Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> Cisco Certifications >> CCNA
  2. Suggest New Category

Why Authentication Header (AH) is not compatible with the
network that using NAT??????

Jitu, looking for u specially...!!!! U knw why i m looking
for u..!!!

Question Posted / jitendera sinha

Answer Posted / jitendera sinha

AH is a protocol that provides authentication.
of either all or part of the contents of a datagram.
through the addition of a header that is calculated,
based on the values in the datagram.
What parts of the datagram are used for the calculation,
and the placement of the header, depends on the mode(tunnelor transport)and the version of IP (IPv4 or IPv6).
tunnel or transport-------
tunel
/\
/ \
/ \
tunel transport
| |
| |
protect all data pkt protect only data portion
now why it is not compatible with nat nat is mechanism.
to hide your personal ip sometime theoretically
it is a mechanism to convert private ip to public ip

___________________________________________________________
*******
The IPsec Authentication Header (AH) is a case in point. AH runs the entire IP packet, including invariant header fields like source and destination address, through a message digest algorithm to produce a keyed hash.
This hash is used by the recipient to authenticate the packet.
If any field in the original IP packet is modified, authentication will fail and the recipient will discard the packet. AH is intended to prevent unauthorized modification, source spoofing, and man-in-the-middle attacks. But NAT, by definition, \
modifies IP packets. Ergo, AH + NAT cannot work.

In the nat Ip filed is modified so some time Ah is not compatible with nat i am again saying SOME time.


Thanku
Hope this will help to understand you the concepts.

Jitendera sinha

Is This Answer Correct ?    2 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

How many types of data?

1136

How many types of ethernet?

1131

Which type of transmission bus topology support?

1263

Can you explain the broader steps of how L2F establishes the tunnel?

2090

Mention what is the matric of eigrp protocol?

1314

What is a Window in networking terms?

1270

Which protocol supenetting is enable by default?

1124

What are the ranges for the private ips?

1127

Define autonomous system (as)?

1284

Why is distributed processing useful?

1241

Can you give an overview of various components in IPSec?

2517

What is the mau?

1146

What is the name of algorithm of eigrp protocol?

1280

Which layer are called upper layer?

1199

Tell me which protocol works only on cisco routers?

1164