friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8826eae394
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaja_5.4.0.1/rzajabpscenario.htm

129 lines
8.2 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Scenario: Basic business to business connection" />
<meta name="abstract" content="In this scenario, your company wants to establish a VPN between a client workstation in your manufacturing division and a client workstation in the supply department of your business partner." />
<meta name="description" content="In this scenario, your company wants to establish a VPN between a client workstation in your manufacturing division and a client workstation in the supply department of your business partner." />
<meta name="DC.Relation" scheme="URI" content="rzajascenarios.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajacompletetheplanningworksheets1a.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaconfigurevpnoniseriesa2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaconfigurevpnoniseriesc1a.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajaactivatepacketrules.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajastartconnection.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajatestconnection1a.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzajw/rzajwkickoff.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzajabpscenario" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Scenario: Basic business to business connection</title>
</head>
<body id="rzajabpscenario"><a name="rzajabpscenario"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Scenario: Basic business to business connection</h1>
<div><p>In this scenario, your company wants to establish a VPN between
a client workstation in your manufacturing division and a client workstation
in the supply department of your business partner.</p>
<div class="section"><h4 class="sectionscenariobar">Situation</h4><p>Many
companies use frame relay or leased lines to provide secure communications
with their business partners, subsidiaries, and vendors. Unfortunately, these
solutions are often expensive and geographically limiting. VPN offers an alternative
for companies who want private, cost-effective communications.</p>
<p>Suppose
you are a major parts supplier to a manufacturer. Since it is critical that
you have the specific parts and quantities at the exact time required by the
manufacturing firm, you always need to be aware of the manufacturer's inventory
status and production schedules. Perhaps you handle this interaction manually
today, and find it time consuming, expensive and even inaccurate at times.
You want to find an easier, faster, and more effective way to communicate
with your manufacturing company. However, given the confidentiality and time-sensitive
nature of the information you exchange, the manufacturer does not want to
publish it on its corporate Web site or distribute it monthly in an external
report. By exploiting the public Internet, you can easily establish a virtual
private network (VPN) to meet the needs of both companies.</p>
</div>
<div class="section" id="rzajabpscenario__objective"><a name="rzajabpscenario__objective"><!-- --></a><h4 class="sectionscenariobar">Objectives</h4><p>In
this scenario, MyCo wants to establish a VPN between a host in its parts division
and a host in the manufacturing department of one their business partners,TheirCo.</p>
<p>Because
the information these two companies share is highly confidential, it must
be protected while it travels across the Internet. In addition, data must
not flow in the clear within either company's networks because each network
considers the other untrusted. In other words, both companies require end-to-end
authentication, integrity, and encryption.</p>
<div class="important"><span class="importanttitle">Important:</span> The intent
of this scenario is to introduce, by example, a simple host-to-host VPN configuration.
In a typical network environment, you will also need to consider firewall
configuration, IP addressing requirements, and routing, among others.</div>
</div>
<div class="section" id="rzajabpscenario__scendetails"><a name="rzajabpscenario__scendetails"><!-- --></a><h4 class="sectionscenariobar">Details</h4><p>The
following figure illustrates the network characteristics of MyCo and TheirCo:</p>
<br /><img src="rzaja509.gif" alt="business to business network diagram" /><br /><p><strong>MyCo Supply Network</strong></p>
<ul><li>iSeries-A runs on <span class="keyword">OS/400<sup>®</sup></span> Version
5 Release 2 (V5R2) or later.</li>
<li>iSeries-A has an IP address of 10.6.1.1. This is the connection endpoint,
as well as the data endpoint. That is, iSeries-A performs IKE negotiations
and applies IPSec to incoming and outgoing IP datagrams and is also the source
and destination for data that flows through the VPN.</li>
<li>iSeries-A is in subnet 10.6.0.0 with mask 255.255.0.0</li>
<li>Only iSeries-A can initiate the connection with iSeries-C.</li>
</ul>
<p><strong>TheirCo Manufacturing Network</strong></p>
<ul><li>iSeries-C runs on <span class="keyword">OS/400</span> Version
5 Release 2 (V5R2) or later.</li>
<li>iSeries-C has an IP address of 10.196.8.6. This is the connection endpoint,
as well as the data endpoint. That is, iSeries-A performs IKE negotiations
and applies IPSec to incoming and outgoing IP datagrams and is also the source
and destination for data that flows through the VPN.</li>
<li>iSeries-C is in subnet 10.196.8.0 with mask 255.255.255.0</li>
</ul>
</div>
<div class="section" id="rzajabpscenario__configtask"><a name="rzajabpscenario__configtask"><!-- --></a><h4 class="sectionscenariobar">Configuration
tasks</h4><p>You must complete each of these tasks to configure the business
to business connection described in this scenario:</p>
<div class="note"><span class="notetitle">Note:</span> Before you start
these tasks verify the TCP/IP routing to ensure that the two gateway servers
can communicate with each other across the Internet. This ensures that hosts
on each subnet route properly to their respective gateway for access to the
remote subnet.</div>
</div>
</div>
<div>
<ol>
<li class="olchildlink"><a href="rzajacompletetheplanningworksheets1a.htm">Complete the planning worksheets</a><br />
</li>
<li class="olchildlink"><a href="rzajaconfigurevpnoniseriesa2.htm">Configure VPN on iSeries-A</a><br />
</li>
<li class="olchildlink"><a href="rzajaconfigurevpnoniseriesc1a.htm">Configure VPN on iSeries-C</a><br />
</li>
<li class="olchildlink"><a href="rzajaactivatepacketrules.htm">Activate packet rules</a><br />
</li>
<li class="olchildlink"><a href="rzajastartconnection.htm">Start connection</a><br />
</li>
<li class="olchildlink"><a href="rzajatestconnection1a.htm">Test connection</a><br />
</li>
</ol>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajascenarios.htm" title="Review these scenarios to become familiar with the technical and configuration details involved with each of these basic connection types.">VPN scenarios</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="../rzajw/rzajwkickoff.htm">TCP/IP routing and workload balancing</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink