Interested to Buy Any Domain ? << Click Here >> for more details...
Why Authentication Header (AH) is not compatible with the
network that using NAT??????
Jitu, looking for u specially...!!!! U knw why i m looking
for u..!!!
- 1 Answers
- 8136 Views
- I also Faced
- E-Mail Answers
Answer / jitendera sinha
AH is a protocol that provides authentication.
of either all or part of the contents of a datagram.
through the addition of a header that is calculated,
based on the values in the datagram.
What parts of the datagram are used for the calculation,
and the placement of the header, depends on the mode(tunnelor transport)and the version of IP (IPv4 or IPv6).
tunnel or transport-------
tunel
/\
/ \
/ \
tunel transport
| |
| |
protect all data pkt protect only data portion
now why it is not compatible with nat nat is mechanism.
to hide your personal ip sometime theoretically
it is a mechanism to convert private ip to public ip
___________________________________________________________
*******
The IPsec Authentication Header (AH) is a case in point. AH runs the entire IP packet, including invariant header fields like source and destination address, through a message digest algorithm to produce a keyed hash.
This hash is used by the recipient to authenticate the packet.
If any field in the original IP packet is modified, authentication will fail and the recipient will discard the packet. AH is intended to prevent unauthorized modification, source spoofing, and man-in-the-middle attacks. But NAT, by definition, \
modifies IP packets. Ergo, AH + NAT cannot work.
In the nat Ip filed is modified so some time Ah is not compatible with nat i am again saying SOME time.
Thanku
Hope this will help to understand you the concepts.
Jitendera sinha
| Is This Answer Correct ? | 2 Yes | 0 No |
Identify the order of the 5 step encapsulation? 1. Create the segment 2. Convert the frame to bits 3. Create the packet 4. Create the frame 5. User creates the data A.) 1,2,4,2,5 B.) 2,1,3,4,5 C.) 5,1,3,4,2 D.) 5,3,4,1,2
How does the cut-through switching technique work? A.) By using broadcast address as source addresses B.) The switch waits only for the header to be received before it checks the destination address and starts forwarding the packets C.) The LAN switch copies the entire frame into its onboard buffers and then looks up the destination address in its forwarding, or switching, table and determines the outgoing interface D.) By using a Class I repeater in a collision domain
If line up, but protocol down which layer should be troubleshot?
Identify the type of hardware required to connect a Token ring network to an Ethernet network? A.) Repeater B.) TR-Enet C.) Router D.) Token Ring to Ethernet translation hub
How does OSPF calculate its Metric
any body can send me CCNA voice simulator practice exam software.
Completely describe the steps based on OSI Model, what happens when you enter the address http://google.com in browser?? Summarize the complete steps based on layered OSI approach.
3 Answers Cisco, Intel, TCS, Trimble Navigation,
My question is how windows pc will act as a router? Jitendra understand this question? I again want to ask you is it possibele for windows pc to act like a router
What is the maximum hop count for IP RIP? A.) Infinity B.) 16 C.) 15 D.) 1
Identify the hardware component that stores the bootstrap program? A.) ROM B.) NVRAM C.) Booter load D.) RAM E.) Flash
Which statements are true regarding half duplex? A.) Only works in a point-to-point configuration B.) Allows for transmitting and receiving but not at the same time C.) Allow for transmitting and receiving of data simultaneously D.) Doubles the bandwidth
Identify IPX SAP and it's purpose? A.) Sonet Access Pipe - interface to Sonet ring B.) Service Advertising Protocol - advertise services C.) Server Appletalk Protocol - appletalk directory services D.) Service Access Point - identify upper layer protocols
CCNA 
