× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. April 2002

Re: AS/400 on two IP schemes

You have 2 thing to trake care of here.

1: giving access only to the AS/400 from the WAN.
2: restrict the access to certain libraries on the AS/400

problem 2 is the simplest to explain: uses resource security, I mean
only grant the require autority to the outside users (I supposed that
they use a separate user ID)

I will try to explain how I would solve problem 1:
-Suppose the IP range of your lan is : 192.168.1.0 (255.255.255.0)
-Suppose your router address is something like: 10.10.100.1
(255.255.255.0)
-The you wold give your AS/400 2 IP address like: 192.168.1.1 and
10.10.100.2
-You would set the default route on your AS/400 as 10.10.100.1
-You would also make sure that the default route on your other devices
is not the router address

This way, only the AS/400 has access to the WAN and vice versa


Denis Robitaille
Directeur services techniques
Cascades Inc
819 363 5187


>>> mmanske@minter-weisman.com 04/17/02 09:56am >>>
Hello IP wizards and  security gurus;

I looked over the archives, but did not see what I was looking for -
We have our AS/400, and all related devices set-up to a certain
IP scheme, we have been sold, and corporate wants now to place
our AS/400 on their WAN, my issue is I do not want them to see
anything else, and even on the AS/400 I only want to give that
nic card access to one library, and absolutely nothing else.

Can anyone assist me where to look as to how to set-up
something like this (which books do I need to read)

And can I lock it down this tight?

TIA

Mark A. Manske
Fleming CSD - Plymouth Division
Sr. Project Lead
Phone      (763) 545-3700 extension 273
Web Site  http://www.minter-weisman.com
E-Mail      mailto:mmanske@minter-weisman.com




_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.