Interface Connectivity Worksheet (Supplemental)
Transcription
Interface Connectivity Worksheet (Supplemental)
Interface Connectivity Worksheet (Supplemental) Socket (MLLP) over SSH Socket (MLLP) over VPN FTP over VPN Version 2.2 Athenahealth Confidential. Do not redistribute without permission. Socket'(MLLP)'over'SSH'Connec0vity'Worksheet' athena&interface&server& logs&into&SSH&server&at&client& Your&local&network& E'(creden;als)& Vendor& System& F'(ip)& G'(port)& C'(ip)& H'(port)& SSH& Server& Vendor’s&app&server&talks& internally&to&SSH&server& athena&network& A&(ip)& B'(port)& Internet& SSH&tunnel&creates&secure& communica;on&path& Interface& Server& IP:&208.78.140.30& (or)& IP:&208.78.143.130& Client'setup'informa0on' A:&public&IP&address&of&SSH&server*& ________________________& B:&public&port&of&SSH&server&(22)& ________________________& E:&SSH&username/password& ________________________& C:&internal&IP&address&of&SSH&server& F:&internal&IP&address&of&app&server& H:&internal&port&for&SSH&server& G:&internal&port&for&app&server& ________________________& ________________________& ________________________& ________________________& A'B'E'required&for&all&SSH&connec;ons& C'F'H'required&for&connec;ons&to&athena& C'F'G'required&for&connec;ons&from&athena& *&If&you&do¬&already&have&an&SSH&server,&athena&suggests&VSHELL,&at&hRp://www.vandyke.com/products/vshell/index.html& Interface&Connec;vity&Worksheet&&–&&page&2 & &&Version&2.2 &&&&&&&&&&&&&&&&&&&&&athenahealth&Confiden;al.&&Do¬&redistribute&without&permission.& VPN'Connec0vity'Guidelines' Your&local&network& Vendor& System& F'(NAT’d&ip)*& P'(local&ip)& G'(port)& VPN& Router& athena&network& A&(ip)& VPN&tunnel& J&(brand/model)& VPN'Requirements' VPN$setup$call$ Your&network’s&VPN&and&NAT&configura;ons& should&be&complete&and&tested&prior&to&the& VPN&setup&call&(see&next&page).&Failure&to& complete&configura;on&prior&to&the&call&will& lead&to&substan;al&delays&in&establishing& connec;vity.& $ NAT$rou1ng$ athenahealth&requires&your&network&to&be& configured&to&NAT&to&either&a&public&IP& address&OR&a&private&IP&address&that&athena& will&provide&in&order&to&avoid&IP&overlaps& within&our&network.&If&you&do¬&have& access&to&network&engineering&resources&to& set&up&a&NAT&or&do¬&wish&to&NAT&your& traffic,&we&recommend&a&standardized& connec;vity&method&rather&than&VPN.& & IKE'Authen0ca0on'Method' PreYshared&keys& IKE'Encryp0on'Algorithm' AES256&*& IKE'Hash'Algorithm' SHA_1&‡& IKE'DiffieNHellman'Group' Group&2& Phase'1'Life0me' 86400& IPSEC'Protocols' ESPYAH& IPSEC'Encryp0on'Algorithm' AES256&*& IPSEC'Integrity'Algorithm' ESP_SHA_HMAC& Perfect'Forward'Secrecy' Disabled& Phase'2'Life0me' 28800& Mode' Tunnel& IP'Payload'Compression' Disabled& Dead'Peer'Detec0on' On& *&3DES&can&be&used&if&AES256&is&unavailable& ‡ &MD5&can&be&used&if&SHA1&is&unavailable& & Interface& Server& Cisco&ASA&5550& IP:&208.78.140.29/32& IP:&208.78.140.250& 208.78.140.30/32& VPN'Gateway'AFributes' Interface&Connec;vity&Worksheet&&–&&page&3 VPN& Router& &&Version&2.2 &&&&&&&&&&&&&&&&&&&&&athenahealth&Confiden;al.&&Do¬&redistribute&without&permission.& Socket'(MLLP)'over'VPN'Connec0vity'Worksheet' Your&local&network& Vendor& System& F'(NAT’d&ip)*& P'(local&ip)& G'(port)& VPN& Router& athena&network& A&(ip)& VPN&tunnel& J&(brand/model)& A:&public&IP&address&of&VPN&gateway& ________________________& J:&VPN&gateway&device&model& ________________________& F:&NAT’d&IP&address&of&app&server& ________________________& P:&Local&IP&address&of&app&server& ________________________& G:&local&port&for&app&server& ________________________& U1:&VPN&administrator’s&name& ________________________& U2:&VPN&administrator’s&email& ________________________& U3:&VPN&administrator’s&phone& ________________________& U4:&Setup&(MYF&at&10am&or&3pm&ET)& ________________________& & Interface& Server& Cisco&ASA&5550& IP:&208.78.140.29/32& IP:&208.78.140.250& 208.78.140.30/32& Client'Setup' Interface&Connec;vity&Worksheet&&–&&page&4 VPN& Router& &&Version&2.2 A'J'F'P'required&for&all&VPN&connec;ons& F&Vendor&system&must&have&a&public&IP&address,&or& NAT’d&address&assigned&by&athena&from&one&of&the& following&pools:& 192.168.241.x&& &10.255.2.x& 192.168.248.x&& &10.255.3.x& 192.168.250.x&& &10.255.4.x& 192.168.251.x& &192.168.253.x& & If&you&REQUIRE&a&specific&range&from&above&(subject& to&availability),&please&specify&–&otherwise&athena& will&select:&&_______________________& G'required&for&connec;ons&from&athena& U1NU3&required&for&;mely&setup&of&VPN&connec;on& U4&Select&a&date/;me&to&exchange&preYshared&secret& and&validate&network&connec;vity&–&Monday&thru& Friday&at&10Y11am&OR&3Y4pm&Eastern&Time.& &&&&&&&&&&&&&&&&&&&&&athenahealth&Confiden;al.&&Do¬&redistribute&without&permission.& FTP'over'VPN'Connec0vity'Worksheet' Your&local&network& FTP& Server& F'(NAT’d&ip)*& P'(local&ip)& VPN& Router& athena&network& A&(ip)& G'(port)& E'(creden;als)& D'(file&path)& J&(brand/model)& VPN&tunnel& A:&public&IP&address&of&VPN&gateway& ________________________& J:&VPN&gateway&device&model& ________________________& F:&NAT’d&IP&address&of&FTP&*& ________________________& P:&Local&IP&address&of&FTP&server& ________________________& G:&local&port&for&app& ________________________& E:&FTP&username/password& ________________________& D:&File&path&to&final&FTP&directory& ________________________& U1:&VPN&administrator’s&name& U2:&VPN&administrator’s&email& U3:&VPN&administrator’s&phone& U4:&Setup&(MYF&at&10am&or&3pm&ET)& ________________________& ________________________& ________________________& ________________________& & Interface& Server& Cisco&ASA&5550& IP:&208.78.140.29/32& IP:&208.78.140.250& 208.78.140.30/32& Client'Setup' Interface&Connec;vity&Worksheet&&–&&page&5 VPN& Router& &&Version&2.2 A'J'F'P'required&for&all&VPN&connec;ons& F&The&FTP&server&must&have&a&public&IP&address,&or& NAT’d&address&assigned&by&athena&from&one&of&the& following&pools:& 192.168.241.x&& &10.255.2.x& 192.168.248.x&& &10.255.3.x& 192.168.250.x&& &10.255.4.x& 192.168.251.x& &192.168.253.x& & If&you&REQUIRE&a&specific&range&from&above&(subject& to&availability),&please&specify&–&otherwise&athena& will&select:&&_______________________& G'E'D'required&for&FTP&connec;ons&to/from&athena& U1NU3&required&for&;mely&setup&of&VPN&connec;on& U4&Select&a&date/;me&to&exchange&preYshared&secret& and&validate&network&connec;vity&–&Monday&thru& Friday&at&10Y11am&OR&3Y4pm&Eastern&Time.& &&&&&&&&&&&&&&&&&&&&&athenahealth&Confiden;al.&&Do¬&redistribute&without&permission.&