AS/400e. Networking PPP connections

AS/400e Networking PPP connections

AS/400e Networking PPP connections

Copyright International Business Machines Corporation 1998, 2000. All rights resered. US Goernment Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

Contents Part 1. PPP connections....... 1 Chapter 1. What s new for V4R5.... 3 Chapter 2. Print this topic....... 5 Chapter 3. Planning your PPP connections............. 7 PPP software and hardware requirements.... 7 Choosing a mode for your PPP connection profile.. 8 Switched line............. 8 Leased line.............. 9 Virtual line (L2TP)........... 9 Choosing the type of line serice for your PPP connection............... 10 Line pool.............. 11 Multiple-connection profile support..... 11 CHAP and PAP authentication for PPP..... 13 Chapter 4. Configuring your PPP connections............ 15 Configuring a PPP connection profile...... 15 Setting properties for PPP connection profiles.. 15 Example: Configuring a switched line-dial connection profile........... 20 Testing your PPP connection profile...... 20 IBM Global Network Dial Connection wizard... 21 Configuring irtual line (L2TP) connection profiles 22 Configuring irtual line (L2TP) terminator profiles............... 22 Configuring irtual line (L2TP) initiator profiles 23 Configuring PPP connection profiles to use an ISDN integrated adapter............ 24 Configuring ISDN line properties...... 25 Configuring an ISDN network connection... 27 Configuring new ISDN network connection properties.............. 27 Configuring remote PC to AS/400 with PPP... 29 Example: Configuring the PPP connection profile on AS/400.............. 29 Example: Creating Windows dial-up connection to AS/400.............. 29 Example: Configuring TCP/IP for Windows to dial up AS/400............ 29 Chapter 5. Configuring your modem for PPP................ 31 Modem command strings.......... 31 Example: Configuring a modem....... 32 Chapter 6. Configuring your ISDN terminal adapter........... 35 ISDN terminal adapter recommendations.... 35 ISDN terminal adapter restrictions....... 36 ISDN properties for Courier I terminal adapter.. 36 Example: Configuring an ISDN terminal adapter.. 37 Chapter 7. Managing your PPP connections............ 39 Chapter 8. Other information about PPP................ 41 Copyright IBM Corp. 1998, 2000 iii

i AS/400e: Networking PPP connections

Part 1. PPP connections When two systems are physically connected, through a telephone line, it is typically referred to as a point-to-point connection or link. Support for TCP/IP Point-to-Point Protocol (PPP) is included on your AS/400 as part of the wide area network (WAN) connectiity. Exchanging data between locations is the primary reason for connecting a remote host to your AS/400 with a PPP link. Remote systems can dial into your AS/400 to access resources or other machines that are on the same network. In addition, the Point-to-Point Protocol is commonly used to connect a computer to the Internet. PPP is an Internet standard and is the most widely used connection protocol among Internet Serice Proiders (ISPs). If your company plans to connect to the Internet, there are seeral factors that you need to consider such as how to choose an ISP. To familiarize yourself with the PPP connections topic, read What s new for V4R5 to find out what information has been added since the last release. Also, you can print the entire PPP connections topic as a PDF file and read the entire topic off-line. These pages proide information to set up and manage your PPP connections: Planning your PPP connections Configuring your PPP connections Configuring your modem Configuring your ISDN terminal adapter Managing your PPP connections See other information about PPP for reference material to learn more about PPP on AS/400. Copyright IBM Corp. 1998, 2000 1

2 AS/400e: Networking PPP connections

Chapter 1. What s new for V4R5 New software features: For switched line mode, a new dial on-demand option called remote peer enabled allows peer systems to connect without a dedicated resource. The IBM Global Network Dial Connection wizard creates a PPP connection profile to dial into the IBM Global Network (IGN). The resulting PPP connection profile proides a standard dialing interface to one of three applications: IBM electronic serices application serer: Proides monitoring of your unique AS/400 system enironment to supply you with recommendations of personalized fixes for your system and situation. Mail Exchange: Allows you to periodically retriee mail from a single IGN account and send it to your AS/400 for distribution to your Lotus Mail users or your Simple Mail Transfer Protocol (SMTP) users. Dial-up Networking: Use other dial-up networking applications with IGN, such as standard Internet access. Each application has its own IGN dial connection profile. Latest PPP and L2TP information: For the latest program temporary fixes (PTFs) and the latest configuration information for PPP and L2TP, you should see the PPP link on the AS/400 TCP/IP home page. The link shows data that adds to and oerrides the information that is contained in the PPP connections topic. Information you asked for: Tips on how to manage your PPP connections by using Operations Naigator. Copyright IBM Corp. 1998, 2000 3

4 AS/400e: Networking PPP connections

Chapter 2. Print this topic You can iew or download a PDF ersion of this document for iewing or printing. You must hae Adobe Acrobat Reader installed to iew PDF files. You can download a copy from Adobe. To iew or download the PDF ersion, select PPP connections (222 KB or about 50 pages). To sae a PDF on your workstation for iewing and printing: 1. Open the PDF in your browser (click the link aboe). 2. In the menu of your browser, click File. 3. Click Sae As. 4. Naigate to the directory in which you would like to sae the PDF. 5. Click Sae. Copyright IBM Corp. 1998, 2000 5

6 AS/400e: Networking PPP connections

Chapter 3. Planning your PPP connections You need to proide your AS/400 with information so it can establish a PPP connection with another system. To do this, you configure a PPP connection profile that describes the necessary configuration information. As you plan your PPP connection profile, begin by answering these questions: Do you want your AS/400 to be able to contact another computer by dialing the telephone? Or, should your AS/400 wait to receie a call from the other system? Which type of line serice or communications line will your connection use? You need to complete these tasks before configuring your PPP connections: 1. Check PPP software and hardware requirements. 2. Choose a mode for your PPP connection profile. 3. Choose a type of line serice for your PPP connections. 4. Determine the type of authentication to use for your PPP connections. PPP software and hardware requirements Getting started with PPP requires that you hae two or more computers that support the PPP protocol. Here is a summary of the AS/400 requirements to run PPP: You must use OS/400 Version 4 Release 2 (V4R2) or later. For L2TP connections, you must use OS/400 V4R4 or later. You need to ensure that Operations Naigator and all of its component plug-ins were installed during the installation of Client Access Express. To erify this, do these steps: 1. Open your Client Access folder and double-click Selectie Setup. 2. Click Next three times. 3. Verify that all the components hae a check mark. If so, all the components hae been installed, and therefore, you can skip the rest of these steps. 4. Click each component that does not hae a check mark to install it. 5. Click Next twice to install the components. Then follow the wizards instructions to complete the installation. You must hae one the adapters below installed in your AS/400 to use PPP line descriptions. 2699: Two-line WAN IOA 2720: PCI WAN/Twinaxial IOA 2721: PCI Two-line WAN IOA 2745: PCI Two-line WAN IOA (replaces IOA 2721) 2750: PCI ISDN Basic Rate Interface U IOA (2-wire interface) 2751: PCI ISDN Basic Rate Interface S/T IOA (4-wire interface) 2761: Eight-port analog modem IOA For L2TP connections, you do not need a physical link layer adapter. You need an external or internal modem, integrated serices digital network (ISDN) terminal adapter, or channel serice unit (CSU)/data serice unit (DSU) to send and receie digital data oer the connection. Copyright IBM Corp. 1998, 2000 7

You need to make arrangements for a dial-up account with an Internet Serice Proider (ISP) if you plan to connect to the Internet. Choosing a mode for your PPP connection profile In AS/400 terms, an operating mode consists of the line connection type and the mode type for your profile. The mode allows you to specify how you will use your PPP connection. To choose the line connection type and the mode type for your enironment, follow these steps: 1. Read the descriptions of the line connection types that are described below. Select the one that best matches your enironment. 2. For the line connection type you selected, follow the link for mode type descriptions. Then, decide which mode type is appropriate for the connection that you will configure. 3. Record the line connection type and the mode type so you will hae this information aailable when you start to configure your PPP connections. The line connection types that you may choose from are: Switched line: Select this type if you are using an internal or external modem, an internal ISDN Basic Rate Interface adapter, or an external ISDN terminal adapter to connect oer a telephone line. Leased line: Select this type if you hae a dedicated line between the local AS/400 and the remote system. With a leased line, a modem or ISDN terminal adapter is not required to connect the two systems. Virtual line (L2TP): Select this type to proide a connection between systems that use Layer Two Tunneling Protocol (L2TP). Once an L2TP tunnel is established, a irtual PPP connection is made between your AS/400 and the remote system. By using L2TP tunneling in conjunction with IP security (IP-SEC), you can send, route, and receie secure data oer the Internet. Switched line A switched line connection between two systems turns on or off, depending on whether a telephone connection has been established. With a switched line mode you can make calls wheneer you need to. One of the following mode types must be selected if you choose a switched line connection: Switched line: answer Choose this mode type to enable a remote system to dial into the AS/400. Switched line: dial Choose this mode type to enable the AS/400 to dial out to a remote system. Switched line: dial on-demand (dial only) Choose this mode type to enable the AS/400 to automatically dial a remote system when TCP/IP traffic is detected for the system. The connection ends when all data is exchanged and no TCP/IP traffic flows for a specified period of time. Switched line: dial on-demand (answer-enabled dedicated peer) Choose this mode type to allow the AS/400 to answer calls from a dedicated remote system. This mode will also allow the AS/400 to call the remote system when TCP/IP traffic for the remote system is detected. If both systems are 8 AS/400e: Networking PPP connections

AS/400s and use this mode type, TCP/IP traffic flows between the two systems, on-demand, without the need for a permanent physical connection. This mode type requires a dedicated resource. The remote peer must dial in for the mode type to function properly. Switched line: dial on-demand (remote peer enabled) Choose this mode type to enable a remote system to be dialed or answered. To handle incoming calls, you must reference an existing answer profile from a PPP connection profile that specifies this mode type. This enables one answer profile to handle all incoming calls from one or more remote peers and to handle a separate dial on-demand profile for each outgoing call. This mode type does not require a dedicated resource to handle the incoming calls from remote peers. Leased line A leased line connection between two systems is considered a permanent or dedicated line. It is always open and aailable. In a leased line connection, one end of the connection is configured as the initiator, and the other end is configured as the terminator. The terminator mode type refers to a leased line answer profile, and the initiator mode type refers to a leased line dial profile. One of the following mode types must be selected if you choose a leased line connection: Leased line (terminator): Choose this mode type to enable a remote system to access the AS/400 through a dedicated line. Leased line (initiator): Choose this mode type to enable the AS/400 to access a remote system through a dedicated line. Virtual line (L2TP) One of the following mode types must be selected if you choose a irtual line (L2TP) connection: Virtual line (terminator): Choose this mode type to enable a remote system to connect to the AS/400 oer an L2TP tunnel. Virtual line (initiator): Choose this mode type to enable the AS/400 to connect to a remote system oer an L2TP tunnel. Layer 2 Tunneling Protocol (L2TP) for PPP connections Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol that extends PPP to support a link layer tunnel between a requesting L2TP client and the target L2TP serer endpoint. By using L2TP tunnels, it is possible to separate the location at which the dial-up protocol ends and where access to the network is proided. The tunnel can extend across the entire PPP session or only across one segment of a two-segment session. The tunnel implementation can be represented by three different tunneling models. The AS/400 can be the initiator or the terminator for any of these models. Also, an Internet Serice Proider (ISP) uses the irtual line mode to operate Virtual Priate Networks (VPN). See Configuring an L2TP connection protected by VPN for a better understanding of how VPN works with L2TP. The following figures illustrate the proper mode to select for each scenario. Chapter 3. Planning your PPP connections 9

Figure 1. PPP Virtual Initiator or PPP Virtual Terminator (Voluntary tunnel) Figure 2. PPP Dial Initiator or PPP Virtual Terminator (Compulsory tunnel-incoming call) Choosing the type of line serice for your PPP connection The type of line serice that you choose is used to define the line or line pool that represents your PPP connection. Your options for type of line serice are: Single line: Choose this line serice to define a PPP line that is associated with an analog modem. This option is also used for leased lines where a modem is not required. The PPP connection profile will always use the same AS/400 communications port resource. Line pool: Choose this line serice to select a PPP line from a line pool when the connection profile starts. Use this line serice when you want a single connection profile to handle multiple incoming analog calls or to handle a single outgoing analog call. The PPP line returns to the line pool when the connection profile ends. You can also use the line pool option when you want a single connection profile to handle multiple incoming analog calls at the same time. In this instance, you need to indicate the maximum number of connections on the Connections page of the New Point-to-Point Profile Properties dialog when you configure your connection profile. See Multiple-connection profile support for information about creating and using multiple-connection line pools. Integrated ISDN line: Choose this line serice to define a PPP line that is associated with an ISDN network connection. The adantages of using an integrated line (ISDN) include clearer communication at faster speeds. The aim of ISDN is to proide uniersal connectiity by using a single interface and a high-speed digital network to transport all types of data. Another adantage of using a digital line is the 10 AS/400e: Networking PPP connections

capability of fast connection times for switched connections. Analog modem connections can take up to 30 seconds or more to establish, while an ISDN connection takes only a few seconds. Line pool You can specify one or more line descriptions in a line pool. When the PPP connection profile starts, your AS/400 selects an unused line from the line pool. For Dial on-demand profiles, the system does not select the line until it detects TCP/IP traffic for the remote system. You can use a line pool instead of defining a particular line description for a connection profile. Adantages of using line pools: You do not commit a line resource to a connection profile until it starts. For connection profiles that use a specific line, the connection profile ends if the line is not aailable. For connection profiles that use a line pool, only one line in the line pool must be aailable when the profile starts. You can use dial-on-demand profiles with line pools to use resources more efficiently. The system selects a line from the line pool only when using a dial-on-demand connection. At other times, other connection profiles can use the same line. You can start more profiles than you hae resources to support. If, for example, your enironment needs four unique connection types, but you only need two lines at any gien time, here is what you would do. You would create four dial-on-demand connection profiles and hae each profile reference a pool that contains two line descriptions. Each of the lines would be aailable for use by all four connection profiles, thus allowing two connections to be actie at any time. By using a line pool, you do not need to hae four separate lines. Multiple-connection profile support Point-to-point connection profiles that support multiple connections allow you to hae one connection profile that handles many digital, analog, or L2TP calls. This is useful when you want multiple users to connect to your AS/400 but do not want to specify a separate point-to-point connection profile to handle each PPP line. This feature is especially useful for the 2761 8-port integrated modem where eight lines are aailable for use from one adapter, or the 2750 and 2751 adapters, which support eight separate ISDN B-channel connections. For analog lines with multiple-connection profile support, all lines in the specified line pool are used up to the maximum number of connections. Basically, a separate connection profile job is started for each line that is defined in the line pool. All connection profile jobs wait for incoming calls on their respectie lines. Local IP address for multiple-connection profiles: You can use the local IP address with multiple-connection profiles, but it must be an existing IP address that is defined on your AS/400. You can use the Local IP address pull down list to select the existing address. Remote users can access the resources that are on your local network if you choose its local AS/400 IP address as the local IP address for your PPP profile. Also, you must define the IP addresses that are in the remote IP address pool to be in the same network as the local IP address. Chapter 3. Planning your PPP connections 11

If you do not hae a local AS/400 IP address or do not want the remote users to access the LAN, you must define a irtual IP address for your AS/400. A Virtual IP address is also known as a circuitless interface. Your point-to-point profiles can use this IP address as their local IP address. Since this address is not tied to a physical network, it will not automatically forward traffic to other networks that are attached to your AS/400. To create a Virtual IP address, follow these steps: 1. In Operations Naigator, expand your AS/400 serer > Network >Protocols. 2. Right-click TCP/IP and select New Interface >Virtual IP. 3. Follow the Interface Wizard instructions to create your Virtual IP interface. Your point-to-point connection profiles can use the Virtual IP address once it is created. You can use the pull down list from the Local IP address field that is on the TCP/IP Settings page to use the address with your profile. Note: The Virtual IP address must be actie prior to starting your multiple-connection profile; otherwise, the profile will not start. To actiate the address after creating the interface, you select the option to start the address when using the Interface Wizard. Also, you should set IP forwarding to No to ensure that the address does not forward traffic to other networks that are attached to your AS/400. Remote IP address pools for multiple-connection profiles: You can also use remote IP address pools with multiple-connection profiles. A typical one-connection point-to-point profile only allows you to specify one remote IP address, which is gien to the calling system when the connection is made. Since multiple callers can now connect simultaneously, a remote IP address pool is used to define a starting remote IP address as well as a range of additional IP addresses that are gien to the calling system. Line pool restrictions: These restrictions apply when using line pools for multiple connections: A specific line can only exist in one line pool at a time. If you remoe a line from a line pool, it can be used in another line pool. When starting a multiple connection profile that uses a line pool, all lines in the line pool are used up to the maximum number of connections. When there are no aailable lines, all new connections will fail. Also, if there are no aailable lines and another profile starts, it will end. When you start a single connection profile that has a line pool, the system uses only one line from the line pool. If you start a multiple connection profile that uses the same line pool, the remaining lines in the line pool are aailable for use. Remote IP address pools The system can use remote IP address pools for any answering or terminating point-to-point connection profile that is used with multiple incoming connections. This includes L2TP, natie ISDN, and line pools with a maximum number of connections greater than one. This function allows the system to assign a unique remote IP address to each incoming connection. The first system to connect receies the IP address defined in the Starting IP address field. If that address is already in use, the next aailable IP address within the Number of addresses range is gien out. For example, assume that the Starting IP address is 10.1.1.1 and the Number of addresses is defined as 5. The aailable 12 AS/400e: Networking PPP connections

addresses within the remote IP address pool will be 10.1.1.1, 10.1.1.2, 10.1.1.3, 10.1.1.4, and 10.1.1.5. The subnet mask defined for the remote IP address pool addresses will always be 255.255.255.255. These restrictions apply when using remote IP address pools: More than one connection profile can specify the same address pool. Howeer, once all the addresses in the pool are used, any subsequent connection request is refused until another connection ends and frees up an address. To allocate specific addresses to some remote systems while allowing other incoming systems to use an address from the pool, follow these steps: 1. Enable Remote system authentication from the Authentication tab, so the user name of the remote system can be learned. 2. Define a remote IP address pool for all incoming connection requests that do not require a specific IP address. 3. Define Remote IP addresses for specific users by clicking Routing that is on the TCP/IP Settings page. From the Routing dialog, enter specific remote IP addresses and subnet masks for indiidual remote user names. You can also use this dialog box to define additional routes for the remote system. When the remote user connects, the AS/400 determines whether a specific IP address is defined for this user. In this case, the IP address is gien to the remote system; otherwise, an address from the remote IP address pool is returned. CHAP and PAP authentication for PPP The PPP protocol defines two types of authentication that peer systems can use to identify each other: Challenge Handshake Authentication Protocol (CHAP): CHAP uses an algorithm (MD-5) to calculate a alue that is known only to the authenticating system and the remote deice. With CHAP, the userid and the password are always encrypted, so it is a more secure protocol than PAP. This protocol is effectie against playback and trial-and-error access attempts. CHAP authentication can occur more than once during a connection. The authenticating system sends a challenge to the remote deice that is attempting to connect to the network. The remote deice responds with a alue that is calculated by a common algorithm (MD-5) that both deices use. The authenticating system checks the response against its own calculation. Authentication is acknowledged when the alues match; otherwise, the connection is ended. Password Authentication Protocol (PAP): PAP uses a two-way handshake to proide the peer system with a simple method to establish its identity. The handshake is conducted when establishing a link. After the link is established, the remoe deice sends a userid/password pair to the authenticating system. Depending on the correctness of the pair, the authenticating system either continues or ends the connection. With PAP, the user id and password are neer encrypted which makes them possible to trace. For this reason, you should use CHAP wheneer possible. Chapter 3. Planning your PPP connections 13

14 AS/400e: Networking PPP connections

Chapter 4. Configuring your PPP connections When you hae decided on a mode and type of line serice, you can start configuring your PPP connection. To configure a connection, follow these steps: 1. Configure a PPP connection profile. A PPP connection profile has property alues that are associated with it. Those alues consist of mode, mode type, type of line serice, TCP/IP- related settings, and authentication options. 2. Test your PPP connection profile. The testing procedure makes sure that you can successfully connect to a remote host with the new connection profile. Reiew these related pages which describe arious PPP connections: IBM Global Network Dial Connection wizard Configuring irtual line (L2TP) connection profiles Configuring PPP connection profiles to use an ISDN integrated adapter Configuring remote PC to AS/400 with PPP Configuring a PPP connection profile Before you start your configuration, reiew these items: You must hae *IOSYSCFG authority to change connection profile configurations. You must hae *ALLOBJ authority to the objects to work with alidation lists or to work with irtual line properties for L2TP. Verify that you hae configured your modem or configured your terminal adapter properly. If you are connecting to the IBM Global Network (IGN), you must use the IBM Global Network Dial Connection wizard to configure a PPP connection profile. To configure a PPP connection profile, complete these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the New Point-to-Point Profile Properties dialog, click each tab to set properties for each connection profile. To reiew an example of the configuration procedure, see Example: Configuring a switched line-dial connection profile on page 20. Setting properties for PPP connection profiles This information includes guidelines for completing each page in the New Point-to-Point Profile Properties dialog. The settings that you select on each page depend on your enironment and the type of connection you are configuring. The Operations Naigator on-line help describes each option that is on the dialog box. Examples and procedures throughout the PPP connections topic gie you additional details. General page: On this page you define a name and description for your connection profile. Copyright IBM Corp. 1998, 2000 15

Under Mode, select a line connection type and mode type from the pull down lists. Connection page: For dial or initiator profiles, the Connection page lets you type the telephone numbers of the remote machines to which you are connecting. To create a new line description while you are configuring a PPP connection profile, see Configuring a line description for the procedure. To create a line pool while configuring your PPP connection profile, see Configuring a line pool. For answer/terminator profiles, you can define the maximum number of connections that are supported by a line pool. TCP/IP Settings page: On this page you can define the local and remote IP addresses that are used for your point-to-point connections. You can also set other TCP/IP attributes, such as IP forwarding and IP address masquerading, on this page. Local IP addresses: - For answer profiles, you can choose to use an existing local AS/400 IP address as your local point-to-point address (recommended) or choose to create a unique IP address. If you use an existing local address, the point-to-point connection that is created is known as an un-numbered network. This is because you are expanding your existing network and not creating a new one. For multiple connection answer profiles, you must use an existing local IP address. To select an existing local address, use the pull down list of the Local IP address field. The line type that the local IP address is associated with is specified next to the IP address to aid in finding the appropriate local IP address to use. - For dial profiles, the Local IP address is normally defined as dynamic, especially if the profile connects to an Internet Serice Proider (ISP). Remote IP addresses: - The remote IP address is the IP address that is defined for the remote system. For answer profiles, the remote user can access the network that is attached to the local IP address if you want them to. To do this, you use for the local IP address an existing address and use a remote ID that is on the same network as the local address. If you do not want the remote user to access the network that is attached to the local IP address, use a remote IP address that is not on the same network as the local address. - For dial profiles, the Remote IP address is normally defined as dynamic, especially if the profile is used to connect to an ISP. For Remote peer enabled mode, you can specify the Peer answer connection profile along with the Local and Remote IP addresses. If required, you can define additional routes by using the Routing button. Howeer, you can select the remote system as the default route when dialing your ISP. Then all the traffic between your AS/400 and your ISP is routed oer the point-to-point link. Use the Routing button to open the Routing dialog to add the remote system as a default gateway. Then all TCP/IP traffic without a specific route is sent oer the point-to-point link. Dynamic routing (RouteD): Select whether you want Routing Information Protocol (RIP) traffic to be receied or generated with this PPP connection profile. 16 AS/400e: Networking PPP connections

Static routing: Select either the remote system as the default route (dial only) or select Use static routes to add routes when the connection profile starts. Script page: On this page you can specify the SLIP connection script. PPP does not require connection scripts. SLIP uses a connection script for authentication and to pass IP address information. This page does not display for irtual line mode types. Subsystem page: On this page you can identify the name of the subsystem that will run all the jobs for a specific connection profile. The default subsystem is QSYSWRK. The subsystem is only configurable for L2TP, ISDN, or multi-connection analog line profiles. Authentication page: On this page you can define the users that may connect to the system. For dial connections, you must specify the user name and password that will be used to connect to the remote system. Challenge Handshake Authentication Protocol (CHAP) is always the recommended authentication protocol. The CHAP authentication data is encrypted and unique for each challenge. The IBM Global Network requires customers to use the Password Authentication Protocol (PAP) for authentication. Other ISPs may use CHAP. Consult your ISP to learn their user name and password requirements. Do not use the same user name and password for both CHAP and PAP protocols. Someone can discoer your CHAP user name and password by reading the unencrypted PAP user name and password. The user name and password work with a particular protocol. The authentication fails if the protocol does not match the user name and password on a challenge. Domain Name Serer page: On this page you define the domain name serer for the connection. This page only displays for dial or initiator connection profiles. Configuring a line description for PPP connections A line description describes the physical line and the line protocol including the modem or terminal adapter that are associated with the line. While you are configuring your PPP connection profile, you can start a set of dialogs to create a line description. Once you are finished with the line description, you should return to your original location and finish configuring the connection profile. To configure a digital line (ISDN), see Configuring an ISDN line. To configure an analog line, follow these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile. 3. At the New Point-to-Point Profile Properties dialog, click the Connection tab. 4. Under Link configuration, select Single line from the Type of line serice list. Chapter 4. Configuring your PPP connections 17

a. In the Name text box, type a name for the line description. b. Click New to open the New Line Properties dialog and create a line description. 5. At the New Line Properties dialog, select a resource from the General page. 6. Click Modem, and select a modem from the name list. The modem page lets you associate a modem or ISDN terminal adapter with the line description you are using. You are required to associate a modem or an ISDN terminal adapter to the line description. Leased lines do not hae a modem or ISDN terminal adapter, so this step is not required. 7. Click OK and return to New Point-to-Point Profile Properties dialog to finish configuring your connection profile. Example: Configuring a line description: This example creates a connection profile for a switched line that dials to initiate a connection and that uses an ISDN terminal adapter. Reiew the steps in this example to help you configure your own PPP line description and its associated modem or its ISDN terminal adapter. 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the General page, complete these fields: For Name, specify a meaningful name, such as DIALISDN. For Description, specify a description like Switched ISDN dial profile. For Type, select PPP. For Mode, select Switched line-dial. 4. Click the Connection tab, and complete the page options: For Remote phone numbers, click Add to add a telephone number. In this example, the telephone number is 555 1212, but a remote telephone number can be any of the following: Local company extension (for example, 34567) Outside telephone number (for example, 9,,,,,1234567) Long distance number (for example, 1-800-1234567) If you want to disconnect from the ISP after a certain period of inactiity, select Oerride line inactiity timeout and specify the length of the timeout. In this way, the ISP does not charge you for the idle time. You are not oerriding the line inactiity timeout in this example. For Name, specify a meaningful line name like MYISDNLINE. Click New to open the New Line Properties dialog and create a line description. 5. From the General page of the New Line Properties dialog, specify alues for the following: For Description, specify a description such as ISDN switched dial line. Select a Hardware resource such as CMN15 from the list of hardware resources. For Hardware resource, select RS232/V.24 as the Interface type. For Framing, select Asynchronous. 6. Click the Connection tab to open the Connection page. For Dial command type, specify AT command set for an AT compatible modem. 18 AS/400e: Networking PPP connections

For Connections allowed, specify Both. Select Use flow control (RTS/CTS). For CTS timeout (10 60), specify a alue like 25 seconds. 7. Click the Link tab to open the Link page. For Line speed, select the alue for your modem. You may need to consult your modem manufacturer s user guide to obtain the correct alue. Usually, you will want to select the highest RS232/V.24 line speed that your modem supports. You should select the line speed of 115200 bps for most ISDN terminal adapters that support multilink PPP connections with asynchronous-to-synchronous PPP conersion. For Maximum frame size, specify a alue like 2048 bytes. 8. Click the Modem tab, and select the modem from the list that you would like to associate with this line description. For this example, select 3COM/US Robotics Courier I. 9. Click the ISDN Parameters tab. If you select a non-isdn modem, the tab reads Additional Parameters. If you want to add a terminal adapter command, name, and alue, click Add to open the Add Line Modem Parameters dialog. For Name, specify a useful name like Data/Voice 2 Directory Number. For Command, specify a alue such as ATS52=. For Value, the example uses 555 1212. To add a alue to an existing terminal adapter command, double-click an existing terminal adapter command name, such as the Data/Voice 2 Directory Number command. The Name and Command text boxes are completed for you. To change (replace) an existing terminal adapter command default alue, you must first add a corrected command to the list and delete the old one. To replace a command, select the command you want to replace and click Add. This allows you to insert a new command in the list. Then add the new command information. Note that the new command appears immediately after the command you want to replace. Then select the name of the command that you want to replace, and click Remoe. This action leaes the corrected command in place of the old one. Note: The order of the commands that are in the list may be important for some modems. 10. Click OK, and return to the New Point-to-Point Profile Properties dialog to finish configuring your connection profile. Configuring a line pool To create or change a line pool: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile. 3. At the New Point-to-Point Profile Properties dialog, click the Connection tab. 4. Under Link configuration, select Line pool from the Type of line serice list and choose one of these: To create a new line pool, type a new name in the Name text box, and click New. To change a line pool, select an existing line pool name from the drop-down list, and click Open. Chapter 4. Configuring your PPP connections 19

5. From the New Line Pool Properties dialog, do any of the following: To add lines to a line pool, select a line from the Aailable lines list, and click Add. The Selected lines list displays the lines that you choose. To delete lines from a line pool, select a line from the Selected lines list, and click Remoe. The lines you choose show in the Aailable lines list. 6. Click OK to complete the line pool definition. The following restrictions apply when creating line pools: A specific line can only be in one line pool at a time. If you remoe a line from a line pool, it becomes aailable to any line pool. Only lines that work with a particular Profile mode are shown in the Aailable lines list. For example, only PPP lines that are defined as switched are shown when a connection profile is defined as Dial on-demand. Example: Configuring a switched line-dial connection profile This example shows the steps to create a connection profile for switched line-dial connection to an Internet Serice Proider (ISP) by using an existing PPP line description. 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the General page, complete these fields: For Name, specify a meaningful name such as DIALPPP. For Description, specify a description such as Switched dial profile. For Type, select PPP. For Mode, select Switched line-dial. 4. Click the Connection tab, and follow these steps: Under Link Configuration, select Single line and the existing PPP line description name for the Type of line Serice. For Remote phone numbers, click Add to add a telephone number. In this example, the telephone number is 555 1212, but a remote telephone number can be any of the following: Local company extension (for example, 34567) Outside telephone number (for example, 9,,,,,1234567) Long distance number (for example, 1-800-1234567) 5. Click the TCP/IP Settings tab and select Dynamically assign for the local and remote IP addresses. If you hae another network that is attached to the AS/400 (like a LAN) with other systems and you want the other systems to hae access to the Internet through the AS/400, check the Hide address (full masquerading). 6. Click the Authentication tab. In Local system identification, select the authentication protocol and the user name and password that are used for the connection. 7. Click the Domain Name Serer tab. Enter the IP address of the domain name serer to be added when the connection is made. This setting allows you to use host names instead of IP addresses to access systems oer your PPP connection. Testing your PPP connection profile To test the PPP connection profile that you created, follow these steps: 20 AS/400e: Networking PPP connections

1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Select Connection Profiles and find your profile name in the Profile column. 3. Right-click your profile name, and select Start. 4. Watch the Status column for these messages: Waiting for incoming call means that the serer is ready for a connection. Actie means that a connection is established for a profile with a single line and that the job is running successfully. For profiles with line pools and ISDN lines, see Actie connections. Actie connections means that a profile with line pools or ISDN lines has started and that the connections are in the process of becoming actie. You must do step 5 to find out when the connections become actie. 5. When the connection is actie, right-click the profile name and select Connections. For profiles with line pools or ISDN lines, you will also see arious status messages for the connection as it progresses to a connected state. When the status reads Actie connections, the connection is established and you are ready to proceed to the next step. 6. Locate the IP address in the RemoteIP column and record it for use in the next step. 7. Verify your connection by using the Ping command and the remote IP address. IBM Global Network Dial Connection wizard IBM proides internet access through its IBM Global Network (IGN). To access this serice, you can use the IBM Global Network Dial Connection wizard to help you configure a switched-dial PPP connection profile to dial the IGN. The wizard walks you through about eight panels and takes about ten minutes to complete. You may cancel the wizard at any time and no existing data is saed. Three types of applications can use the IGN connection: IBM electronic serices application serer: Proides monitoring of your unique AS/400 system enironment to supply you with recommendations of personalized fixes for your system and situation. Mail Exchange: Allows you to periodically retriee mail from a single IGN account and send it to your AS/400 for distribution to your Lotus Mail users or your Simple Mail Transfer Protocol (SMTP) users. Dial-up Networking: Use other dial-up networking applications with IGN, such as standard Internet access. You maintain the IBM Global Network connection profiles like any other PPP connection profiles. You need the one of these adapters to use the IBM Global Network Dial Connection wizard: 2699: Two-line WAN IOA 2720: PCI WAN/Twinaxial IOA 2721: PCI Two-line WAN IOA 2745: PCI Two-line WAN IOA (replaces IOA 2721) 2761: Eight-port analog modem IOA Before starting the IBM Global Network Dial Connection wizard, you need to collect this information about your enironment: Chapter 4. Configuring your PPP connections 21

The IBM Global Network account information (account number, user ID, and password) for the mail exchange application or the dial-up networking application. The IP addresses of mail serer and domain name serer for the mail exchange application. The name of the modem that is used for single line connections. To start the IBM Global Network Dial Connection wizard, follow these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New IBM Global Network Dial Connection. 3. When the IBM Global Network Dial Connection wizard starts, click Help for information about completing a panel. Configuring irtual line (L2TP) connection profiles There are two types of irtual line (L2TP) connection profiles: Terminator profiles allow a remote system to connect to your AS/400 oer an L2TP tunnel. Initiator profiles allow your AS/400 to connect to a remote system oer an L2TP tunnel. Once an L2TP tunnel is established, a PPP connection is made between the AS/400 and the remote system. Read these pages for instructions on how to configure irtual line (L2TP) connection profiles: Configuring irtual line (L2TP) terminator profiles Configuring irtual line (L2TP) initiator profiles Configuring irtual line (L2TP) terminator profiles To configure a irtual line (L2TP) terminator profile, complete these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the General page, follow these steps: a. Enter a new profile name in the Name text box. b. Under Mode, select Virtual line (L2TP) as the line connection type. c. Select Terminator from the Mode type list box. 4. Click the Connection tab, and follow these steps: a. For terminator profiles, type the IP address of the AS/400 that is at the end of the tunnel into the Local tunnel endpoint IP address text box. You can also select an IP address from the pull down list. b. To define new irtual line properties, use the steps in Configuring L2TP irtual line properties. Return to this step when you hae defined the irtual line properties. c. Type a number into the maximum number of connections to limit the number of incoming requests for this profile. 5. Click the TCP/IP Settings tab to specify local and remote IP addresses. 22 AS/400e: Networking PPP connections

For terminator profiles, you must specify your local IP address. The remote IP address is the address that this connection profile uses for the other end of a connection. The remote IP address can be assigned dynamically, with a specific route, or by defining remote IP address pools. (Optional) Click Routing to open the Routing dialog to define a new route. 6. Click the Authentication tab to specify the local-system or remote-system identification. 7. Click the Subsystem tab to change the subsystem where L2TP jobs are run. The default L2TP subsystem is QUSRWRK. This subsystem must be started before an L2TP connection profile is started; otherwise, the connection profile fails. If you chose to change the default subsystem, the specified subsystem must be started before L2TP connections are started. You can control access to PPP connections by ending or starting the related subsystem during specific times. 8. Click OK that is on the New Point-to-Point Profile Properties dialog to complete your connection profile. Configuring irtual line (L2TP) initiator profiles To configure a irtual line (L2TP) initiator connection profile, complete these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the General page, follow these steps: a. Enter a new profile name in the Name text box. b. Under Mode, select Virtual line (L2TP) as the line connection type. c. Select Initiator from the Mode type list. 4. Click the Connection tab, and follow these steps: a. To define new irtual line properties, use the steps in Configuring L2TP irtual line properties. Return to this step when you hae defined the irtual line properties. b. Type the IP address of the remote endpoint of the tunnel into the Remote tunnel endpoint IP address text box. c. Select the IP-SEC protection option to enable IP security for the connection. 5. Click the TCP/IP settings tab to define any local or remote IP address for the connection. For initiator profiles, you define the address based on the method that is used for the IP address assignment which is usually dictated by the terminator end of the link. Enter your fixed local IP address or select it from the pull down menu. Select Dynamic for the remote address. 6. Click the Subsystem tab. The default L2TP subsystem is QUSRWRK. This subsystem must be started before an L2TP connection profile is started; otherwise, the connection profile fails. If you chose to change the default subsystem, ensure that the specified subsystem starts before the L2TP connections starts. Chapter 4. Configuring your PPP connections 23

You can control access to PPP connections by ending or starting the related subsystem during specific times. 7. Click the Authentication tab to specify the local-system or remote-system identification. Configuring L2TP irtual line properties While you are configuring your irtual line connection profile, you can start a set of dialogs to define irtual line properties. Once you finish defining the properties, you should return to the Connection tab on the New Point-to-Point Profile Properties dialog to complete the connection profile. 1. Ensure that you hae naigated to the correct location in the PPP configuration dialogs. a. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. b. Right-click Connection Profiles, and select New Profile. Complete the options that are on the General page. 2. At the New Point-to-Point Profile Properties dialog, click the Connection tab. 3. Under Link configuration, type a name in the Virtual line name text box, and click New to open the New L2TP Line Properties dialog. 4. From the New L2TP Line Properties dialog, click the Link tab to define the link attributes of your irtual line. 5. Select Enable packet sequence numbering. This option lets you include the sequence numbers in the remote endpoint packets. At the same time, the option lets you control the rate at which the packets are sent. Out of order packets are reordered by using the sequence number and therefore may reduce the number of retransmissions. 6. Click the Limits tab to set the parameters for LCP authentication, LCP configuration, and recoery limits. 7. Click the Authentication tab, and type the local host name. Specify whether you need remote system authentication. For terminator connection profiles, you can create a alidation list to authenticate the remote host. For initiator connection profiles, you must select a password for the local host. 8. Click OK and return to New Point-to-Point Profile Properties dialog to finish configuring your irtual line (L2TP) connection profile. Configuring PPP connection profiles to use an ISDN integrated adapter As you consider PPP ISDN connections to your AS/400, part of your planning should include a reiew of ISDN on AS/400 and the PPP link that is on the AS/400 TCP/IP home page. The home page contains the latest program temporary fixes (PTFs) and the latest configuration information for PPP and L2TP that adds to and oerrides the information that is contained in the PPP connections topic. When creating PPP ISDN connections on the AS/400, Operations Naigator automatically creates the following objects based on the options that are selected during configuration: network interface (NWI) descriptions, connection lists, connection list entries, line descriptions, controller descriptions, and deice descriptions. 24 AS/400e: Networking PPP connections

You can also make PPP connections oer ISDN by using an ISDN terminal adapter connected to an analog PPP line that is on the AS/400. For help with performing this type of connection, see Configuring your ISDN terminal adapter. Getting started: To configure a PPP connection profile that uses ISDN, complete these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the General page, follow these steps: a. Enter a new profile name in the Name text box. b. Under Mode, select a line connection type and a mode type from the lists. 4. Click the Connection tab, and follow these steps: a. Under Link configuration, select Integrated ISDN line from the Type of line serice list. b. To create an ISDN line, enter a line name and click New to open the ISDN Line Properties dialog. Follow the steps in Configuring ISDN line properties to finish defining the ISDN line and network connection properties. Return here when you hae completed the ISDN line properties dialog. c. For dial-in connections, specify the number of actie connections that can use this profile. For ISDN, if you specify more than 1 connection, the system will use the line description that is specified in the Link configuration section as a model to automatically create additional lines as connections are established. When a line is created, the system creates a name for the line description by concatenating the first four letters of the model line description with the job number that is associated with the connection. This line description is automatically deleted when the connection profile ends. For ISDN connections, although the alue for the number of connections can be greater than the number of aailable B-channels, the system will not create more lines than it has resources. That is, if the system has only 2 B-channels and you specify 5 connections, it will only create a maximum of two connections. 5. Click the TCP/IP settings tab, and follow these steps: a. Select IP address and enter an IP address or select an existing IP address from the list. b. Define address pools if necessary. Address pools are a group of IP addresses that a configuration profile uses for your PPP connection. For information about how address pools work and how to specify specific addresses, reiew Remote IP address pools. c. (Optional) Click Routing to open the Routing dialog and define a new route. 6. Complete the remaining pages of the New Point-to-Point Profile Properties dialog. Configuring ISDN line properties 1. If you hae not already done so, open the New Point-to-Point Profile Properties dialog, complete the General page and click the Connections tab. 2. From the Connections page, enter a line name and click New to open the New ISDN Line Properties dialog. Chapter 4. Configuring your PPP connections 25

3. From the General page of the New ISDN Line Properties dialog, follow these steps: a. (Optional) Enter the text description of the ISDN line to be created. b. Select Make aailable at restart if you want the line to be aailable automatically when the system is restarted. 4. Click the Digital Network Access tab to define the network connection properties for switched or non-switched lines. For non-switched lines: a. Enter a network connection name and click New to open the ISDN Network Connection Properties dialog. Follow the steps in Configuring ISDN network connections properties. Return here when you hae defined the network connection properties. b. Specify the Channel number. c. Select an information transfer type. For switched lines: You can add the name or names of the switched digital network connections to which this line can be attached at the time an incoming or outgoing call is processed. For an ISDN line, the digital network connections will be ISDN network connections. a. Click Add to open the ISDN network connection dialog. Follow the steps in Configuring an ISDN network connection. Return here when you hae defined the network connection. b. Under the Selection method, select First in list to begin with the first ISDN network connection specified in the digital network connection list. 5. Click the Connection tab, and select the option that specifies whether the line is used for incoming calls, outgoing calls, or both. 6. Click the Link tab to set the link properties for your line including line speed, maximum frame size, and message queue name to which messages are sent. You can specify new alues or leae the default alues. 7. Click the Limits tab to set the link control and recoery parameters for the PPP connection. You can specify new alues or leae the default alues. 8. (Switched lines only) Click the Digital Connection List tab, and select the options for your configuration. You can specify the network type and information transfer types for the incoming and outgoing calls. The system uses this information to automatically create a connection list and associated connection list entries that are used by the line. The name of the connection list that is created is the same as the line name that is listed on the General page. A connection list can be thought of as a telephone book, and a connection list entry is an entry in a telephone book. The connection list proides information that allows the system to determine when to accept incoming calls and what information to send with an outgoing call. a. Select the Network type for the connection list used by this line. This network type must be identical to the network type of the switched ISDN network connections attached to this line. This network type is used to create a connection list on the host. b. Specify the Information transfer types accepted for incoming calls. For each type that is selected, an associated connection list entry is defined and added to the connection list object. The Data oer oice, Asynchronous modem, and Synchronous modem information transfer types are mutually exclusie. The system cannot distinguish among them when an incoming 26 AS/400e: Networking PPP connections

call is receied. For digital connections you can select either the Unrestricted type or the V-series recommendation 110 type. c. Specify the Information transfer type for outgoing calls. Based on the selection, an associated connection list entry is defined and added to the connection list. 9. Click OK that is on the ISDN Line Properties dialog to sae the ISDN line definition to your AS/400 system. 10. Return to the Connections tab that is on the New Point-to-Point Profile Properties dialog to complete the connection profile. Configuring an ISDN network connection 1. From the General page of the ISDN network connection dialog, follow these steps: a. Select an existing network connection from the list or define properties for a new ISDN network connection: Enter the name of the new ISDN network connection to be attached to this line. Click New to open the ISDN Network Connection Properties dialog and configure ISDN network connection properties. b. Select the Channel number for the switched ISDN network connection that is used with the line. Choose one of the following options: Calculated by the system: The system automatically selects the channel number (based on aailability) when the incoming or outgoing call is processed. Channel number: You must specify the channel number used by the line. 2. Click OK to sae the network connection, channel type, and channel number for the line. 3. Return to the ISDN line properties dialog to complete the configuration. Configuring new ISDN network connection properties 1. From the General page of the ISDN Network Connection Properties dialog, follow these steps: a. (Optional) Enter the text description of the ISDN network connection to be created. b. Specify one Network type for this connection: Select Use network attribute to use the default network type defined in the host network attributes. The default network type for the system will be displayed if it is defined. Select Type to choose the network type from the list. c. Specify the Rate. d. Select the Hardware resource for the connection. The list displays only those resource types that support the selected ISDN basic rate interface (BRI) or primary rate interface (PRI). 2. Click the Entries tab to add the channel entry or protocol entries that correspond to a B-channel that is associated with the ISDN network connection. a. Under Channel, click Add to open the Add ISDN Channel Entry dialog. At the ISDN Channel Entry dialog, select the Use switched connection on all B-channels option. Or, you can explicitly specify the channel number, channel connection, and line name to use. If the selected rate is for basic rate serice, only two channels can be specified. For an European ISDN Chapter 4. Configuring your PPP connections 27

network type and primary rate selection, up to 30 channels can be specified. All other primary rate serices will allow up to 23 channels. b. Under Protocol, click Add to open the Add ISDN Protocol Entry dialog to add a PPP protocol entry. From this dialog, you can specify whether the PPP protocol can be used on a limited number of channels, whether the associated microcode is preloaded, and the maximum number of channels that are aailable for use by the specified protocol. The default protocol entry selection is PPP maximum, which means that PPP is preloaded and aailable for use on all channels. 3. Click the Serice Settings tab, and follow these steps: a. Under Automatic Parameter detection, specify whether the adapter automatically detects and configures alues for the short haul, long haul, and clocking parameters. The Automatic parameter detection attributes is enabled only if the selected rate is Primary. Choose one of the following options: Select Set parameter alues automatically to enable automatic parameter detection and configuration by the adapter. Select Parameter alues to explicitly define the short haul, long haul, and clocking parameters. b. Under Serice profile identifiers (SPIDs), select SPIDs to define the serice profile IDs that are used in an information exchange between the system and the network when communications are initialized. 1) Click Add to open the ISDN Serice Profile ID dialog. 2) Specify the SPID number and SPID alue. The SPID alue is assigned by and can be obtained from the network proider. A second SPID number is used when a second local number is specified. 4. Click the Parameters tab to specify the alues for the setup message, for actiation and reactiation, and the recoery parameters that are used by the ISDN network connection. You can specify new alues or leae the default alues. 5. Click the Local numbers tab to specify the local numbers for the ISDN network connection that is used by the system. Choose one of the following options: Select Use connection list to hae the system determine the local number by using the connection list object that is specified for the call. Select Local numbers to explicitly specify the local number. A maximum of two local numbers can be specified when the rate is basic and the network type is AT&T Generic ISDN, National ISDN, or Northern Telecom ISDN. The second local number must be specified when a second SPID number is specified. In addition, you can select alues for the following: type of local number, numbering plan that is used for the local number, format of the local number, and characters to be remoed from the local number. You can specify new alues or leae the default alues. 6. Click the Security tab to set the authorization leel for this ISDN network connection. This page is unaailable for an ISDN network connection that already exists. 7. Click OK to sae the new ISDN network connection to your AS/400 system. Operations Naigator creates an ISDN network interface (NWI) description with the same name as this ISDN network connection. 8. Return to the ISDN line properties dialog to complete the configuration. 28 AS/400e: Networking PPP connections

Configuring remote PC to AS/400 with PPP To connect to an AS/400 from the Windows 32-bit operating systems, you must hae both TCP/IP and Dial-Up Networking installed. Dial-Up Networking is located in the My Computer and the Accessories folders. TCP/IP is listed under the optional communications components of the Microsoft protocols. After TCP/IP is configured, you must create a Dial-Up PPP Networking connection. These examples show the oerall process and the procedures for accomplishing each part of the configuration: Example: Configure a PPP connection profile on AS/400. Example: Create a Windows dial-up connection to AS/400. Example: Configure TCP/IP for Windows to dial up AS/400. Example: Configuring the PPP connection profile on AS/400 This example steps you through configuring a PPP connection to answer incoming calls. 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Connection Profiles, and select New Profile to open the New Point-to-Point Profile Properties dialog. 3. From the General page, do the following: Specify a profile name, such as PPP1. Specify a description for the connection profile, such as PPP connection to Windows 95/98 client. For Type, select PPP. For Mode, select Switched-line answer. 4. From the Connection page, select an existing line description from the Type of Line Serice list. 5. From the TCP/IP Settings page, type the appropriate IP addresses and select the options that support your enironment. Example: Creating Windows dial-up connection to AS/400 To create an AS/400 dial-up connection, perform these steps: 1. Double-click Dial-up Networking in either the My Computer or the Accessories folder. 2. Double-click Make New Connection to start the wizard. 3. Follow the steps in the wizard. A new icon appears in the Dial-Up Networking folder when the wizard is finished. 4. Right-click the new icon, and select Properties. 5. Click Serer Type to open a dialog. 6. For Type of Dial-Up Serer, select PPP. 7. Select Require encrypted password. 8. Select TCP/IP. 9. Click OK. Example: Configuring TCP/IP for Windows to dial up AS/400 To configure Windows 95/98 TCP/IP for a dial-up connection to an AS/400, complete these steps: Chapter 4. Configuring your PPP connections 29

1. Right-click the icon that wizard created, and select Properties. 2. Click Serer Type. 3. Click TCP/IP Settings. 4. Select Serer assigned IP address. 5. For Specify name serer address, specify your DNS addresses. If you hae multiple interfaces on a workstation, you must hae a gateway. 6. Click OK. 30 AS/400e: Networking PPP connections

Chapter 5. Configuring your modem for PPP Modem command strings For your analog PPP connections, you can use either an external modem, a 2761 internal modem, or an ISDN terminal adapter. A modem proides you with analog connection capabilities (leased and switched lines). Modem descriptions for the most popular modems hae been defined for AS/400. To determine if you can use an existing modem description, follow these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point > Modems. 2. Reiew the list of modem descriptions to find the manufacturer name, model, and make of your modem. You do not need to do any further steps if your modem displays in the default list. 3. Right-click the modem description that closely matches your modem, and select Properties to reiew the command strings. 4. Consult the user s guide for your modem to determine the specific command strings for your modem. Use the default modem if the command strings match your modem requirements. Otherwise, you need to create a modem description for your modem and add it to the Modem list. To create a modem description, follow these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Select Modems to show the Modem list. 3. Right-click $generic hayes in the Modem column, and select New modem based on. 4. From the New Modem dialog, change the Modem command strings to match the information required by your modem. For a detailed procedure, see Example: Configuring a modem on page 32. The table below lists a minimum set of command strings that are used by most modems that are used on the AS/400. Find the equialent command string in the user manual for your modem. Use the manufacturer s recommended setting in the modem description that you create for your modem. Modem property Modem reset to factory defaults Modem initialization: Display Verbal Results Codes Normal CD and DTR modes Echo mode off Data Set Ready (DSR) to follow Carrier Detect Correct command string for most modems AT&F or AT&Z Q0 and V1 &C1 and &D2 E0 &S1 Copyright IBM Corp. 1998, 2000 31

Enable hardware flow control (RTS/CTS) Enable error correction and, optionally, compression (V.42/V.42 bis) Ensure DTE-DCE line speed is enabled to run at fixed 19.2 Kbps (Optional) Enable the inactiity time If the modem supports this function Modem Answer mode: Answer after n rings S0=n wheren = 1or2 Disconnect if no carrier (connection) after m seconds Modem Dial type S7=m ATDT for tone dialing or ATDP for pulse dialing Example: Configuring a modem This example shows how you can use the New Modem Properties dialog to configure a modem: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Modems, and select New Modem to open the New Modem Properties dialog. 3. On the General page, specify the following alues: a. In the Modem information name text box, specify a meaningful name, such as My New Modem. b. In the Initialization string text box, specify a alue such as ATE0V1&D2&C1\Q3X4. c. In the Reset string text box, specify a alue such as AT&F. d. In the Dial command text box, specify a alue such as ATDT. e. In the Answer command text box, specify a alue such as ATS0=2S7=30. 4. (Optional) Click Additional Parameters to add more initialization commands if necessary. Each line that you add to this dialog is sent to the modem and followed by a carriage return. a. Click Add to open the Add Modem Parameters dialog. b. In the Name text box, specify a meaningful name, such as Modem Connect Speed. c. In the Command text box, specify a command or command with a default alue such as ATS60=33600. Each line that you add is sent to the modem and followed by a carriage return. d. Click OK that is on the Add Modem Parameters dialog to close it. 5. Click OK that is on the Additional Parameters page. The additional parameters are sent to configure the modem each time the point-to-point profile is started. To update the parameters list: To add a alue to an existing modem command that has no default alue, double-click an existing modem command. To change (replace) an existing modem command default alue, you must first add a corrected command and alue to the list and delete the old one. 1. Select the command you want to replace and click Add. 32 AS/400e: Networking PPP connections

2. Add the new command information. The new command appears immediately after the command that you want to replace. 3. Select the name of the command that you want to replace and click Remoe. 4. Use the Moe up and Moe down buttons if the order of the commands is important for your modem. Chapter 5. Configuring your modem for PPP 33

34 AS/400e: Networking PPP connections

Chapter 6. Configuring your ISDN terminal adapter ISDN proides you with a digital connection, which also allows you to communicate by using any combination of oice, data, and ideo, among other multimedia applications. For more detailed information about ISDN serice on AS/400, see ISDN on AS/400. Verify that you are using a terminal adapter that is rated for use on AS/400: To determine the best terminal adapter to use, check the ISDN terminal adapter recommendations. Various ISDN terminal adapters hae been tested, and brief ealuations can be found in ISDN terminal adapters restrictions. Reiew the Courier I ISDN properties to determine which properties you need to change for your terminal adapter. To configure your terminal adapter, complete these steps: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Modems, and select New Modem. 3. From the New Modem Properties dialog, complete the options that are on the General page. 4. Click the ISDN Parameters tab. When you choose ISDN terminal adapter as the communications deice, the Additional Parameters tab changes to the ISDN Parameters. 5. Add or change ISDN properties in the ISDN Parameters dialog to match the properties required by your terminal adapter. Reiew the example Configuring an ISDN terminal adapter for sample procedures that use Operations Naigator. ISDN terminal adapter recommendations The recommended external ISDN terminal adapter, or ISDN modem, is the 3Com/U.S. Robotics Courier I ISDN V.35. It supports V.34 analog modem connections, V.90 (X2), and multilink PPP oer ISDN in both origination and answer modes on AS/400. It also automatically supports Challenge Handshake Authentication Protocol (CHAP) oer the ISDN PPP connection in the following manner: For connections originated by AS/400. CHAP challenges that originate from the answer side are answered by the Courier I terminal adapter, while negotiating Password Authentication Protocol (PAP) authentication with AS/400. PAP responses do not appear on the ISDN connection. For connections answered by AS/400. The Courier I requires CHAP authentication by the origination side if the AS/400 answer configuration causes AS/400 to open authentication with a CHAP challenge. If AS/400 opens authentication with PAP, the Courier I terminal adapter authenticates with PAP. If you are using a pre-1999 Courier I modem: To get the best performance from your ISDN connection, erify that the Courier I modem is connected to your AS/400 by a V.35 cable. An RS-232 to V.35 modem Copyright IBM Corp. 1998, 2000 35

cable is supplied with the Courier I modem; howeer, older ersions of this cable hae the wrong gender V.35 connector. Contact 3Com/US Robotics Customer Support for a replacement. You can also obtain a V.35 to RS-232 adapter from Black Box Corporation. The part number is FA-058. Be sure to set the V.35 line speed on AS/400 for 230.4 Kbps. ISDN terminal adapter restrictions The following terminal adapters hae been ealuated and are recommended only for the origination of ISDN remote connections to AS/400. 3Com Impact IQ ISDN: This terminal adapter is not recommended for AS/400 for the following reasons: The terminal adapter does not support V.34 analog modem connections, but may do so using the external RJ-11 connection. The terminal adapter does not currently support V.90 connections. The terminal adapter may not connect to AS/400 at speeds greater than 115200 bps. The terminal adapter does not automatically support Challenge Handshake Authentication Protocol (CHAP). Howeer, setting S84=0 allows the AS/400 CHAP authentication to be performed. The AS/400 is unable to determine when the connection ends when monitoring the Data Set Ready signal from the terminal adapter. This results in a potential system security exposure. Motorola BitSurfr Pro ISDN: This terminal adapter is not recommended for AS/400 for the following reasons: The terminal adapter does not support V.34 analog modem connections, but may do so using the external RJ-11 connection. The terminal adapter does not currently support V.90 connections. The terminal adapter may not connect to AS/400 at speeds greater than 115200 bps. The terminal adapter does not automatically support CHAP authentication. Howeer, setting @M2=C allows AS/400 CHAP authentication to be performed. The terminal adapter does not automatically permit answering both single-link and multilink PPP calls. The remote origination terminal adapter must be set to the same protocol (single-link or multilink) as the answering terminal adapter. The AS/400 hardware flow control mechanism does not work well with this terminal adapter, resulting in degraded performance when AS/400 is sending data on a multilink PPP connection. ISDN properties for Courier I terminal adapter These properties are automatically included with any connection profile for a line that uses the Courier I terminal adapter. Consult the appropriate documentation for your terminal adapter for information on the names and commands that you need to change or add when you configure your terminal adapter. Some commands do not hae alues associated with them. 36 AS/400e: Networking PPP connections

Name Voice TEI autodetect Data TEI autodetect ISDN switch type AT&T 5ESS Custom = 0 Nor Tel DMS-100 =1 National ISDN-1 = 2 National ISDN-2 = 3 Voice channel DN Voice channel SPID Data channel DN Data channel SPID Reset modem No Op for OK response Disable miscellaneous ISDN configuration Enable ISDN uniersal connect Enable Asynchronous-Synchronous PPP Modem/FAX oice channel Sae settings U I/F actie state probe Command AT*T1=0 AT*T2=0 AT*W= AT*P1= AT*S1= AT*P2= AT*S2= ATZ! ATS0=0 ATS67=0 ATS68=0 AT*V2=5 AT*V1=0 AT&W ATD# Example: Configuring an ISDN terminal adapter The following example shows how you can configure an ISDN terminal adapter: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point. 2. Right-click Modems, and select New Modem to open the New Modem Properties dialog. 3. On the General page, specify the following alues: a. In the Modem information name text box, specify a meaningful name, such as My New ISDN Modem. b. For Communications deice, select ISDN terminal adapter. c. In the Initialization string text box, specify a alue such as ATE0V1&D2&C1\Q3X4. d. In the Reset string text box, specify a alue such as AT&F. e. In the Dial command text box, specify a alue such as ATD. f. In the Answer command text box, specify a alue such as ATS0=2S7=30. 4. Click the ISDN Parameters tab to add additional information. For ISDN terminal adapters, the commands and parameters in this list are sent to the terminal adapter only for the following conditions: When commands or parameters in the list are either changed or added As a result of certain error recoery actions that AS/400 may perform Consequently, these commands should include and be limited to the following: Chapter 6. Configuring your ISDN terminal adapter 37

Setting the ISDN switch type and ersion that is proided by the local telephone company Setting the directory numbers and the serice profile identifiers (SPIDs) that are proided by the local telephone company Setting the Terminal Entry IDs (TEIs) that may be proided by the local telephone company Setting B channel protocol (asynchronous-to-synchronous PPP) Enabling dynamic bandwidth allocation for automatic assignment of the oice channel to data, when aailable Enabling multilink PPP connections Other modem settings that hae ariable length parameters that require a carriage return to indicate the parameter length Saing and actiating the new settings so they are restored after either resetting them or powering off the system. The U interface actie state probe command (ATDx), which allows AS/400 to determine when synchronization with the ISDN central office switch has been achieed. The x can be any of the digits that are allowed for a phone number, including # and *. 5. Click Add to open the Add Modem Parameters dialog. You can now add a modem command with or without an associated parameter and a brief description to the command list. Any commands that you specify without an associated parameter may be assigned a parameter when the modem is associated with a line description. a. In the Name text box, specify a meaningful name like ISDN switch type or Enable Multilink PPP. b. In the Command text box, specify a command or command and a default alue such as ATS50=3 or ATS60=1. Each line that you add here is sent to the modem and followed by a carriage return. c. Click OK that is on the Add ISDN Parameters dialog to close it. 6. Click OK that is on the ISDN Parameters page. The ISDN parameters are sent to configure the terminal adapter the next time the point-to-point profile is started and wheneer certain error recoery is processed. To update the parameters list: To add a alue to an existing terminal adapter command that has no default alue, double-click an existing terminal adapter command name. To change (replace) an existing terminal adapter command default alue, you must first add a corrected command and alue to the list and delete the old one. 1. Select the command you want to replace and click Add. 2. Add the new command information. The new command appears immediately after the command you want to replace. 3. Select the name of the command that you want to replace and click Remoe. 4. Use the Moe up and Moe down buttons if the order of the commands is important for your terminal adapter. 38 AS/400e: Networking PPP connections

Chapter 7. Managing your PPP connections This page explains how to iew a connection profile and a session log by using Operations Naigator. About PPP connection jobs: PPP multiple-connection jobs use QTPPPCTL under the QTCP user name. There are two types of multi-connection job names: QTPPPSSN jobs use the ISDN integrated adapter. QTPPPL2SSN jobs handle irtual PPP data after the QTPPPL2TP job successfully negotiates an L2TP connection. PPP single connection jobs run in the QSYSWRK subsystem under the QTCP user name. There are two types of PPP job names: QTPPDIALnn are dial-out jobs where nn is any number from 1 to 99. QTPPANSnn are dial-in jobs where nn is any number from 1 to 99. Viewing a connection profile: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point > Connection Profiles. 2. In the Profile column, right-click any connection profile name, and select one of the following options: Jobs opens the job log for QTPPPxxx jobs. Connections opens a dialog to display information about a connection including local and remote IP addresses. Properties opens the Property pages to display current properties for a connection. Viewing a session log: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point > Connection Profiles. 2. In the Profile column, right-click any connection profile name that has an Ended or Actie status, and select Jobs to display the job log. 3. From the job log, right-click a job name, and select Printer output. 4. In the Output name column, double-click the connection profile name to display the session log. To iew QTPPCTL and QTPPPL2TP job logs from the AS/400 command line, follow these steps: Type WRKACTJOB JOB(QTPPP*) at the AS/400 command line. Select option 5 (Work with jobs). Select option 10 (Display job log). Viewing connection status: 1. In Operations Naigator, expand your AS/400 serer > Network > Point-to-Point > Connection Profiles. 2. Find your connection profile in the list and reiew the Status column. The table below lists some of the status descriptions. Copyright IBM Corp. 1998, 2000 39

Status description Waiting for incoming call Connecting Actie/Actie connections Inactie Ended Session ended job log pending Message pending Error - information aailable Session error Explanation Serer is ready for a connection Connection has been made and the job is running successfully No jobs are currently running for this connection profile Connection has ended and job information is aailable 40 AS/400e: Networking PPP connections

Chapter 8. Other information about PPP If you need more information about PPP, see this information: Find the latest program temporary fixes (PTFs) and the latest configuration information for PPP and L2TP through the PPP link on the AS/400 TCP/IP home page. The link shows data that adds to and oerrides the information that is contained in the PPP connections topic. Read the chapter about the Point-to-Point protocol in OS/400 TCP/IP Configuration and Reference. This information describes additional PPP scenarios such as Remote LAN access to dynamic routing. Copyright IBM Corp. 1998, 2000 41

42 AS/400e: Networking PPP connections

Printed in U.S.A.