1.  Home
  2. MIDRANGE-L
  3. May 2003

RE: Need TCP-IP guru advice - 2 networks, 1 firewall

On any PC on the firewall side, (172.24.x.x), add a TCP/IP route.  Command
is:
"route add 172.22.0.0 mask 255.255.0.0 172.24.1.1 metric 1" (without quotes)

Now try to ping 172.22.1.1, the other side of your AS400.  Now try to ping a
pc in the 172.22.x.x subnet and try to ping that pc from the 172.24.x.x
network.

What firewall are you running?  You may contact me privately if you do not
want to pass too much info to the public.  I really think that your fire
wall does not know about 172.22.x.x network or how to reach it via the as400
172.22.1.1 interface and that is where you need to update your
configuration.

Chris Bipes
chris.bipes@xxxxxxxxxxxxxxx


-----Original Message-----
From: Jim Essinger

Chris (and all),

I'm not sure I understand your suggestion.  The firewall participates as a 
host on ring/network 1, along with about 15 PCs and the AS400.  The 5 or so 
PCs that can't talk to the firewall (or any host on ring/network 1) exist 
on ring/network 2, along with the NIC in the AS/400.  If the PC's could 
ping each other between networks, then I would already have it made.

I seem to remember at V4R5 that I was able to set data gram forwarding by 
line, and able to use the AS/400 as a passive router.  I have lost that 
ability, though I don't know how or why.

Topology looks something like this:

-----------------
|                    |
|  AS/400      |   TR Card 1 (172.24.1.1) --> PC's -->  Firewall 
(172.24.1.10) --> More PCs
|                    |
|                    |   TR card 2 (172.22.1.1)  -------> PC's
(172.22.***.***)
------------------

Is there something on the PC that needs to know about the other 
network?  Something in the hosts file?  Or entries in the DNS on the AS/400 
to point to the firewall??  I know that TR Cards need to know about each 
other and have a path to forward traffic.

I have done this before on this machine at an earlier release.  What a pain!

Thanks for your suggestions - any more??

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.