PAM and port-mapping

Discussion in 'Cisco' started by elmar bschorer, Feb 22, 2005.

  1. hi list,

    i have read about PAM. My book says, that PAM is used for
    port-to-application mapping.
    eg. remote ---> 22:router:100 ---> host:100

    o.k.! there are only listed the following services:
    ENIGMA(config)#ip port-map ?
    cuseeme CUSeeMe Protocol
    dns Domain Name Server
    exec Remote Process Execution
    finger Finger
    ftp File Transfer Protocol
    gopher Gopher
    gtpv0 GPRS Tunneling Protocol Version 0
    gtpv1 GPRS Tunneling Protocol Version 1
    h323 H.323 Protocol (e.g, MS NetMeeting, Intel Video Phone)
    http Hypertext Transfer Protocol
    https Secure Hypertext Transfer Protocol
    imap Internet Message Access Protocol
    kerberos Kerberos
    ldap Lightweight Directory Access Protocol
    login Remote login
    lotusnote Lotus Note
    mgcp Media Gateway Control Protocol
    ms-sql Microsoft SQL
    msrpc Microsoft Remote Procedure Call
    netshow Microsoft NetShow
    nfs Network File System
    nntp Network News Transfer Protocol
    pop2 Post Office Protocol - Version 2
    pop3 Post Office Protocol - Version 3
    realmedia RealNetwork's Realmedia Protocol
    rtsp Real Time Streaming Protocol
    sap SAP
    shell Remote command
    sip Session Initiation Protocol
    skinny Skinny Client Control Protocol
    smtp Simple Mail Transfer Protocol
    snmp Simple Network Management Protocol
    sql-net SQL-NET
    streamworks StreamWorks Protocol
    sunrpc SUN Remote Procedure Call
    sybase-sql Sybase SQL
    tacacs Login Host Protocol (TACACS)
    telnet Telnet
    tftp Trivial File Transfer Protocol
    vdolive VDOLive Protocol

    what about the other ca. 60000 Ports? i assume that PAM is the wrong tool
    for PAT, isn`t it? If so, why does PAM exist? what is the advantage of
    using PAM?
    questions over questions :)

    tia for your help

    greets
    elmar
    elmar bschorer, Feb 22, 2005
    #1
    1. Advertising

  2. > what about the other ca. 60000 Ports? i assume that PAM is the wrong tool
    > for PAT, isn`t it? If so, why does PAM exist? what is the advantage of
    > using PAM?


    PAM is complementary to PAT. PAT will do assorted "fixup" hacks to all of
    the protocols that you listed above. This fixupo is needed when doing a
    many-to-one translation since each of those protocol embed the IP address or
    port information inside the packet or behave in some other PAT unfriendly
    way.

    The "cue" to activate the fixup is the port number.

    If you run a service needing fixup on a port ofther than its well known
    port, the PAT fixup hacks are not activated.

    PAM tells the router that you are running a PAT unfriendly service on a
    nonstandard port. Hance, only protocols for which the device does fixup are
    listed.
    Phillip Remaker, Feb 24, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kevin
    Replies:
    4
    Views:
    4,827
    Martin Gallagher
    Nov 28, 2003
  2. Re: Welcome back PAM!

    , Dec 12, 2003, in forum: Digital Photography
    Replies:
    2
    Views:
    290
    Betty Swallocks
    Dec 14, 2003
  3. sonof3m
    Replies:
    0
    Views:
    1,527
    sonof3m
    Apr 14, 2005
  4. Krzysztof

    ActiveDirectory i PAM

    Krzysztof, Jul 24, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    864
    Krzysztof
    Jul 24, 2003
  5. Cmdr. I. V. Zahner
    Replies:
    1
    Views:
    436
    thanatoid
    Dec 12, 2007
Loading...

Share This Page