I have an AS/400 on our internal network (192.168.2.250). I can connect to it via telnet just fine, when on the internal network, from any client. We have a DSL internet connection with a single external IP (207.x.x.x) and a Linksys router. I have forwarded TCP port 80 on the Linksys router to a Windows Web Server (internal 192.168.2.100), and it works perfectly.
I similarly want to be able to connect via telnet to the internal AS/400 from the internet. I have forwarded TCP port 23 on the Linksys router to the AS/400 (192.168.2.250), but am unable to connect. I get the message "Could not open connection to the host, on port 23: Connect Failed".
My *DFTROUTE on the AS/400 is set with the appropriate Gateway address (192.168.2.1). I do not have any other Routes specified on the AS/400. No other routing or forwarding is set up on the Linksys.
I have stopped and restarted the TCP services, checked connectivity and pings, and confirmed there are no problems with Telnet since internally it works fine. I have tried adding additional routes on the AS/400, but removed them when they did not work.
I have tried everything I can come up with to connect via telnet externally, but have been entirely unsuccessful. Any help would be greatly appreciated.
Since connection is possible from the same subnet, authorities _ought_ to be already correct. Also, the error is "Connect failed" meaning it's more closely related to communications rather than authorities (probably). However, the error is _not_ "Connect rejected" or "Unable to connect", which would more likely indicate either that the server wasn't active or that the port itself was blocked perhaps by a router/external firewall, i.e., the packets were not received and acknowledged by the server. I can't recall circumstances resulting in the text "Connect failed", but that could just be memory failure of mine.
treellc:
Okay, then it's likely an AS/400e system and 'reasonably' current.
OpsNav = Operations Navigator, or nowadays I think it might be iSeries Navigator. This is the GUI administration client that allows access to more advanced functions than are easily available through a pure terminal session. Numerous functions can only be done on green-screen by API calls. OpsNav has builtin functions that call the APIs according to the options you click.
The big example for you would be access to the IP Security firewall and logging functions. By turning on packet logging (packet journaling), you could review journal entries to know what packets are actually arriving at port 23 on the AS/400. I've never looked into what's required to configure and enable logging through the green-screen though it's certainly possible.
But it does need to be installed on a PC if it isn't already on a local PC, and then, of course, it needs to be configured to know where the AS/400 is on your network.
Further, in order to be installed on the PC, either the install CD needs to be found or it has to have been previously loaded to the AS/400 (or other local server). Nothing unusual there.
OpsNav is a component packaged into Client Access. If on the AS/400, you should be able to find it in a Windows Network Neighborhood share under the AS/400 in a share named QCA400. This share is broadcast by default if the Windows network component on the AS/400 is started. To start it, use:
==> strtcpsvr *netsvr
And of course, in order for that to succeed, the NetServer function must be configured for your Windows domain. And of course, in order to configure it easily, you'd use OpsNav.
Which means you'd start from the CD shipped with the system for Client Access.
Which means you hope for the CD or for a previously correct NetServer configuration.
There was a set of NetServer green-screen tools that could be downloaded from IBM. They were put together mostly to provide demo code for the NetServer APIs but worked well enough to let you get some basics going. I'll see if I can track it down in case you can't get OpsNav installed any other way.
Tom