89 lines
5.8 KiB
HTML
89 lines
5.8 KiB
HTML
|
<?xml version="1.0" encoding="utf-8"?>
|
||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
|
||
|
<head>
|
||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
||
|
<meta name="dc.language" scheme="rfc1766" content="en-us" />
|
||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
||
|
<!-- US Government Users Restricted Rights -->
|
||
|
<!-- Use, duplication or disclosure restricted by -->
|
||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
||
|
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
|
||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
|
||
|
<meta name="security" content="public" />
|
||
|
<meta name="Robots" content="index,follow"/>
|
||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
||
|
<title>Plan for Universal Connection</title>
|
||
|
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
|
||
|
<link rel="stylesheet" type="text/css" href="ic.css" />
|
||
|
</head>
|
||
|
<body>
|
||
|
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
|
||
|
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
|
||
|
|
||
|
|
||
|
<a name="beforestart"></a>
|
||
|
<h2 id="beforestart">Plan for Universal Connection</h2>
|
||
|
<p>You need to make some decisions before running the Universal Connection
|
||
|
wizard. During the configuration process, you are asked to choose the type
|
||
|
of connection you want to use for IBM® customer support. That decision depends
|
||
|
on your network and accessibility to the Internet from your iSeries™ server. With
|
||
|
NAT-compatible IPSec, iSeries servers support a connection even when there is
|
||
|
an intervening NAT firewall. Support for HTTP and HTTPS allow connections
|
||
|
through most firewalls and through customer- or IBM-supplied proxies.</p>
|
||
|
<p>Consider the following points before you select a Universal Connection
|
||
|
configuration scenario:</p>
|
||
|
<ul>
|
||
|
<li>Your hardware, software, and network configuration:
|
||
|
<ul>
|
||
|
<li>If your server is not on a network, or is only on a private network and
|
||
|
has a modem, you may want to select the <span class="bold">A dial-up connection
|
||
|
using the AT®&T Global Network Services</span> option. This option provides you
|
||
|
with a secure dial-up connection to IBM services and support and all data is protected
|
||
|
using a VPN or SSL.</li>
|
||
|
<li>If your system or partition has access to a partition, system, or HMC
|
||
|
that has a modem, you can configure that system with the <span class="bold">Connect through another system or partition </span>option using a remote AT&T
|
||
|
Connection.</li>
|
||
|
<li>If your server has direct access (broadband with a fixed IP address or
|
||
|
LAN with a globally routable IP address) to the Internet (without an intervening
|
||
|
firewall), or if your server has a private IP address but can access the Internet
|
||
|
through a firewall using NAT, you can select the <span class="bold">A direct connection to the Internet</span> option. This is the recommended option,
|
||
|
as it allows for the fastest, most secure access to IBM services and support.</li>
|
||
|
<li>If you have an Internet service provider (ISP) that your server dials
|
||
|
into and acts as a connecting point for other servers or partitions, you may
|
||
|
want to select the <span class="bold">A connection using an Internet
|
||
|
Service Provider</span> option. This option supports a secure connection to IBM services
|
||
|
and support at the same time and over the same dial-up connection that is
|
||
|
currently used by your iSeries server to access the Internet.</li>
|
||
|
<li>If your server is located on a private network, does not have a global
|
||
|
IP address, and has access to a router or server that allows the iSeries server to
|
||
|
establish a connection to the Internet through an ISP, select the <span class="bold">A multi-hop connection to the Internet </span>option.</li>
|
||
|
<li>In addition to one of the above configurations, if your enterprise
|
||
|
contains an HTTP proxy or you configure a Service and Support proxy on one
|
||
|
or more of your logical partitions, you can also configure so that service
|
||
|
applications that support HTTP and/or HTTPS proxies can use these proxies.</li></ul>
|
||
|
<a name="wq9"></a>
|
||
|
<div class="notetitle" id="wq9">Note:</div>
|
||
|
<div class="notebody">You can configure both a primary and a backup
|
||
|
configuration and a primary and a backup proxy.</div></li>
|
||
|
<li>Your company's network security policy</li>
|
||
|
<li>Setting packet rules: You need to ensure that the Universal Connection
|
||
|
traffic is allowed through your firewall. For details, see <a href="packetff.htm#packetff">IP Packet Filter Firewall</a>.</li>
|
||
|
<li>SOCKS security: You need to ensure that none of the Universal Connection
|
||
|
traffic gets directed through a SOCKS server. See the <a href="../rzab6/csocks.htm">Client SOCKS support</a> topic for more information.</li>
|
||
|
<li>Domain Name Server (DNS): When possible, the service applications
|
||
|
will use a DNS to look up service destination addresses. This allows for additional
|
||
|
fault tolerance. This being the case, we encourage you to make your DNS available
|
||
|
to the appropriate iSeries servers using the CHGTCPDMN CL command.</li></ul>
|
||
|
<a name="wq10"></a>
|
||
|
<div class="notetitle" id="wq10">Note:</div>
|
||
|
<div class="notebody">Some configuration is required when using an
|
||
|
HMC modem to connect to IBM through an i5/OS™ partition, or when having an HMC connecting
|
||
|
to IBM through an i5/OS partition's VPN or modem connection. For further
|
||
|
information, see <a href="../icbase/ipha5/settingup.htm" target="_blank">Setting up your service
|
||
|
environment</a> in the IBM Systems Hardware Information Center.</div>
|
||
|
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
|
||
|
</body>
|
||
|
</html>
|