Recieving Data from VPN

[Kevin Crist]

We are trying to set up a connection to recieve data from an outside source through vpn. We are sending a few things out from vpn but never recieved, other than acks i guess. We are having problems recieving the message, the outside company says its sending the messages and can see them but we are not recieving them through our vpn. I know that is more of a tech side issue. I am sure many people have recieved data from a vpn, do you set up the thread as a “regular” inbound thread? We are using protocal:pdl-tcpip with PDL:mlp_tcp.pdl.   Set up as client with the hosts ip address and port. Which is our normal inbound thread setup. Is thier anything we should do different? We are kind of reaching and want to cover all basis.

Topic

[Max Drown (Infor)]

Yup. Set it up as a normal interface. The problems with VPN connections are usually related to the networking and firewalls.

-- Max Drown (Infor)

[Michael Hertel]

Quote:

Set up as client with the hosts ip address and port. Which is our normal inbound thread setup

If this is a receiver, you should be set up as a server without host ip information.

[Steven Lindsey]

I work with Kevin and they sent me an email asking if our application can receive MLLP traffic? If so what setting would I need to change or set?

[Jim Kosloskey]

Steve,

On the thread configuration, select the pdl-tcpip Protocol; then in that protocol’s properties select mlp_tcp as the pdl to use.

Don’t forget to send and acknowledgment as it appears you are acting as the server.

email: jim.kosloskey@jim-kosloskey.com 29+ years Cloverleaf, 59 years IT - old fart.

[Steven Lindsey]

It looks like all my setting are right.  As anyone else ever use MediMoblie?  This is the company that I’m working with and having tons of issues.

[Max Drown (Infor)]

By the way, the Secure Courier program available from Healthvision is very helpful for working with applications outside of the network/firewall.

-- Max Drown (Infor)

[Anand Raghavan]

BTW,  we ran into a problem with interfaces via VPN.  If there is little or no traffic for extended periods of time, the VPN used to time out and disconnect.

We run Cloverleaf 5.6 under AIX 5.3

There is a limits file called /etc/security/limits owned by “root”.  

We had get our UNIX admin to adjust the tcp_keepidle parameter

For example:

the default value in the file was

tcp_keepidle=14400

This parameter is measured in half seconds.

We reduced it to 600 (5 minutes).   So, every five minutes the OS would send a keep alive packet to maintain a persistent connection

Hope this helps out someone.

-Anand

[Robert Milfajt]

This will help me, coming up.  This type of thing needs to hit a library of helpful information!

Robert Milfajt
Northwestern Medicine
Chicago, IL

[Robert Gordon]

Your VPN router should have a port routing table, make sure that messages coming from the host ip/port are pointing to your cloverleaf server ip/port address.  Port number mismatches usually do not work and your communication on the VPN should be bi-directional.  Yup some lan guys think that sending data does not require an ack or (confirmation), and remember the recovery_33 tcl procs and the generic ack proc on this site.

[Author]

Replies