× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. April 2001

RE: VPN thru NT to the AS/400

  • Subject: RE: VPN thru NT to the AS/400
  • From: "David Wright" <dwright2@xxxxxxxxxxxxxxx>
  • Date: Mon, 23 Apr 2001 11:30:05 -0700
  • Importance: Normal
 
The solution in your scenario is 'out-of-the-box' Microsoft NT/RAS.  All you
need to do is configure NT RAS to support VPN, and your users will be able
to access anything on the network, including the AS/400.  Of course, you
will need the NT/RAS server to be available on both your LAN (internal) and
WAN (external/broadband) networks.

There will be no configuration changes to the AS/400 itself.  As far as it
is concerned, the user is coming from the internal network.

If you start seeing performance problems, you might need to dedicate an NT
Server to RAS/VPN, or even setup multiple RAS/VPN Servers.  If you plan on
having more than 10-20 simultaneous users, then you might want to consider a
hardware VPN Solution which are more expensive and harder to
configure/manage, but ultimately more reliable and quicker than overloading
RAS/VPN Servers.

If you have any specific questions or problems, just let me know,
Hope this helps,
David


-----Original Message-----
From: owner-midrange-l@midrange.com
[mailto:owner-midrange-l@midrange.com]On Behalf Of Synapse
Communications, Inc.
Sent: Monday, April 23, 2001 4:34 AM
To: MIDRANGE-L@midrange.com; corbett@asresources.com]
Subject: RE: VPN thru NT to the AS/400


On our web-site there is a pdf document on how to set up VPN.  It
located at: http://www.synapse.com/customer/BridgingTheGap/btg12.pdf

You don't have to be a customer of ours; or using our sotware to get to
this.  So if it will do you any good or you just want to look at it
your more than welcome.  We've always felt that the VPN connection was
more secure than SSL plus you don't have to get certificate, etc.

-- Jim
Synapse Communications, Inc.


> I have been asked to investigate the setup of VPN to access a company
> AS/400.
>
> We've been using RAS thru an NT server to access the corporate Lan, then
CA
> to work with the AS/400.  This gives pretty good security, since the
dial-up
> is a one-to-one connection.  Due to increasing usage and more and more
> programmers and employees with high-speed internet access, management
would
> like to set up a VPN for programmers and users to access the AS/400.
>
> I have a fairly good idea of how to set this up, if the NT box were not in
> between the internet and the AS/400, but the NT server adds an element of
> "the unknown" into the mix. (at least unknown to me)
>
> Is this an entirely NT solution we're talking about, or has something got
to
> be done on the AS/400 side?  In other words, is it VPN to the Lan, the
> normal stuff to get from there to the AS/400?
> Does this give a secure access method to the AS/400, at least as as far as
> telnet normally transferring userids and passwords "in the clear"?
> Should we set up SSL on the 400?
> Any VPN configuration to do on the AS/400?
> Any other special considerations on the 400 side?
>
> AS/Resources, Inc.
> William A.(Tony) Corbett
> IBM Certified Specialist - AS/400 Developer
> http://www.asresources.com
> corbett@asresources.com
>
>
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator:
> david@midrange.com
> +---
> +---
> | This is the Midrange System Mailing List!
> | To submit a new message, send your mail to MIDRANGE-L@midrange.com.
> | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
> | To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
> | Questions should be directed to the list owner/operator:
david@midrange.com
> +---
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator:
david@midrange.com
+---

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.