iSeries IP adress restruction

10 pts.
Tags:
AS/400
DataCenter
Intrusion management
Managed security services
Security
Tech support
Hi, is there a way to restrict access to iSeries by IP address? I need to configure something on iSeries to prevent one PC to access on our iSeries and think that best way is to restrict IP address of this PC. Please help.
ASKED: May 4, 2005  4:19 AM
UPDATED: June 2, 2005  11:48 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Easiest way to restrict access via IP is to use different subnets. put the PC you want to exclude into one subnet, and everything else into the other. Use subnet mask to allow everything other than the i-series access to both subnets, but restrict i-series access to only the main one.
eg. put everything except excluded pc into subnet xxx.xxx.10.xxx, put excluded PC into xxx.xxx.11.xxx, IP range for all PC’s including the excluded one should be
IP xxx.xxx.10.0 MASK 255.255.254.0
IP range for i-series should be
IP xxx.xxx.10.0 MASK 255.255.255.0
i-series will not then talk to xxx.xxx.11.xxx IP range.

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    Yes, for a number of years, OS/400 has had a form of native firewall. Access is through iSeriesNavigator (or Operations Navigator) from iSeries Access on your PC. In iNav, follow My Connections ->(your AS/400 icon) ->Network -> IP Policies -> Packet Rules. From there, you'll perhaps want to select Rules Editor from the right-click context menu. NOTE -- Be clear that you fully understand how to set up a set of rules before you activate. For example, there is a default DENY *ALL rule that is implied -- if you fail to include an accept-rule that allows others in at the bottom of your rules, even your iNav session connection will be immediately shut down as soon as you activate the rules. It's totally possible that your _only_ access will be through a twin-ax connection if you aren't careful. Study first, ask questions.
    125,585 pointsBadges:
    report
  • Dalibor
    [...] Rules ... It??s totally possible that your _only_ access will be through a twin-ax connection if ...http://itknowledgeexchange.techtarget.com/itanswers/iseries-ip-adress-restruction/&157&144d&220&132q ??&131 *&200&176&161&195&135JD &162&162&141&139 T &163&198&141&140 A&200&160 [...]
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following