Download traffic_tool.tar.gz

Novell BorderManager provides Remote Access Solution through IPSec and IKE technologies. Administrators can define the networks to allow or deny access for specific users using iManager framework.

In BM 3.8 and BM 3.8 SP1 a traffic rule can contain multiple Destination Networks. But with later support packs a traffic rule can hold only one Destination network. The iManager framework restricts the administrator from adding more than one Destination network to a traffic rule. The Destination network can be either IP Address Range or a Network. So the Migration from BM 3.8 or BM 3.8 SP1 to Later Versions will have problems with Client-To-Site functionality. In the sense though the traffic rules are pushed to the client the networks cannot be accessed because of the technical constraint.

This tool will split the single rule with multiple networks into individual rules each containing a single network.


  1. Linux OS
  2. Perl 5.8 or above is installed in the machine.


  1. Unzip the file (tar -zxvf traffic_tool.tar.gz)s
  2. cd traffic_tool
  3. ./
  4. Enter the BM VPN Server IP
  5. Enter the BM VPN Server Port(Enter the clear text LDAP Port eg 389)
  6. Enter the administrator username
  7. Enter the administrator password
  8. Enter the Traffic rule name in the following format(This the Traffic rules in the Traffic Rules Tab in the iManager
    policyRuleName=<PolicyRuleName<,cn=VPN Rules,cn=<C2S Service Name>,<container>
    Example: policyRuleName=TheRule,cn=VPN Rules,cn=NovellC2S,o=novell

    Note: Make sure there is no space after the commas

  9. If you have more rules, enter y and enter the rules in the above format.
  10. You can retain the original rule or delete the original rule. Press ‘n’ if you do not want to retain the old rule.


The rule with multiple networks will be split and added as single rules with corresponding networks.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Categories: Cool Tools

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: kchendil
Jan 30, 2007
11:12 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow