Re: TCP/IP Connectivity Issue on V4R5
- From: gresham@xxxxxxxxx (David Gresham)
- Date: Wed, 21 Jun 2006 02:58:00 +0000 (UTC)
In article <44985f3d$0$715$5fc3050@xxxxxxxxxxxxxxxxxxxxxxxx>,
René H. Hartman <sorry@xxxxxxxxxxx> wrote:
Definitely looks like a routing issue. Why would you have a separate
route to the remote LAN if you're using the default route's next hop
anyway?
I thought this was odd, but since I was new to the AS/400 operating
system I believed the person who said that he thought it was needed.
You have to bear in mind that the PC's on the remote LAN originate their
traffic, haveng the AS/400 send the ack, while printer traffic is
originated from the AS/400.
I understand this.
Try pinging a Windows box's address. Chances are you can't. If it works,This was what I was doing. I could ping (from the AS/400) to
you should find out the difference between the definitions of the
Windows boxes and the printers.
the gateway device, internet and local subnet (192.168.130.0/24).
I wasn't able to ping anything on the remote subnet (192.168.5.0/24).
I went to a workstation on the 192.168.130.0 network and was able
to ping, and telnet to the jetdirect card on the 192.168.5.0/24
network.
Users from the 192.168.5.0/24 could connect to the AS/400
without issue.
I understand that the print traffic originates from the AS/400.
This VPN is a site-to-site tunnel between two firewalls.
What is interesting is that I see from the live log traffic
destined for the 192.168.5/24 network to the various printers
on port 515 (lpd).
Tonight I did a test to see what would happen if I temporarily
unplugged the AS/400 from the network and configure a workstation
with the IP address of the AS/400.
I found that on this machine were I could ping, telnet, etc to
the 192.168.5.0/24 network I was no longer able to.
The firewall on the .130.0 network allows all traffic between
the tunnels.
I'm working with the person who is configuring his firewall
on the remote network (192.168.5.0/24) and told him to
look at his firewall. It is odd that any other 130.x
address (other than .1 which is the 400) can talk
to the remote network.
Hopefully tommorow will be a better day, or I change the
AS/400's primary ip address to something other than .1
Dave
"David Gresham" <gresham@xxxxxxxxx> schreef in bericht
news:e77v78$mmc$1@xxxxxxxxxxxxxxxxxxxx
Have an AS/400 E Series machine Model 720 running V4R5.
We have a VPN tunnel between two locations. The local
network where the AS/400 is 192.168.130.x/24. The
remote network is 192.168.5.0/24.
the IP of the AS/400 is 192.168.130.1 and currently the
route table shows a default route of 192.168.130.2 and
has a route for the 192.168.5.0/255.255.255.0 network
with a next hope of 192.168.130.2.
Users from the remote site can log-in to the box.
However, they are unable to print jobs to printers on
their subnet.
Using netstat I see the connections that are being made.
However, If I try to ping the ip address of one of these I
get no reply.
If I go to a Windows XP machine that is on the 192.168.130.x
network and ping this address I get a reply. I am also able
able to connect to any device on the remote network(192.168.5.x).
I do not see any port restrictions on the AS/400. I am
new to the AS/400 world, however I do have a good understanding
of TCP/IP.
Dave
.
- References:
- TCP/IP Connectivity Issue on V4R5
- From: David Gresham
- Re: TCP/IP Connectivity Issue on V4R5
- From: René H. Hartman
- TCP/IP Connectivity Issue on V4R5
- Prev by Date: Re: printf does not work properly from RPG
- Next by Date: Re: TCP/IP Connectivity Issue on V4R5
- Previous by thread: Re: TCP/IP Connectivity Issue on V4R5
- Next by thread: CPF3772 with GO SAVE option 21
- Index(es):
Relevant Pages
|
