ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaja_5.4.0.1/rzajaconfigureapppconnection.htm

108 lines
8.0 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task" />
<meta name="DC.Title" content="Configure a PPP connection profile and virtual line on iSeries-A" />
<meta name="DC.Relation" scheme="URI" content="rzajaremoteuser.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaconfigurevpnoniseriesa3.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaapplythecodeppp.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzajaconfigureapppconnection" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Configure a PPP connection profile and virtual line on iSeries-A</title>
</head>
<body id="rzajaconfigureapppconnection"><a name="rzajaconfigureapppconnection"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Configure a PPP connection profile and virtual line on iSeries-A</h1>
<div><div class="section"><p>This section describes the steps you must take to create the PPP
profile for iSeries-A. The PPP profile has no physical line associated with
it; instead, it uses a virtual line. This is because the PPP traffic tunnels
through the L2TP tunnel, while VPN protects the L2TP tunnel.</p>
<p>Follow
these steps to create a PPP connection profile for iSeries-A:</p>
</div>
<ol><li><span>In <span class="keyword">iSeries™ Navigator</span>,
expand iSeries-A<span class="menucascade"><span class="uicontrol"></span> &gt; <span class="uicontrol">Network</span> &gt; <span class="uicontrol">Remote Access Services</span></span>.</span></li>
<li><span>Right-click <span class="uicontrol">Originator Connection Profiles</span> and
select <span class="uicontrol">New Profile</span>.</span></li>
<li><span>On the <span class="uicontrol">Setup</span> page, select <span class="uicontrol">PPP</span> for
the protocol type.</span></li>
<li><span>For Mode selections, select <span class="uicontrol">L2TP (virtual line)</span>.</span></li>
<li><span>Select <span class="uicontrol">Initiator on-demand (voluntary tunnel)</span> from
the <span class="uicontrol">Operating mode</span> drop-down list.</span></li>
<li><span>Click <span class="uicontrol">OK</span> to go to the PPP profiles properties
pages.</span></li>
<li><span>On the <span class="uicontrol">General</span> page, enter a name that identifies
the type and the destination of the connection. In this case, enter <samp class="codeph">toCORP</samp>.
The name you specify must be 10 characters, or less.</span></li>
<li><span>Optional: Specify a description for the profile.</span></li>
<li><span>Go to the <span class="uicontrol">Connection</span> page.</span></li>
<li><span>In the <span class="uicontrol">Virtual line name</span> field, select <span class="uicontrol">tocorp</span> from
the drop-down list. Remember that this line has no associated physical interface.
The virtual line describes various characteristics of this PPP profile; for
example, the maximum frame size, authentication information, the local host
name, and so on. The <span class="uicontrol">L2TP Line Properties</span> dialog box
opens.</span></li>
<li><span>On the <span class="uicontrol">General</span> page, enter a description
for the virtual line.</span></li>
<li><span>Go to the <span class="uicontrol">Authentication</span> page.</span></li>
<li><span>In the <span class="uicontrol">Local host name</span> field, enter the
host name of the local key server, <samp class="codeph">iSeriesA</samp>.</span></li>
<li><span>Click <span class="uicontrol">OK</span> to save the new virtual line description
and return to the <span class="uicontrol">Connection</span> page.</span></li>
<li><span>Enter the remote tunnel endpoint address, <samp class="codeph">205.13.237.6</samp>,
in the <span class="uicontrol">Remote tunnel endpoint address</span> field.</span></li>
<li><span>Select <span class="uicontrol">Requires IPSec Protection</span> and select
the dynamic-key group you created in previous step <a href="rzajaconfigurevpnoniseriesa3.htm">Configure VPN on iSeries-A</a>, <samp class="codeph">l2tptocorp</samp> from
the <span class="uicontrol">Connection group name</span> drop-down list.</span></li>
<li><span>Go to the <span class="uicontrol">TCP/IP Settings</span> page.</span></li>
<li><span>In the <span class="uicontrol">Local IP address</span> section, select <span class="uicontrol">Assigned
by remote system</span>.</span></li>
<li><span>In the <span class="uicontrol">Remote IP address</span> section, select <span class="uicontrol">Use
fixed IP address</span>. Enter <samp class="codeph">10.6.11.1</samp>, which is the
remote system's IP address in its subnet.</span></li>
<li><span>In the routing section, select <span class="uicontrol">Define additional static
routes</span> and click <span class="uicontrol">Routes</span>. If there is no
routing information provided in the PPP profile, then iSeries-A is only able
to reach the remote tunnel endpoint but not any other system on the 10.6.0.0
subnet.</span></li>
<li><span>Click <span class="uicontrol">Add</span> to add a static route entry.</span></li>
<li><span>Enter the subnet, <samp class="codeph">10.6.0.0</samp>, and the subnet mask, <samp class="codeph">255.255.0.0</samp> to
route all 10.6.*.* traffic through the L2TP tunnel.</span></li>
<li><span>Click <span class="uicontrol">OK</span> to add the static route.</span></li>
<li><span>Click <span class="uicontrol">OK</span> to close the Routing dialog box.</span></li>
<li><span>Go to the <span class="uicontrol">Authentication</span> page to set the
user name and password for this PPP profile.</span></li>
<li><span>In the Local system identification section, select <span class="uicontrol">Allow
the remote system to verify the identity of this system</span>.</span></li>
<li><span>Under <span class="uicontrol">Authentication protocol to use</span> select <span class="uicontrol">Require
encrypted password (CHAP-MD5)</span>.In the Local system identification
section, select <span class="uicontrol">Allow the remote system to verify the identity
of this system</span>.</span></li>
<li><span>Enter the user name, <samp class="codeph">iSeriesA</samp>, and a password.</span></li>
<li><span>Click <span class="uicontrol">OK</span> to save the PPP profile.</span></li>
</ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajaremoteuser.htm" title="In this scenario, you learn how to setup a connection between a branch office host and a corporate office that uses L2TP protected by IPSec. The branch office has a dynamically assigned IP address, while the corporate office has a static, globally routable IP address.">Scenario: Protect an L2TP voluntary tunnel with IPSec</a></div>
<div class="previouslink"><strong>Previous topic:</strong> <a href="rzajaconfigurevpnoniseriesa3.htm">Configure VPN on iSeries-A</a></div>
<div class="nextlink"><strong>Next topic:</strong> <a href="rzajaapplythecodeppp.htm">Apply the l2tptocorp dynamic-key group to the toCorp PPP profile</a></div>
</div>
</div>
</body>
</html>