Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: TCP Ports
Special Forums IP Networking TCP Ports Post 3376 by Neo on Saturday 30th of June 2001 12:00:49 AM
Old 06-30-2001
NAT Breaks IPSEC (VPNs)
NAT (Network Address Translation) is not compatible with most VPN technologies. If the VPN is IPSEC based this is certainly the case. Cryptographic systems that use IPSEC (or similar techology) insure the integrity of the IP packet by running cryptographic checksum (kinda) algorithm against the packet. If the packet has changed, it will be dropped.

NAT changes the IP address in the head. This is a violation of the integrity checking mechanism of IPSEC. This is a big problem with NAT. You should consider turning off NAT if you want a clean, not kludgy VPN solution.

If you are not sure of this reply, please post the details of what cryptographic protocols are being used in the VPN tunnel. I can help you if you provide the details on how the tunnel is operating.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

TCP Listening Ports

Hello all, Can someone instruct me on how to change the listening port for ftp ( or any tcp service) from 21 to another port number? Thanks in advance.. -AJ (3 Replies)
Discussion started by: jacobsa
3 Replies

2. UNIX for Dummies Questions & Answers

TCP/UDP Ports

Just starting to work with unix, wondering if there is any good on-line documentation explaining TCP/UDP ports, how to use them, etc... Thanks.... (1 Reply)
Discussion started by: eugene_mayo
1 Replies

3. IP Networking

TCP/UDP Ports

Just wondering if anyone knows of any good on-line documentation on TCP/UDP Ports. Basically i want to know how to check if they are in use, learn how to close them, etc... Thanks... (5 Replies)
Discussion started by: eugene_mayo
5 Replies

4. UNIX for Advanced & Expert Users

TCP ports - TIME_WAIT

What is the maximum number of TCP ports that can be consumed at any one time? How can I determine what the number is or increase it? I was under the impression that with our system (UnixWare 7.1.1) 1024 was the maximum under our current Kernel tuning parms, but I think that is really just... (4 Replies)
Discussion started by: dlkox
4 Replies

5. Windows & DOS: Issues & Discussions

TCP ports and file sharing

In using a music file sharing program (WinMx), I am told that I cannot make a primary connection (fastest downloads) because I do not have a TCP and UDP port. I am running Windows Me.What do I do? Thanks. (6 Replies)
Discussion started by: dookster5
6 Replies

6. UNIX for Advanced & Expert Users

TCP slow access though certain ports

hi, I'm currently running with an issue whereby we are experiencing very poor access speeds to our Informix database. Connections or requests to the DB are taking in excess of 2/3/4 minutes during peek periods during the day. This has only just started to happen but so far we have been unable to... (0 Replies)
Discussion started by: fastyan
0 Replies

7. UNIX for Dummies Questions & Answers

Opening TCP ports

I'm not sure if this is the right place for this post, but I'd be grateful if somebody could please help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i... (2 Replies)
Discussion started by: thehaapyappy
2 Replies

8. IP Networking

problem opening TCP ports

Please can somebody help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT iptables... (5 Replies)
Discussion started by: thehaapyappy
5 Replies

9. Solaris

List TCP ports with process

Hello, One of our developers is asking for a command/script in Solaris similar to "netstat -anp" in Linux. He gave this output as an example: root@xxx:~# netstat -anp | grep LISTEN tcp 0 0 0.0.0.0:7937 0.0.0.0:* LISTEN 16082/nsrexecd tcp 0 ... (7 Replies)
Discussion started by: vimes
7 Replies

10. Shell Programming and Scripting

Sheel Scripting to lock 2 TCP unused ports in solaris and linux

My requirement is I need to write a program in shell scripting to check 2 TCP unused unique port numbers in SOLARIS and I have to lock the same ports so that it will not be used in any other new process and the same port numbers should be used and locked in the LINUX machine to communicate... (2 Replies)
Discussion started by: sreeramr30
2 Replies

LEARN ABOUT DEBIAN

auscope

AUSCOPE(1)						      General Commands Manual							AUSCOPE(1)

NAME

       auscope - Network Audio System Protocol Filter

SYNOPSIS

       auscope [ option ] ...

DESCRIPTION

       auscope	is  an	audio  protocol  filter  that can be used to view the network packets being sent between an audio application and an audio
       server.

       auscope is written in Perl, so you must have Perl installed on your machine in order to run  auscope.   If  your  Perl  executable  is  not
       installed  as  /usr/local/bin/perl,  you should modify the first line of the auscope script to reflect the Perl executable's location.  Or,
       you can invoke auscope as

       perl auscope [ option ] ...

       assuming the Perl executable is in your path.

       To operate, auscope must know the port on which it should listen for audio clients, the name of the desktop  machine  on  which	the  audio
       server  is running and the port to use to connect to the audio server.  Both the output port (server) and input port (client) are automati-
       cally biased by 8000.  The output port defaults to 0 and the input port defaults to 1.

ARGUMENTS

       -i<input-port>
	       Specify the port that auscope will use to take requests from clients.

       -o<output-port>
	       Determines the port that auscope will use to connect to the audio server.

       -h<audio server name>
	       Determines the desktop machine name that auscope will use to find the audio server.

       -v<print-level>
	       Determines the level of printing which auscope will provide.  The print-level can be 0 or 1.  The larger  numbers  provide  greater
	       output detail.

EXAMPLES

       In  the	following  example,  mcxterm is the name of the desktop machine running the audio server, which is connected to the TCP/IP network
       host tcphost.  auscope uses the desktop machine with the -h command line option, will listen for client requests on port 8001  and  connect
       to the audio server on port 8000.

       Ports  (file  descriptors)  on the network host are used to read and write the audio protocol.  The audio client auplay will connect to the
       audio server via the TCP/IP network host tcphost and port 8001:

	      auscope -i1 -o0 -hmcxterm

	      auplay -audio tcp/tcphost:8001 dial.snd

       In the following example, the auscope verbosity is increased to 1, and the audio client autool will connect to the  audio  server  via  the
       network host tcphost, while displaying its graphical interface on another server labmcx:

	      auscope -i1 -o0 -hmcxterm -v1

	      autool -audio tcp/tcphost:8001 -display labmcx:0.0

SEE ALSO

       nas(1), perl(1)

COPYRIGHT

       Copyright 1994 Network Computing Devices, Inc.

AUTHOR

       Greg Renda, Network Computing Devices, Inc.

								       1.9.3								AUSCOPE(1)
All times are GMT -4. The time now is 07:30 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy