Everyone,

Well, as promised I just tried the UC at V5R2 through a non-Cisco (actually used a Sonicwall) router/firewall with NAT.

1) Just out of paranoia I set the access rules to allow the three UDP ports only from and to the IBM address and the iSeries.
2) I didn't delete any of the old dial-up connections and just ran the wizard three times (1-ECS, 2- ESA, 3-Info Center Update).
3) The wizard created one new connection, QTOCL2TP, and.......it tested OK!!!! The confirmation window of the wizard, at the bottom had a line that said "Virtual Private Networking: IPsec through NAT has been enabled." Also, on the connection tab of the connection it gives the IBM IP address. Unless the wizard needs the three ports enabled in the router/firewall this is another place to find that address.
4) I tried SNDPTFORD SF98520 and advancing ESA's transmission without any errors, or phone lines lighting up.


Now the only thing to confirm is if the dial-up connections will be used as a backup should the internet be down. I am not going to check this out with a production system, which is all I have access to now.

Roger

On 4/21/2004 8:10 PM, Roger Vicker, CCP wrote:

Vern,

As I read the Knowledge Base document (and I am using a Sonicwall) all I have to do is set the three UDP ports as allowed traffic in and out. No port mapping was mentioned in the section about "Direct Connection". It might be a security plus to keep it restricted to the IBM address in the document and the internal address.

I will probably try this next week after the latest cume and the specific PTF are applied by the weekend IPL.


-- *** Vicker Programming and Service *** Have bits will byte *** www.vicker.com *** The problem is not if machines think, but if people do.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.