Jim/Tom,

Yes - connection goes to same Ethernet card on 400.  Not set for TCP only
(we use AnyNet).
Laptop has Zone Alarm, and I have tried disabling it for a quick test to
make sure it wasn't interfering with the connection.
Yes, I need to investigate  if my ISP is blocking any ports.

...Neil





thomas@inorbit.com
Sent by: midrange-l-admin@midrange.com
2002/01/03 21:53
Please respond to midrange-l


        To:     midrange-l@midrange.com
        cc:
        Subject:        Re: CA Express Map Network Drive over Internet


Has anybody out there investigated the implications of these IBM
documents? I'd be nervous about these settings without a few additional
precautions, and even then I'd wonder.

1) With those ports open, I'd want the traffic restricted to the iSeries
IP address, not allowing traffic to/from any other servers in my network.
(Seems odd restricting to the iSeries rather than the other way around.)
2) You'd want a Netserver 'guest' profile and definite restrictions on
what was shared.
3) I figure access to Netserver would have to be either by IP address or
an entry in the remote LMHOSTS file, rather than by Netserver system name.

Are those paranoid? Or are they not yet restrictive enough? It's right at
the fringe of my knowledge.

Tom Liotta


On Thu, 03 January 2002, "Jim Franz" wrote:

> Neil - is the wan connection over the same iSeries ethernet card as the
lan?
> There is an old warning about the "tcp-only" option in an ethernet line
> description  needing MF22323 ptf before setting this parm.
> If you haven't already checked all this, your wan router needs certain
ports
> specific to netserver. Info apar II12227 has a list of all the ports.
>
> http://www-912.ibm.com/n_dir/nas4apar.NSF/c79815e083182fec862564c00079d117/f
> cc664db54c4c549862568720047b5fd?OpenDocument&Highlight=2,ii12227
>
> if a firewall is involved, also check
> http://www-1.ibm.com/servers/eserver/iseries/clientaccess/cafirewl.htm (a
> little old but could
> be relevant)
>
> if vpn involved check info apar II11791
> http://www-912.ibm.com/n_dir/NAS4APAR.NSF/51d11a683a56a5cc862564c000763b23/a
> 7a17214ad50cc9d862567550029d287?OpenDocument
>
> hth
> jim franz






As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.