× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2002

Re: How to securely connect to IIS outside the firewall.

Dave,

If IIS is your platform of choice for hosting Web applications, and the IIS
server is outside your network, and you want secure communication with
OS/400, then I'd recommend using SSL between your IIS application and the
OS/400 HTTP server.

The Windows wininet.dll supports SSL.  There may be an Active X wrapper
available somewhere.  Just open a secure connection and use the HTTP
functions within the wininet.dll to communicate with the OS/400 HTTP server.

I offer an OS/400 HTTP Server "plug-in" that provides a message service,
similar to MQ Series, but inexpensive.  It would handle the interface
between the OS/400 HTTP Server and your ILE programs.  Your ILE programs run
as server daemons.  They are started and ended via command.  They could
process transactions and return data to your IIS application.  Contact me
privately if you'd like to discuss the details.

This approach is a lot less complex then VPN, but equally secure.  Actually
it's probably more secure than VPN, because the service is limited to HTTP.
It's also a lot less expensive than MQ Series.

Thank you for your consideration,

Nathan M. Andelin
www.relational-data.com



----- Original Message -----
From: "Dave Murvin" <davem@drme.com>
To: <midrange-l@midrange.com>
Sent: Tuesday, February 05, 2002 6:32 PM
Subject: Re: How to securely connect to IIS outside the firewall.


> Thanks for all the suggestions.
>
> Jim,
> I had thought of mq-series, but they are currently in a "I don't want to
> spend any money" mode, but will keep it in mind.
>
> Nathan,
> I don't think that
> browser <==> IIS <==> OS/400
> would cut it.  If I can get them to bring the IIS server into the DMZ then
> we would have something like this:
> browser <==> firewall <==> IIS <==> firewall <==> OS/400
> This is what we would like to get to, but there are problems with
> supporting and staffing an internal 24x7 Corporate web server at this
time.
>
> James,
> I had read the Gartner report recommending that IIS not be used, but they
> seem to be in a "hear no evil, see no evil" mode in regards to Microsoft
> products.  I try to point things out to them, but it falls on deaf ears.
I
> think they pretty much keep up with the MS patches and the McAfee
antivirus
> updates.
>
> Pete,
> I had not thought about ASNA visual RPG, but it sounds like we would still
> be talking to an unsecure IIS server.  I will take another look at ASNA.
>
> Walden,
> I will ask about the VPN option since they do have that ability for
regular
> users to dial in.  Your suggestion to punch a hole through the firewall
> sounds like what they do for the Oracle data base access from IIS, the
> network guy says that this scares the heck out of him.
>
>
> At 04:35 PM 2/3/2002, you wrote:
> >I'm looking for any ideas on how I can connect to IIS or allow IIS to
> >connect to the AS/400.
> >
> >The problem is that the IIS server is currently hosted by an outside
> >provider and is outside the firewall.
>
> Dave Murvin
> DRM Enterprises, Inc.
> davem@drme.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.