Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

How to set a firewall policy for a Novell server using IPX protocol

Created: 23 Jan 2013 • Updated: 10 Feb 2013 | 2 comments
This issue has been solved. See solution.

Hello i am trying to set a firewall policy that will allow traffic between 2 novell servers that we have on our third floor.  I have 6 pcs that are trying to access the servers but cannot because of the firewall.  Turn off the firewall and you can see the servers with no problems.

I have the MAC addresses of the two novell servers and the IP addresses of the six users pcs that need to connect.  when setting the new policy - i am confused between the choices of "source/destination" vs. "local/remote" buttons.  I read the info symantec had on source/destination and local/remote but am still confused as to what the difference is.  can anyone tell me "IN LAYMAN'S" terms what the differences are and when to use them.

In my situation with 2 novell servers and communication with 6 other pcs - do i use local/remote option or the source/destination option?

can you check my screenshot to make sure i am setting this up right?

thanks so much.

Comments 2 CommentsJump to latest comment

.Brian's picture

You can try this:

Inbound Novell IPX frames ETHERNET [type=0xE0E0] are filtered by SEP Firewall policy

Article:TECH155349  |  Created: 2011-03-11  |  Updated: 2011-08-22  |  Article URL http://www.symantec.com/docs/TECH155349

Than add the network service from the service list when creating the rule

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SOLUTION
SebastianZ's picture

Here is a good thread describing differences between source-destination and local -remote:

https://www-secure.symantec.com/connect/articles/c...

Basically source destination specifies the flow of the traffic - in your case setting a rule for source = 2 novell servers and destination = 6 users PC -> it would allow traffic going out from novell servers to users PCs but not the other way round. To have incoming traffic allowed you would require a second rule.

Local -remote works for traffic both ways - so as per your screenshot the local -remote set rule should allow traffic both ways.