directory Agent list on each client
machine.
* to address the issues imposed by the broadband/dial-up link + VPN:
"IP Address Costing" = 0
-- the default of ICMP ECHO sucks bandwidth on WAN links
"SLP Maximum Transmission Unit" = 1350
* to get around the fact that the VPN link doesn't pass traffic immediately
after it is established:
"Give Up on Requests to SAs" > 30 seconds
"Bad Server Name Cache Enabled" = Off
"Wait Before Giving Up On DA" > 30 seconds (60 seconds for a dial-up
connection)
Please be aware that these changes will impact Novell Client performance
when it is directly connected to the LAN.
Hope this helps.
Jim Hofbauer
Network Engineering
The Regence Group
[EMAIL PROTECTED]
alz3k3
<[EMAIL PROTECTED]
ET> To
Sent by: "Mailing [EMAIL PROTECTED]
list for INT.COM
discussion of cc
Firewall-1"
<FW-1-MAILINGLIST Subject
@AMADEUS.US.CHECK [FW-1] SC and NDS
POINT.COM>
09/27/2004 06:56
PM
Please respond to
"Mailing list for
discussion of
Firewall-1"
<FW-1-MAILINGLIST
@AMADEUS.US.CHECK
POINT.COM>
|---------------|
| [ ] Secure |
| E-mail |
|---------------|
Are there any users out there who run SecureClient with Novel Directory
Services? I'm having issues passing on the Service Locator Protocol
parameters within the Office Mode DHCP service. Officially, this is not
supported by Check Point but I'm wondering if anyone else has run into this
issue and what was done to make this work.
Thanks in advance.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
==============================================================================
IMPORTANT NOTICE: This communication, including any attachment, contains information
that may be confidential or privileged, and is intended solely for the entity or
individual to whom it is addressed. If you are not the intended recipient, you should
delete this message and are hereby notified that any disclosure, copying, or
distribution of this message is strictly prohibited. Nothing in this email, including
any attachment, is intended to be a legally binding signature.
==============================================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
