× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Dear Tony,

Here is the reason why the CA PC5250 sessions are working correctly in your
VPN network. The following information was pulled from a remote printing
white paper we wrote about a year ago.

<Why the TN5250E Protocol Works Well in VPN Networks>

The TN5250E protocol is a reverse telnet protocol. This means that the
client is responsible for initiating a connection with a host server. This
is the same philosophy that is applied to web browsing. Once the target
server is contacted, it opens a TCP/IP socket connection to the client that
has contacted it and sends responses to client queries as necessary. This
network connection process is fully compatible with firewalls, proxy
servers, and VPN tunnels.

Connections that are established from a host towards a client are typically
unable to penetrate firewalls and proxy servers and are therefore not always
appropriate to certain VPN network configurations.

<end white paper info>

The port numbers (256 through 1024) that IBM gave you are actually internal
to your AS/400 or iSeries host TCP/IP stack port numbers. These are the
ports that OS/400 will check to find a method to send your data out of the
IBM host. It will be attempting to reach port 515 at the IP address
specified in your OS/400 OUTQ definition. The usual problem is that the IBM
host can only see one or two public IP addresses at the far end of the VPN
tunnel which are not the target printer. It is therefore never able to
establish the remote printer connection.

Client Access, other third party products that offer equivalent TN5250E
protocol support, and multi-protocol print servers for individual printers
that support the TN5250E protocol should all work very well in the VPN
environment you have described in your post.

Our company put together an AS/400 based wide area network VPN
implementation that supported about 50 demonstration rooms where IBM AS/400
and iSeries printing could be shown to potential customers. The TN5250E
protocol was used for all non-IPDS print sessions and display sessions
activated in all the demo rooms. The network ran without problems since it
was installed over one year ago. Currently we have taken the network down
temporarily to retire an AS/400 model 600 and replace it with an iSeries
model 270. We'll probably reactivate the whole network in about 5 or 6 weeks
from now.

HTH

Best Regards,

/Paul
--
Paul Tykodi
National Product Manager
Intermate US, Inc.

p: 603.431.0606 x115
f: 603.436.6432
paul@intermate-us.com
www.intermate.com

>From: "William A.\(Tony\) Corbett" <corbett@ASRESOURCES.COM>
>To: "MIDRANGE-L@midrange. com" <MIDRANGE-L@midrange.com>
>Subject: IP printing on a remote printer
>Date: Fri, 26 Jul 2002 09:29:48 -0400
>Reply-To: midrange-l@midrange.com
>
>Hi all,
>
>I'm trying to configure a printer on a "remote lan" which is connected to
>our system via T1 connection.  We're using the 192.168... internal ip
range,
>the remote location is using the 10... ip range.
>The remote users (10..) are connecting fine via CA Express, so the CFGTCP
>stuff is OK.
>I've got a remote printer set up, it'll go to SND mode, but never prints on
>the other end.
>
>Problem is in the routers, I believe.  Supportline says:
>On both routers...ensure that ports 515 and 256 thru 1024 are OPEN, these
>HAVE to be OPEN.
>
>My remote folks say "I can't, and I won't, open the ports you listed....you
>are asking me to open a hole the size of Europe in our router/firewall".
>This is an affilate company, so we don't "own" them and can only be so
>forceful.
>
>Do I really need this many ports open or can I slim the required open ports
>down to something they can accept.
>
>Any advice is really appreciated.
>
>TIA
>
>AS/Resources, Inc.
>William A.(Tony) Corbett
>IBM Certified Specialist - AS/400 Developer
>http://www.asresources.com
>corbett@asresources.com
>770-587-4812 (office)
>678-935-5006 (mobile)
>fax:  404-663-4737



As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.