× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I bet you are using LAN Console, and that is what is using the port.

Pete Massiello

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Pete Helgren
Sent: Friday, February 29, 2008 12:50 PM
To: Midrange Systems Technical Discussion
Subject: LAN Configuration - Questions and an issue

I have a customer that has an IXS running SBS 2003 that provides
firewall (and other) services to the internal network. This guy is
multi-homed (naturally) with a single external NIC and an internal NIC.
ISA 2004 manages proxy and firewalling. They have an i5 520 (power 5+)
running V5R4M0.

This works well but having a Windows machine between me and the internal
network is problematic since if it goes down (and it does go down) I
have no access to the internal network and therefore cannot get to the
System i to restart the IXS. So, we added more external IP's by
expanding the subnet and now I have 5 IP addresses I can assign to
various NIC's so I can externally manage the System i. So far so good.

My idea was to assign one external IP to an unused Ethernet port (T5 on
the back of the 520). They currently use T6 as the NIC for internal
access to the System i.

So, a couple of questions:

1. How should I best configure *this* Ethernet port so that it is locked
down for only Telnet SSL? It will have an external IP so I do want to
lock it down. Currently we have secure telnet running internally and
externally (through port mapping in ISA2004 using the T6 Ethernet port).
2. Is there an alternate method for accessing the 520 externally that
would be more secure? They would need to be ports that I can assign
"externally" to bypass the ISA 2004 firewall.

The problem:

Based on what I see in WRKHDWRSC *CMN and looking in SST, it appears
that the communications line resource is CMN19 (T6 is CMN20 which seem
to confirm that I have the correct resource). When I create an Ethernet
line using this resource and vary it on I get:

Message . . . . : Line ETHLINEBAK vary on
failed.



Cause . . . . . : The resource is already in use by object type . If
the
object name and type are blanks, either the resource is in use by
the
Dedicated Service Tools (DST), another client, or the data is not
available.
Recovery . . . : Do one of the
following:
--Vary off the object using the resource with the Vary
Configuration
(VRYCFG)
command.
--Use the active line instead of line ETHLINEBAK, if this is a
switched
connection or a local area network connection. This can be done by
changing
the controller description for the remote system to include the active
line
in its SWTLINLST parameter.

As far as I can see, the resource in NOT is use by another line so I can
only assume that I am using the wrong resource. WRKHDWRSC shows this
for CMN19:

Resource name . . . . . . . : CMN19
Text . . . . . . . . . . . . : Ethernet Port
Type-model . . . . . . . . . : 5706-001
Serial number . . . . . . . : 00-53967EA
Part number . . . . . . . . : 39J4251

Location: U787F.001.DPM09V2-P1-T5

Logical address:
PCI bus:
System bus 4
System board 0
System card 36


Any ideas as to why I get an error on varying on the line ?

Thanks,

Pete Helgren


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.