|
Currently we have an internal LAN, a WAN on its own LAN for only four other "stand alone" pcs connected up to corp. So these are completely separate. The thought was to have two network cards in the iSeries, and keep the LAN's separate. Truthfully with regards to corp gaining access to the iSeries, I do not want them to see or run anything, All I want is to be able to ftp a file from their mainframe that they are un-willing to let me get to in any way other then the WAN. But is sounds mostly like a security set-up, then a "config" set-up to "hide" our iSeries. Thanks for the info. -----Original Message----- From: midrange-l-admin@midrange.com [mailto:midrange-l-admin@midrange.com]On Behalf Of Dr Syd Nicholson Sent: Wednesday, April 17, 2002 10:33 AM To: midrange-l@midrange.com Subject: Re: AS/400 on two IP schemes Is your current IP scheme on a different LAN to the new IP scheme? If they are on the same LAN you will have problems limiting them to their own IP address range. An iSeries network card can have more than one IP address/network mask, but somebody on the "external" LAN will still have access to your "internal" IP addresses. Better to have two network cards in the iSeries, and two separate LANs/WANs As far as restricting use of the machine. Use OS/400 security as far as possible. How much you can achieve will depend upon the requirements of any applications you use. You might also want to consider an exit point security product if you cannot use OS/400 security for any reason. Syd Nicholson Mark A. Manske wrote: >Hello IP wizards and security gurus; > >I looked over the archives, but did not see what I was looking for - >We have our AS/400, and all related devices set-up to a certain >IP scheme, we have been sold, and corporate wants now to place >our AS/400 on their WAN, my issue is I do not want them to see >anything else, and even on the AS/400 I only want to give that >nic card access to one library, and absolutely nothing else. > >Can anyone assist me where to look as to how to set-up >something like this (which books do I need to read) > >And can I lock it down this tight? > >TIA > >Mark A. Manske >Fleming CSD - Plymouth Division >Sr. Project Lead >Phone (763) 545-3700 extension 273 >Web Site http://www.minter-weisman.com >E-Mail mailto:mmanske@minter-weisman.com > _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@midrange.com To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l or email: MIDRANGE-L-request@midrange.com Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.