Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

RE: NetMeeting with NAT
From: "Robert Graham" <robert_david_graham () yahoo com>
Date: Thu, 16 Nov 2000 18:54:12 -0800

We've been implementing some of the latest multimedia protocols in order to
both pass them through the personal firewall and do IDS on them. Some of
them are truly nasty.

"Stateful" firewalls rarely keep enough state around in order to track the
entire TCP connection, they instead just keep the state around for one or
two packets. Some of the newest protocols require keeping state starting
with the first byte in the connection. VoIP in particular has some nasty
compressed ASN.1 formats that require heavy duty processing in order to
track things correctly, which is far behind the complexity levels of
traditional firewalls.

I believe that packet-based firewalling for outbound clients is going to get
progressively tougher and tougher.


-----Original Message-----
From: firewall-wizards-admin () nfr com
[mailto:firewall-wizards-admin () nfr com]On Behalf Of Justin Laporte
Sent: Wednesday, November 15, 2000 6:55 PM
To: firewall-wizards () nfr com
Subject: [fw-wiz] NetMeeting with NAT

I have encountered problems with trying to get Netmeeting or similar
applications to function with dynamic nat translation on Cisco IOS. Is there
a noted fix for this? I have been told by other engineers in my organization
that it is a noted issues with Cisco, however I have not seen documentation
to resolve this. Any help or direction would be greatly appreciated.

Thanks in advance,

Justin Laporte
Network/Systems Engineer
Independant Consulting

firewall-wizards mailing list
firewall-wizards () nfr com

Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

firewall-wizards mailing list
firewall-wizards () nfr com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]