Remote access to IBM i
Last Post 04 Mar 2013 06:16 PM by Rocky Marquiss. 3 Replies.
AddThis - Bookmarking and Sharing Button Printer Friendly
  •  
  •  
  •  
  •  
  •  
Sort:
PrevPrev NextNext
You are not authorized to post a reply.
Author Messages
Darlene Dangel
New Member
New Member
Posts:34

--
27 Feb 2013 03:27 PM

We have an IBM Power 6 that we are not allowed to connect to the internet.  It is on an internal LAN with a firewall.  Also using the firewall we have an external LAN with servers that must connect to the internet, i.e. email.

Currently, we have a remote office that is using a local internet connection to VPN to a server that is on the external network.  Then they use remote desktop to a PC with IBM i Access.  Clearly, this is pretty clumsy.    

We would like to come up with a better solution, short of having a dedicated secure connection.  If it is not obvious, I have no networking experience, so be kind ;)

What options do we have?  IBM i Access for the Web sounds promising, but won't we have to open the i up to the internet to use that?

I truly value and appreciate your advice.  Thank you!

Emmanuel
Veteran Member
Veteran Member
Posts:819

--
27 Feb 2013 04:06 PM

The easiest, IMHO, would be to change the VPN currently being used by the remote office to terminate on the internal network instead of the external network.

By doing that, users in the remote office would essentially be on the internal network.

Cheers,

Emmanuel

Scott Klement
Editorial Staff Member
Editorial Staff Member
Posts:16399
Avatar

--
27 Feb 2013 05:12 PM

I agree with Emmanuel... that's pretty much what everyone does...  and is really the purpose behind VPNs, to allow secure access to a network that's behind a firewall. 

What's the point of connecting with a VPN to an external network?!  (I'm assuming external means "outside of firewall, and therefore not secured.")

You could use IBM i Access for web, but...  that's basically the same thing as providing public access via the internet to your box.  Though, I guess you could lock it down with SSL and user certificates, but even so, a VPN is going to be more secure and more versatile.

Rocky Marquiss
Senior Member
Senior Member
Posts:2909

--
04 Mar 2013 06:16 PM
Set up a VPN tunnel between the two networs - that gives you a secure tunnel between them. Many routers will allow you to do this - or you can put a Linux box at each end with VPN. As already stated - the purpose of VPN is to provide a secure tunnel between two networks over an untrusted network.
You are not authorized to post a reply.

Acceptable Use Policy