• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

XP connection to AS 400 through VPN

XP laptop with  VPN to network
Can ping all machines on network except AS 400
Any ideas?
0
rsexchange
Asked:
rsexchange
  • 8
  • 6
2 Solutions
 
heathcote123Commented:
is the default gateway on the as400 set?
0
 
rsexchangeAuthor Commented:
What do you mean by on the set?
0
 
kaerezCommented:
Is the vpn configured to bypass nat ?
Did you add a rule to allow access from vpn to the lan/server?
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
heathcote123Commented:
Have you entered a default gateway into the as400 ? (I believe in as400 its usually referred to as the default route.)

The default gateway should be set to the the internal address of your vpn device.

Its quite likelly not to be configured if the AS400 has not needed internet access.
0
 
rsexchangeAuthor Commented:
Yes
Like I said can get to all windows based machines inside.
But can  not get to AS 400
0
 
heathcote123Commented:
what is the mindelay value of the def route?
0
 
rsexchangeAuthor Commented:
Also all machines inside get to AS 400
0
 
heathcote123Commented:
Yes, that is exactly what would happen if your default route on the as400 was not configured correctly.

Can you show the as400 routing table?

Another thing - does the VPN device accept pings to the inside interface? - if the as400 can't ping it, the route will not get initialised correctly.
 
0
 
rsexchangeAuthor Commented:
You'll have to excuse this question, but I am an AS 400 Dummy.
From where I am now I can access the as 400 through the graphical access program
What command will let me try to ping the router, and how can I see if the gateway is setup on the as 400?
0
 
rsexchangeAuthor Commented:
It has next hop set as direct
This should be the router  ip address correct?
0
 
heathcote123Commented:
to ping it just do:

ping x.x.x.x (where x.x.x.x is the vpn device - probably what your windows machine have their default gateway set to)

on the as400 you need to go (from some kind of shell/command prompt)

go cfgtcp  then select option 2 (work with tcp/ip routes) - what does the *dftroute entry show ?

If you are not comfortable working with the as400, it might be best you ask whoever is responsible for its admin. I know very little about the as400 side - but had exactly this problem with it when setting up a vpn.

0
 
heathcote123Commented:
yes next hop should be the router ip
0
 
heathcote123Commented:
and type of service (if it shows) should be standard, not 'mindelay'
0
 
rsexchangeAuthor Commented:
Thank you
That fixed it.
Great site
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now