I guess the best security is like you say. Only run sftp server when I need to use it.

Yes it is windows and FileZilla (With firewall active) can connect to the sftp server but the IBMi can’t. ??

Jay


On Aug 12, 2020, at 6:09 PM, Don Brown via MIDRANGE-L <midrange-l@xxxxxxxxxxxxxxxxxx> wrote:

What you have done seems correct.

On the router I would lock the port forward down to the outside address of
the IBMi which will provide basic security. I would only have the sftp
server running when you want to use it also for security.

So you can ping from the IBMi to the outside address of your router - Good

You have a port forwarding rule for port 22 to the ip address of your
laptop forwarding to port 22

Your laptop sftp server is listening on port 22

Have you checked Windows firewall on the laptop ? (presuming it is a
Windows laptop)

I use a similar set up for upgrading cisco routers remotely and just
remove the port forwarding when I am done and it works reliably.

Cheers

Don






From: "Jay Vaughn" <jeffersonvaughn@xxxxxxxxx>
To: "Midrange Systems Technical Discussion"
<midrange-l@xxxxxxxxxxxxxxxxxx>
Date: 13/08/2020 02:05 AM
Subject: allow IBMI to access sftp server on laptop
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxxxxxxxx>



I have an sftp server on my laptop deployed.
I can use filezilla to connect to the sftp server.

Before I go any further, I was never schooled much in the way of
tcp/networking connectivity.
so...
I can ping my local ip address from my IBMi lpar.
But cannot ping my private lan ip address from my IBMi lpar.

What do I need to do to to allow access to my private lan ip address?
I accessed my lan router and ensured port 22 was open enabled for in/out
traffic.
Also on that router, I setup up a port forwarding rule using my lan ip
address and specifying port 22.

still no luck.

tia

Jay
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
______________________________________________________________________





______________________________________________________________________
This email has been scanned for computer viruses. Although MSD has taken reasonable precautions to ensure no viruses are present in this email, MSD cannot accept responsibility for any loss or damage arising from the use of this email or attachments.
______________________________________________________________________
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.