I have inherited a mixture of servers where our zPDT zOS proof of technology systems run. The main Linux runs on an x86 Lenovo 3650 rack-mounted server in a remote location with the 1090-L03 dongle. We access a W2K8 Server thru RDP remote desktop connections and run CygWin Server x3270 Terminal. With this terminal window we logon to the Linux server in command line mode to run and control the zPDT zOS environment. The TCPIP configuration between the Linux server and the guest zPDT zOS system that runs on it seems solid enough - both can ping each other ok. I would like to be able to access the zPDT zOS TCPIP for purposes of running a PCOMM 3270 session from the W2K8 Server (we access thru RDP). I believe the Redbook Volume 2 'Scenario 2' best describes the TCPIP configuration I have. I need to configure the W2K8 Server (that runs PCOMM 3270) and the Linux Server so that the PCOMM 3270 session can 'passthru' or 'route' somehow to the zPDT zOS server to access port 23 for TSO.
Would anyone be able to describe how to configure this?

For external connectivity I would suggest using scenario 4 in which a static IP is assigned to the z/OS box(s) and it communicates to the network with its own IP address (and to Linux via the tunnel only). Then the connection is a direct connection from W2K8. If you have a static IP for the z/OS box on the same subnet as Linux (which it may need to be anyway), you can use the create_config.pl script on the samples disk to see what the TCP/IP and VTAM definitions should look like. The caveat is that the suggested changes may need tweaking for your network but so far such alterations have been minor for those that have used it.

It looks like Scenario 3 covers port forwarding of incoming connections, so start there if you want to keep the setup you have more or less. Issues with iptables include port conflicts and problems with products that dynamically assign ports such as FTP and RDz and several others.

Another option for passthru of 3270 connections: the way I have done that is with an SSH tunnel and port forwarding for specific ports like 23->3270. That goes to the local terminal but I think you can forward to other IPs. An SSH tunnel is fine, if a bit clumsy, as long as you know the ports you need in advance and have an account on the Linux box.