Re: FW-1: Questions about DHCP and IPX

["Jason L. Snowden" <Jason.Snowden () f-15 wpafb af mil>]

> also be able to reach a server on the internal LAN via IPX.  Will FW-1 allow
DHCP 
> through it and can IPX be tunneled through the firewall?  

Well, I would suggest (and I'll probably get flamed for this) that your
customer consider BorderManager, as I assume they are running Netware.  For
those who don't know, BorderManager is Novell's Firewall/Proxy/WebCache
solution.  If can packet-filter IPX/SPX, RIP, SAP, NCP, NetBIOS, TCP/IP, 
(even Appletalk), perform NAT, remote access, multiprotocol and WAN routing,
be an IPX to IP gateway, restrict Internet access by NDS user object, perform
proxy caching services, http acceleration, and 128 bit Virtual Private
Networking. It is a powerful piece of software combined with Netware5, which
will have DHCP built in, and BorderManager not only allows IPX through, but it
allows rules to be set on SAP/RIP/NLSP etc.  It also goes without saying that
it integrates completely with your current NDS-based Novell environment, and
is managed via Netware Administrator (aka single point of admin). 

*.02*
Jason L. Snowden, CNE-4.11

P.S. I don't know if this affects you or not, but FW1 has quite a bit of
Iraqi-written code in it, and the source code for it was recently published in
the Gov't/Mil circles, so exploits will be soon to follow surely.  It has been
banned for use by Government installations for these reasons.  They seem to
have a problem with a firewall which was written by a nation hostile to the
United States. No clue why. ;)