Interested to Buy Any Domain ? << Click Here >> for more details...
Why Authentication Header (AH) is not compatible with the
network that using NAT??????
Jitu, looking for u specially...!!!! U knw why i m looking
for u..!!!
- 1 Answers
- 8246 Views
- I also Faced
- E-Mail Answers
Answer / jitendera sinha
AH is a protocol that provides authentication.
of either all or part of the contents of a datagram.
through the addition of a header that is calculated,
based on the values in the datagram.
What parts of the datagram are used for the calculation,
and the placement of the header, depends on the mode(tunnelor transport)and the version of IP (IPv4 or IPv6).
tunnel or transport-------
tunel
/\
/ \
/ \
tunel transport
| |
| |
protect all data pkt protect only data portion
now why it is not compatible with nat nat is mechanism.
to hide your personal ip sometime theoretically
it is a mechanism to convert private ip to public ip
___________________________________________________________
*******
The IPsec Authentication Header (AH) is a case in point. AH runs the entire IP packet, including invariant header fields like source and destination address, through a message digest algorithm to produce a keyed hash.
This hash is used by the recipient to authenticate the packet.
If any field in the original IP packet is modified, authentication will fail and the recipient will discard the packet. AH is intended to prevent unauthorized modification, source spoofing, and man-in-the-middle attacks. But NAT, by definition, \
modifies IP packets. Ergo, AH + NAT cannot work.
In the nat Ip filed is modified so some time Ah is not compatible with nat i am again saying SOME time.
Thanku
Hope this will help to understand you the concepts.
Jitendera sinha
| Is This Answer Correct ? | 2 Yes | 0 No |
2500 Value in which type of access list?
Which layer is responsible for coordinating communication between systems? A.) Application B.) Network C.) Session D.) Transport E.) Physical F.) Data Link
What s the formula for metric of ospf?
You need to come up with a TCP/IP addressing scheme for your company. Which two factors must you consider when you define the subnet mask for the network? A.) The location of DHCP servers B.) The volume of traffic on each subnet C.) The number of subnets on the network D.) The location of the default gateway E.) The number of host IDs on each subnet
Which multicast ip eigrp protocol use?
What are the two types of transmission technology use in ccna?
How would you configure one host name that points to two IP addresses? A. IP host jacob 1.0.0.5 2.0.0.8 B. IP jacob 1.0.0.5 2.0.0.8 C. IP host jacob 1.0.0.5 D. IP host duplicate "all"
Identify the command to reload the router? A.) Router(config)# reload B.) Router# reset C.) Router# reload D.) Router> reload
what's the difference between Symmetric and Asymmetric cryptosystem?
Dear Mr. JITENDERA KUAMR SINHA how are and how is your family? Anyway can u send me your personal email address?
which portecol is faster tcp udp spx
A router on one side of a PPP link uses the resonance RTR1 and the password COPP1-PWD. Which configuration line on RTR1 enables a connection between RTR1 and another router named RTR2? A. username, RTR2 password COPR1-PWD, B. username, RTR1 password COPR1-PWD, C. username, RTR2 password COPR2-PWD, D. username, RTR1 password COPR2-PWD,
CCNA 
