|
Sorry in advance for the length of the message, but I wanted to help clear this up......... If the AS/400 is defined as the answering system, then the dialing system cannot dictate itself to be part of an existing network attached to the 400. In the example the local ethernet address of 192.168.1.100 (mask of 255.255.255.0) was defined to be used as the local address for the PPP connection. It sounds like the remote address on the 400 PPP profile was defined to be DYNAMIC, which means the dialing side will tell us what the remote address should be. This is ok UNLESS the remote address they want is part of an existing network attached to the 400. In the example the remote system wanted address 192.168.1.1, which is part of the same 192.168.1.100 ethernet network and is not allowed. The joblog for the PPP answer profile would have a message posted like 'REMOTE IP ADDRESS 192.168.1.1 NOT ALLOWED ON EXISTING NETWORK 192.168.1.0'. This is not allowed because it is not good practice (and could be dangerous) to have dialing systems dictate addresses that are part of an existing network. Say the dialing system wanted 192.168.1.1 but 192.168.1.1 is already defined to some other host on the ethernet network, maybe a critical server. There could be all kinds of problems that could now arise with two hosts on the network with the same address. As an administrator you would have little/no control over the addresses being defined. With that being said it is very desirable to allow dialing systems to look like they are part of an existing network behind the 400 to allow them access to resources on the network. The way to do this though is to have the answering AS/400 profile dictate the addresses to the dialing system. This puts all control in the hands of the administrator on the 400 to manage the addresses they are allowing. All that needs to be done to do this is to: 1) Configure the dialing system to have it's IP addresses to be defined by the remote system (the 400 in this case). No static addresses. 2) The 400 would then be defined with the local address as the ethernet ifc (192.168.1.100) and the remote could then be defined as 192.168.1.1. The remote PC could then dial in and be given an address of 192.168.1.1. You would still have to ensure 'IP forwarding' is turned on for the system (CHGTCPA) and also enabled for the answer profile to allow the PC to access other hosts on the 192.168.1.0 network. In V4R4 there is support for remote IP address pools so this could be extended for multiple incoming calls to where multiple 192.168.1.x addresses could be given out. There is also support to give out a specific IP address for a specific remote user (Route Specified option on TCP/IP settings page on OpNav since V4R2), if that is desired. Authentication is required for Route Specified remote addressing to have a username to match on. This method also does allow you to define a mask for the remote system and can also add additional routes to systems behind the remote system if you desire. Hope that helps clear it up..... Regards, Mark ------------------------- Mark Bullock, AS/400 TCP/IP Development Endicott, NY ---------------------- Forwarded by Mark Bullock/Endicott/IBM on 12/15/99 08:14 AM --------------------------- Jerome Draper <jdraper@wco.com> on 12/14/99 06:50:17 PM Please respond to MIDRANGE-L@midrange.com To: MIDRANGE-L@midrange.com cc: Subject: RE: PPP dialup and IP numbers I think this will solve my problem (thanks Ray Peterson): That's your problem. The 192.168.1.x subnet is defined for your ethernet, and cannot also be your ppp. I'm assuming you have a subnet mask on the ethernet of 255.255.255.0. Somebody owns the 1.1.1.1 address, so you definitely shouldn't be using it. You should just use one of the public address ranges - I use the 172.20.x.x subnet. If you are using 255.255.255.0 as your subnet mask on the ethernet, then you could use 192.168.2.1 and 192.168.2.2 on the ppp for example. I know that the following ranges are labeled as private by RFC 1918 and are available to you. 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 Ray At 05:33 PM 12/14/1999 -0500, you wrote: >When you dial in and fail you'll have a job log under the name of the >profile. Examine it and see where the failure is occurring. It's >probably on adding a route. What sort of routing parms have you set >anyway? If the connection appears to go active but you can't "see" the >other end, check NETSTAT and see what routes and masks have been added >that relate to this link - there should be just one with the IP address >for the remote and a mask of *HOST (255.255.255.255). The IP address for >the PC that you enter under DUN and what you enter for the remote IP >address on the OPs Nav don't have to be the same. If you see the >connection in the 400 netstat try ping the PC. This should tell us if >the routing problem is from the 400 or the PC end. > >TrailBlazer Systems, Inc. >http://www.as400ftp.com >AS/400 Communications & E-Commerce Solutions > >Chaos, panic, & disorder - my work here is done. > >> -----Original Message----- >> From: Jerome Draper [SMTP:jdraper@wco.com] >> Sent: Tuesday, December 14, 1999 1:12 PM >> To: MIDRANGE-L@midrange.com >> Subject: Re: PPP dialup and IP numbers >> >> One more element is that the ethernet adapter on the AS/400 is set to >> 192.168.1.100 >> >> Jerry >> >> At 09:04 PM 12/13/1999 -0500, you wrote: >> >Jerry, what are you using for a mask? 255.255.255.0? >> > >> >_______________________ >> >Booth Martin >> >boothm@earth.goddard.edu >> >http://www.spy.net/~booth >> >_______________________ >> > >> > >> > >> > >> >Jerome Draper <jdraper@wco.com> >> >Sent by: owner-midrange-l@midrange.com >> >12/13/1999 08:19 PM >> >Please respond to MIDRANGE-L >> > >> > >> > To: midrange-l@midrange.com >> > cc: >> > Subject: PPP dialup and IP numbers >> > >> >I got the RS232 com port on a mod 170 configured for PPP dialup via >> OOPS >> >NAV (thanks everyone). The com port on the AS400 is 192.168.1.111 >> and the >> >PC I'm using for dialup is 192.168.1.110. Strangely, it doesn't work >> but >> >when I change the AS400 com port to 1.1.1.1 and the PC to 1.1.1.2 it >> works >> >fine. >> > >> >What gives? >> > >> Jerry Draper, Trilobyte Software Systems, since 1976 Specializing in connecting PC's, Windows, MAC's, and LAN's to the AS/400 Representing Synapse, Apple, IBM, UDS, Nlynx, MI, Perle, Netsoft, etc. (415) 457-3431; (415) 258-1658fax; jdraper@wco.com +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +--- +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
