Has anybody out there investigated the implications of these IBM documents? I'd be nervous about these settings without a few additional precautions, and even then I'd wonder. 1) With those ports open, I'd want the traffic restricted to the iSeries IP address, not allowing traffic to/from any other servers in my network. (Seems odd restricting to the iSeries rather than the other way around.) 2) You'd want a Netserver 'guest' profile and definite restrictions on what was shared. 3) I figure access to Netserver would have to be either by IP address or an entry in the remote LMHOSTS file, rather than by Netserver system name. Are those paranoid? Or are they not yet restrictive enough? It's right at the fringe of my knowledge. Tom Liotta On Thu, 03 January 2002, "Jim Franz" wrote: > Neil - is the wan connection over the same iSeries ethernet card as the lan? > There is an old warning about the "tcp-only" option in an ethernet line > description needing MF22323 ptf before setting this parm. > If you haven't already checked all this, your wan router needs certain ports > specific to netserver. Info apar II12227 has a list of all the ports. > > http://www-912.ibm.com/n_dir/nas4apar.NSF/c79815e083182fec862564c00079d117/f > cc664db54c4c549862568720047b5fd?OpenDocument&Highlight=2,ii12227 > > if a firewall is involved, also check > http://www-1.ibm.com/servers/eserver/iseries/clientaccess/cafirewl.htm (a > little old but could > be relevant) > > if vpn involved check info apar II11791 > http://www-912.ibm.com/n_dir/NAS4APAR.NSF/51d11a683a56a5cc862564c000763b23/a > 7a17214ad50cc9d862567550029d287?OpenDocument > > hth > jim franz > > ----- Original Message ----- > From: "Neil Palmer" <NeilP@DPSlink.com> > > > Yes - have all that OK. The same laptop will access Service Pack images > > from the AS/400 fine when attached to the local LAN. When connected > > remotely via Cable Modem over Internet it won't. -- Tom Liotta The PowerTech Group, Inc. 19426 68th Avenue South Kent, WA 98032 Phone 253-872-7788 Fax 253-872-7904 http://www.400Security.com ___________________________________________________ The ALL NEW CS2000 from CompuServe Better! Faster! More Powerful! 250 FREE hours! Sign-on Now! http://www.compuserve.com/trycsrv/cs2000/webmail/
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.