I understand what you're saying. Remember what NAT does... it lets you use one public IP address to be shared amongst many computers. The "normal" way of doing things in TCP/IP is one address per network interface (which is usually one per computer). So NAT is trying to "fool" the Internet into thinking that there's only one computer connected.
For outgoing connections, it's not a problem. It sees a connection request from an internal IP address, so it knows what the specific internal IP address is. It maintains a table that associates that IP address with a given connection.
For outgoing data, however, there's a bigger problem. someone on the Internet has requested a connection to the public Internet IP address. Which computer behind the NAT firewall should it go to? If there are many, how can it know which computer to route it to?
The answer is that you configure your NAT router to tell it. Connections on port 23 go to IP address x.x.x.x, connections on port 80 go to ip address y.y.y.y, etc. You have to specify exactly where a given port should be routed.
Some routers have a way of setting up a "default machine" (or DMZ machine) so any incoming connection request is routed to a particular machine by default, regardless of port number.
So you need to have NAT turned on. And you either need to set up your iSeries as the default machine for incoming connections, or you need to map the particular ports that you want to use (23=telnet, 21=ftp, 25=smtp, 80=http, etc) to go to the iSeries.
Hope that makes sense.
Shannon ODonnell wrote:
I don't disagree with you.
But with Nat turned ON, I was not able to get to the iSeries.
Granted, it's probably because of some other combination of things I have
set up that required me to turn NAT off to make it work...but there you go.
I hate working with the networking side of things. I do it so infrequently
that I never remember from one year to the next what I did on some previous
setup to make it all play nice together.
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Monday, June 02, 2008 12:23 PM
To: Midrange Systems Technical Discussion
Subject: Re: Using iSeries As Router
Perhaps this is a silly question, but... why do you have NAT turned off? Seems to me that NAT is pretty much required in your scenario, unless you have only one computer behind the router (but that doesn't sound like the case...)
Shannon ODonnell wrote:
Maybe a dumb question.but when it comes to networking, I am pretty
I recently got a new Wireless-N router (Linksys) to replace an older
My old network looked like this:
- ISP Modem
To - Belkin Router
iSeries to Belkin Router
PC's to Belkin Router
By turning NAT off on the Belkin (wouldn't work with NAT enabled), I was
able to get to my iSeries using both an internal IP address and an
IP address (from the outside world).iSeries
To achieve that, I defined a *DFTROUTE on my iSeries that pointed to the
Belkin router and then I created two interfaces, one with an external IP
address (that was a child of the ISP Modem's static IP address) and the
other interface was an internal IP address.
With my new Wirless-N router, I tried that same setup (only pointing the
*DFTROUTE to the new router IP address) and now I cannot get to the
through an outside IP address. I can still get to it internally (with anew
internal IP address interface), but not through the external IP address.that
Turning NAT off on this router makes no difference in this setup.
I cannot figure out the right combination of settings on the new modem
will allow me to point an external IP address to the iSeries such that Ican
access it outside the network.wondering
I also tried doing port forwarding and setting up the iSeries outside the
DMZ. Didn't work.
So. my question is. I have two Ethernet cards in my iSeries. I'm
if I could set my network up so that the ISP Modem goes directly into myturning
iSeries (which would put it completely outside of the local router) and
then, using the other Ethernet card, pass all local PC traffic in and out
through the Wireless-N router and then through the iSeries and out to the
internet that way.
Is it possible to use the iSeries in this manner? In effect, I'd be
it into a router (sort of).this
I don't even know what I'd have to configure on the iSeries to achieve
or if it's even possible.
Anyone ever tried this?
This mailing list archive is Copyright 1997-2015 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact