× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Tim:
I think you have hit your 2 choices.
1.  Poke a hole in the firewall and only allow certain IP addresses to
access the port you assign to the AS2 server, or 2. put a box in the DMZ.
Basically the AS2 server is a web server, so how do you handle access to
your web server now?  Why not put the AS2 server on the same box, the web
server listens on port 80, the AS2 server listens on port 5080.

I suppose you could also outsource your AS2 communications, and then pick up
the data as if you were talking to a VAN.

Good luck.
cjg

Carl J. Galgano
EDI Consulting Services, Inc.
550 Kennesaw Avenue, Suite 800
Marietta, GA  30060
(770) 422-2995 - voice
(419) 730-8212 - fax
mailto:cgalgano@xxxxxxxxxxxxxxxxx
http://www.ediconsulting.com
AS400 EDI, Networking, E-Commerce and Communications Consulting and
Implementation 
http://www.icecreamovernight.com
Premium Ice Cream Brands shipped Overnight

"You ain't gonna learn what you don't want to know" - rw

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Hatzenbeler, Tim
Sent: Thursday, May 15, 2003 3:31 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: EDIINT AS2 


I only wish it was that simple... I approached our networking team, and said
the exact thing, open up port 5080 or whatever, and only allow 3 ip's to
connect to it, but they said the IP's could be spoofed, at then I told them
that the tool I use cleo's lexicom, and it will only process the data that
passes the digital certificate, and that still didn't convince them.

So I was thinking about placing this as2 in the DMZ but they don't like
having data exposed like that either.

Were in the health care field, and even though my transactions do not
include patient data, our network policy is very tight (which it should be)
so I'm stumped on how to make this work where everyone is happy, and at an
affordable cost.

tim

> -----Original Message-----
> From: Bob Cagle [SMTP:bcagle@xxxxxxxxxxx]
> Sent: Thursday, May 15, 2003 11:55 AM
> To:   Midrange Systems Technical Discussion
> Subject:      RE: EDIINT AS2 
> 
> Well, I have implemented AS2 strictly because of customer requirements 
> (read Wal-Mart!).  As I said before, we utilized Trailblazer's EDIINT 
> solution.  I don't claim to be a network expert (far from it 
> actually), but all I had to do was open up specific ports on my Cisco 
> firewall only for my trading partner's specific IP addresses to use 
> for this to work.
> 
> 
> I am not sure what you mean by it being a push only service - but if 
> your customers are requiring you to go to AS2, then your network 
> police are just going to have to figure out how to make it work, IMHO.
> 
> What is your application?  We are a manufacturer selling to retail.
> 
> Bob Cagle
> IT Manager
> Lynk, Inc.
> 8241 Melrose Drive
> Lenexa, KS  66214
> 913-492-9202 ext.41
> mailto:bcagle@xxxxxxxxxxx
> 
> 
> -----Original Message-----
> From: Hatzenbeler, Tim [mailto:thatzenbeler@xxxxxxxxxxxxx]
> Sent: Thursday, May 15, 2003 1:39 PM
> To: 'Midrange Systems Technical Discussion'
> Subject: EDIINT AS2 Question was RE: ARGH! Please make it STOP!
> 
> I was wondering, if anybody has experience with AS2,  I have been 
> asked to research it's viablity for our company, but it has one 
> glaring problem I can't get around.  AS2 seems to be a push only 
> service, so if I push data to
> our Trading Partner, I must then break the connection and wait for a
> reply,
> (here is the problem)  our network police has a zero toloerance when it
> comes to listening ports.  So I can't seem to figure out if I can make
> this
> technology work for us.  I was wondering if anyone else has implemented
> AS2,
> and how did they make their network police happy?
> 
> Tim
> 
> 
> 
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing 
> list To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
This e-mail message, including any attachments, is for the sole use of the
intended recipient(s) and may contain confidential or privileged
information.  Any unauthorized review, use, disclosure or distribution is
prohibited.  If you are not the intended recipient, please contact the
sender by reply e-mail and destroy the message.
_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.