|
Good afternoon: I just bought an AS/400 with V5R1 that I am going to install on my home network via an ethernet connection. I'm trying to figure out how to allow access to this system from the internet via my Linksys router. I know that I have to set up a default route entry on the AS/400. I know that there are probably several ways to accomplish this, but my environment is somewhat complicated. I have searched the archives here and I have looked on the Linksys site, but I haven't found a definitive answer to my questions. Here is my scenario: I have RoadRunner cable modem service and I am using the Linksys model BEFW11S4 wireless router to allow the PC's on my home network (all nine of them-ok, I'm a geek) to reach the internet. One of these PC's is currently running FTP server software, and is exposed to the internet using the router's DMZ host option. I want to keep this FTP server PC exposed to the internet, and at the same time want to expose my AS/400 to the internet so that I can access it remotely via a telnet connection thru Client Access or Rumba. I am concerned about security at this point, but not paranoid. I know that some of you are probably going to scream about security, but I am willing to take my chances that someone could hack the system. After all, it is MY playground. I plan to change the passwords to the IBM-supplied profiles, but I could also use some pointers about what else needs to be locked down on the AS/400 when it is exposed to the internet. All I initially plan to do from the internet is telnet 5250 emulation and possibly FTP. What I really am trying to figure out is how I can expose BOTH my AS/400 AND my FTP server to the internet at the same time. I guess I could go into the router configuration and manually change the address used by DMZ between the PC and the AS/400, but I would like to figure out how to enable both at the same time. The router also has port forwarding. Here are my questions: 1) It is as simple just specifying the AS/400's IP as the DMZ host and then use port forwarding on the router to forward the FTP (ports 20 & 21) to the PC FTP server's IP? 2) Should I replace the router with a true firewall? Will this let me do multiple DMZ's? If so, is there a low-priced or free firewall package that is fairly easy to setup and administer to replace or supplement my Linksys router? I have a copy of Linux and an extra PC (6 more in the garage) that I can load Linux on in order to run firewall software if necessary. 3) Besides changing the passwords for the IBM-supplied profiles, what else do I need to do to secure my AS/400 system when exposed to the internet? Which services should I start/NOT start with STRTCPSVR to help protect the system from outside attacks? 4) Does anyone have any experience in this area that you are willing to share? 5) Does anyone have any web links that would be beneficial? 6) Are there any questions that I should have asked that I didn't? Thanks in advance for your help... Steve Landess Austin, Texas
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
