<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML
style="DIRECTION: ltr"><HEAD><TITLE>Detecting support for MIP in FWs</TITLE>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3199" name=GENERATOR></HEAD>
<BODY style="DIRECTION: ltr" text=#000000 bgColor=#ffffff>
<DIV dir=ltr align=left><SPAN class=944463514-28112007><FONT face=Arial
color=#0000ff size=2>Section 6.4 describes that a STUN aware fw asked whether it
supports MIP, can indicate so in the response. </FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=944463514-28112007><FONT face=Arial
color=#0000ff size=2>The draft is not about fw discovery, but rather about
detecting whether the fw supports MIP or not. The vendor draft requires the
fw to support MIP.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=944463514-28112007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=944463514-28112007><FONT face=Arial
color=#0000ff size=2>- gabor</FONT></SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> ext Yaron Sheffer
[mailto:yaronf@checkpoint.com] <BR><B>Sent:</B> Wednesday, November 28, 2007
2:34 AM<BR><B>To:</B> Bajko Gabor (Nokia-SIR/MtView)<BR><B>Cc:</B>
mip6-firewall@zeke.ecotroph.net<BR><B>Subject:</B> Re: [Mip6-firewall] Detecting
support for MIP in FWs<BR></FONT><BR></DIV>
<DIV></DIV>
<P style="MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0cm">In fact Sec. 4.1 of that draft
only discovers one or more NAT boxes, and Sec. 4.2 discovers firewalls that
implement STUN Control, which is useless for general detection of firewalls.</P>
<P style="MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0cm"><BR></P>
<P style="MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0cm"> Yaron</P>
<P style="MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0cm"><BR></P>
<P style="MARGIN-TOP: 0pt; MARGIN-BOTTOM: 0cm"><A class=moz-txt-link-abbreviated
href="mailto:Gabor.Bajko@nokia.com">Gabor.Bajko@nokia.com</A> wrote:<BR></P>
<BLOCKQUOTE
cite=mid:E5E76343C87BB34ABC6C3FDF3B31272701B7191C@daebe103.NOE.Nokia.com
type="cite">
<META content="MS Exchange Server version 6.5.7653.3" name=Generator><!-- Converted from text/rtf format -->
<P><FONT face=Arial size=2>Using </FONT><A
href="http://tools.ietf.org/html/draft-wing-behave-nat-control-stun-usage-03"
moz-do-not-send="true"><U><FONT face=Arial color=#0000ff
size=2>http://tools.ietf.org/html/draft-wing-behave-nat-control-stun-usage-03</FONT></U></A><FONT
face=Arial size=2> a client may discover/detect if the fw supports MIP or not.
It may worth mentioning this in the vendor draft.</FONT></P>
<P><FONT face=Arial size=2>- gabor</FONT> </P><BR><BR>Scanned by Check Point
Total Security Gateway. <BR><BR><PRE wrap=""><HR width="90%" SIZE=4>
_______________________________________________
Mip6-firewall mailing list
<A class=moz-txt-link-abbreviated href="mailto:Mip6-firewall@zeke.ecotroph.net">Mip6-firewall@zeke.ecotroph.net</A>
<A class=moz-txt-link-freetext href="https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall">https://zeke.ecotroph.net/mailman/listinfo/mip6-firewall</A>
</PRE></BLOCKQUOTE></BODY></HTML>