× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



> When you say that the iseries can log in thru the vpn client, what do
> you mean?
Did not mean "iSeries log in".
A user on iSeries can ping both dsl router and T1 router.
A remote user using Cisco vpn can log in to vpn service & ping the "inside"
addr of dsl router 10.10.10.11
jim
----- Original Message ----- 
From: "Chris Payne" <CPayne@xxxxxxxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Sent: Thursday, April 28, 2005 12:29 PM
Subject: RE: dsl dilemna


> When you say that the iseries can log in thru the vpn client, what do
> you mean? I was picturing the remote client making a vpn connection to
> the DLS router, is there some kind of vpn service that you are using?
>
> -----Original Message-----
> From: midrange-l-bounces@xxxxxxxxxxxx
> [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jim Franz
> Sent: Thursday, April 28, 2005 11:45 AM
> To: Midrange Systems Technical Discussion
> Subject: Re: dsl dilemna
>
> >If you post the routing table of the AS/400 and the client that might
> help.
>
> I just sent this to Bellsouth,
> (There is only 1 lan switch - everything plugs into it)
> Bellsouth T1 router/firewall 10.10.10.12  ethernet     -->       lan
> switch
> Bellsouth NetVPN router 10.10.10.11    ethernet   -->        lan switch
> IBM iSeries server           10.10.10.10    ethernet  --->        lan
> switch
> HP Printer                       10.10.10.5     ethernet  ---->
> lan
> switch
> HP Printer                        10.10.10.1    ethernet  -->
> lan
> switch
> other fixed ip devices must be in range 10.10.10.1 thru 10.10.10.99
> many pc's                    10.10.10.100 - 10.10.10.150 ethernet -->
> lan
> switch
>
>
> The Bellsouth T1 router is providing NAT & DHCP for local pc's to surf
> internet
>       The DHCP pool for local pc's is 10.10.10.100 thru 10.10.10.150
> The iSeries is both file/application server & web server
>
> The iSeries default gateway is 10.10.10.11 and 2nd gateway is
> 10.10.10.12
> The iSeries can ping both gateway addresses
> Log in thru vpn client, can ping it's own inside address 10.10.10.11,
> but
> nothing else
> on 10.x.x.x lan
> Firewall is only blocking ports for inbound originated traffic.
>
> iSeries interfaces
> Internet         Subnet           Interface
> Address          Mask             Status
> 10.10.10.10      255.0.0.0        Active
> 70.151.59.xxx    255.0.0.0        Active
> 127.0.0.1        255.0.0.0        Active
> Routes:
> Route            Subnet           Next
> Destination      Mask             Hop
> *DFTROUTE        *NONE            10.10.10.11
> *DFTROUTE        *NONE            10.10.10.12
> tia
> jim
> ----- Original Message ----- 
> From: "Chris Payne" <CPayne@xxxxxxxxxxxxxxx>
> To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
> Sent: Thursday, April 28, 2005 11:08 AM
> Subject: RE: dsl dilemna
>
>
> > Jim,
> > It is absolutely possible for a host on a 10.x.x.x network to
> > talk to a host on a 172.16.x.x network. The 2 things that might be a
> > problem are routing and security.  If there is a firewall between your
> > AS/400 and your client, it might be happily throwing away every packet
> > you send (note that an access list on your dsl router might be doing
> > that). The other problem is routing, if host A can talk to router B,
> and
> > host C can talk to router B, but A cannot talk to C then B is not
> > routing the packets correctly.
> >
> >
> > What I would do is try a ping and tracert from AS/400 to router,
> > and from client to router. Then call bellsouth and have them log into
> > the DSL router and ping your AS/400 and your client.  If all of those
> > test work then I would strongly suspect that it is something the DLS
> > router is failing to do (either blocking with an access list or
> failing
> > to route properly). If you post the routing table of the AS/400 and
> the
> > client that might help.
> >
> > chris
> >
> > -----Original Message-----
> > From: midrange-l-bounces@xxxxxxxxxxxx
> > [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jim Franz
> > Sent: Thursday, April 28, 2005 10:21 AM
> > To: Midrange Systems Technical Discussion
> > Subject: Re: dsl dilemna
> >
> > >What does the routing table look like on your dsl router?
> >
> > dsl router belongs to Bellsouth & I have no access to it.
> >
> > Is is possible for a 400 to be accessed by a user w/ a 172.16.x.x
> > address thru a router with a 10.x.x.x address. My route on 400 cfgtcp
> > to the 10. address. I did try adding a 172.16 address to the iSeries,
> > and
> > a route, but that did not solve it (and have now removed it).
> > jim
> > ----- Original Message ----- 
> > From: "Chris Payne" <CPayne@xxxxxxxxxxxxxxx>
> > To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
> > Sent: Thursday, April 28, 2005 10:07 AM
> > Subject: RE: dsl dilemna
> >
> >
> > > 2 things, the first might just be nitpick, but 172.x.x.x is not all
> > > valid private address it needs to be 172.16.0.0 through
> > 172.31.255.255.
> > > from your description of what is going on is sounds like a routing
> > > problem on your dsl router. Packets make it as far as the router,
> but
> > > then disappear. What does the routing table look like on your dsl
> > > router?
> > >
> > > -----Original Message-----
> > > From: midrange-l-bounces@xxxxxxxxxxxx
> > > [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jim Franz
> > > Sent: Thursday, April 28, 2005 9:53 AM
> > > To: MIDRANGE-L@xxxxxxxxxxxx
> > > Subject: dsl dilemna
> > >
> > > Customer has added a vpn access to local lan to get to iSeries.
> > > Remote pc can log into vpn (Cisco client), and even ping the dsl
> > > router's inside address 10.10.10.11
> > > Cannot ping iSeries 10.10.10.10 or any other 10.x.x.x device.
> > > iSeries has a *dftroute route to the 10.10.10.11 dsl router and can
> > > ping it. I'm no network expert, but had someone else attempt
> > > vpn and he says dsl router is natting user a 172.x.x.x address.
> > > Is this the problem? We had asked the nat pool to be to 10.10.10.70
> > thru
> > > 90,
> > > but Bellsouth tech gets quiet when i say "nat pool".
> > > btw-There is a separate router/firewall for T1 into same lan switch.
> > > jim
> > > -- 
> > > This is the Midrange Systems Technical Discussion (MIDRANGE-L)
> mailing
> > > list
> > > To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > > or email: MIDRANGE-L-request@xxxxxxxxxxxx
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/midrange-l.
> > >
> > >
> > > -- 
> > > This is the Midrange Systems Technical Discussion (MIDRANGE-L)
> mailing
> > list
> > > To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> > > To subscribe, unsubscribe, or change list options,
> > > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > > or email: MIDRANGE-L-request@xxxxxxxxxxxx
> > > Before posting, please take a moment to review the archives
> > > at http://archive.midrange.com/midrange-l.
> > >
> >
> > -- 
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> > list
> > To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request@xxxxxxxxxxxx
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
> >
> > -- 
> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> > To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> > or email: MIDRANGE-L-request@xxxxxxxxxxxx
> > Before posting, please take a moment to review the archives
> > at http://archive.midrange.com/midrange-l.
> >
>
> -- 
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
> list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>
>
> -- 
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.