After going through the configuration for port restriction on an old 170
@ V5R3M0, you cannot specify the IP address along with the port, just
the port / user so that will not work.

IP Sec if very tricky to configure. You have to open all the necessary
IP/ports cause once you start IP sec, the default rule denies all that
is not explicitly opened. I don't know if you can restrict an IP/PORT
to a user there either.

I would skip starting the native POP server until after Notes is
started. Make is a procedure to end the Native POP server if Notes has
to be restarted, then restart the native POP server.

Good Luck,



Chris Bipes
Director of Information Services
CrossCheck, Inc.


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Friday, March 07, 2008 11:48 AM
To: Midrange Systems Technical Discussion
Subject: RE: Binding the i5/os POP server to a particular address.

Which user are you talking about registering in the IP sec? QTCP and
QNOTES or all the clients?
Where do you add these IP sec restrictions?

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





"Chris Bipes" <chris.bipes@xxxxxxxxxxxxxxx>
Sent by: midrange-l-bounces@xxxxxxxxxxxx
03/07/2008 02:13 PM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
"Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
cc

Subject
RE: Binding the i5/os POP server to a particular address.






Well when you want to run two different POP server, yes it does matter.
First question, do you need the native i5O/S POP server running if you
have the Domino POP server running? If no, just end the Native one,
else use IP sec restrictions to restrict access to IP address / Port for
the different user profiles for the different application on the same
port.




Chris Bipes
Director of Information Services
CrossCheck, Inc.


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Friday, March 07, 2008 10:47 AM
To: Midrange Systems Technical Discussion
Subject: RE: Binding the i5/os POP server to a particular address.

No. It matters a whole hell of a lot. I try accessing Domino's POP
server but the freaking i5/os POP server has bound to all interfaces.
I'd rather the i5/os pop server only bind to the interface for i5/os and
not to all the IP addresses reserved for Domino.
I try this command
TELNET RMTSYS(NOTES01.DEKKO.COM) PORT(110) and find out the only user
id's and passwords that are valid are i5/os user id's and passwords.
And NETSTAT *CNN shows port 110 (pop) bound to all addresses and not
just my i5/os interface.
Connection identification:
Remote host name . . . . . . . . . . . . . . :
Remote internet address . . . . . . . . . . : *
Remote port . . . . . . . . . . . . . . . . : *
Local host name . . . . . . . . . . . . . . . :
Local internet address . . . . . . . . . . : *
Local port . . . . . . . . . . . . . . . . : pop3
Associated user profile . . . . . . . . . . . : QTCP


This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].