[SunHELP] Re:command info

Chanaka Mendis sunhelp at sunhelp.org
Thu Mar 8 11:00:27 CST 2001


Sheshagiri Padmanabha Rao wrote:

> Hi
>
>   I want to know the command which gives the configuration of the
> ethernetcard. for e.g.:: speed  i.e. 10mbps or 10/100mbps, mode :  simplex ,
> half duplex etc.
> The m/c in which i want to know the conf is used as router & i cant restart.
> the system is I386 pentium 2. with solaris 2.6 Os.
> shesh
> -----Original Message-----
> From: sunhelp-request at sunhelp.org <sunhelp-request at sunhelp.org>
> To: sunhelp at sunhelp.org <sunhelp at sunhelp.org>
> Date: Thursday, March 08, 2001 5:37 AM
> Subject: SunHELP digest, Vol 1 #874 - 16 msgs
>
> >Send SunHELP mailing list submissions to
> > sunhelp at sunhelp.org
> >
> >To subscribe or unsubscribe via the World Wide Web, visit
> > http://www.sunhelp.org/mailman/listinfo/sunhelp
> >or, via email, send a message with subject or body 'help' to
> > sunhelp-request at sunhelp.org
> >
> >You can reach the person managing the list at
> > sunhelp-admin at sunhelp.org
> >
> >When replying, please edit your Subject line so it is more specific
> >than "Re: Contents of SunHELP digest..."
> >
> >
> >Today's Topics:
> >
> >   1. Re: more handspring questions (Dale Ghent)
> >   2. Re: IPSec and firewalls (Big Endian)
> >   3. RE: Remote copy (Kovalev, Ivan)
> >   4. RE: Accessing from windows network (Anthony Barnes)
> >   5. WTD (UK): Sun Pizzabox case with PSU  (to fit SS5) (Ian Chilton)
> >   6. RE: Accessing from windows network (Wolfgang Engelien)
> >   7. uptime (Vivas Inga, Yovana Mery)
> >   8. rdate error message (william.x.ng at verizon.com)
> >   9. Re: more handspring questions (-Mark-)
> >  10. RE: slow telnet (Jon Still)
> >  11. RE: IPSec and firewalls (Jon Still)
> >  12. Need help with 8MM tape drive (me me)
> >  13. Disaster Recovery in SUN (Balaji srinivasan)
> >  14. Re: rdate error message (Doug McLaren)
> >  15. RE: uptime (Kovalev, Ivan)
> >  16. RE: IPSec and firewalls (blake.r.matheny at mail.sprint.com)
> >
> >--__--__--
> >
> >Message: 1
> >Date: Wed, 7 Mar 2001 12:55:18 -0500 (EST)
> >From: Dale Ghent <daleg at elemental.org>
> >To: sunhelp at sunhelp.org
> >Subject: Re: [SunHELP] more handspring questions
> >Reply-To: sunhelp at sunhelp.org
> >
> >On Wed, 7 Mar 2001, Brian Hechinger wrote:
> >
> >| i bet you guys wish i had never gotten this thing. :)
> >|
> >| ok, i'm looking for Quicken like financial software for my handspring.  i
> would
> >| prefer (and again, i know this is a long shot) software that either does
> it all
> >| or has a "home" package that runs on solaris.  does such a thing exist?
> if not
> >| maybe it's time for a project, judging from the extremely large amount of
> very
> >| crappy "script-kiddy" software available for the palmOS i'm assuming this
> thing
> >| can't be very hard to write software for, and i'm a somewhat competant C
> >| programmer (i've mastered the art of writing bugs)
> >
> >I think you're better off asking this in a Handsprin/Palm-related mailing
> >list.
> >
> >/dale
> >
> >
> >--__--__--
> >
> >Message: 2
> >Date: Wed, 7 Mar 2001 11:17:39 -0500
> >To: sunhelp at sunhelp.org
> >From: Big Endian <bigendian at mac.com>
> >Subject: Re: [SunHELP] IPSec and firewalls
> >Reply-To: sunhelp at sunhelp.org
> >
> >>the current VPN at work does not allow me to get my job done from home. i
> have
> >>gotten the go ahead from work to setup an IPSec tunnel with the
> understanding
> >>that they will not modify their firewall at all.  so, is this possible
> given
> >>the following setup:
> >>
> >>Solaris 8 machine at work, has complete access to the internet, does not
> exist
> >>on the internet, behind a firewall and NAT.
> >>
> >>Solaris 8 machine at home, sits behind an IPFILTER firewall/NAT box that i
> can
> >>configure any way i please (without comprimising security of course)
> >>
> >>i don't know a whole lot about IPSec, so, is it possible to have the
> machine
> >>at work initiate the tunnel so that it can get out of the firewall and
> connect
> >>to my home machine?  on what port would it be connecting to so i can allow
> >>a connection to that port and redirect it to the correct machine at home.
> >>
> >>thanks!!!!
> >>
> >>-brian
> >>_______________________________________________
> >>SunHELP maillist  -  SunHELP at sunhelp.org
> >>http://www.sunhelp.org/mailman/listinfo/sunhelp
> >
> >I use freeS/WAN (www.freeswan.org) here at the office as a vpn
> >between our office and our hosting center.  FreeS/WAN is a patch to
> >the linux kernel that implements IPSec in kernel space.
> >
> >IPSec and NAT are ALMOST mutually incompatible.  IPSec IKE (Internet
> >Key Exchange) is on UDP/500 but that is only half the issue.  The
> >actually "tunnel" is actually an extra route that has to be added via
> >the new ipsecX interface.  The packets going out of the ipsec
> >interface are encapsulated in an ip packet with a few options.  The
> >two major parts of IPSec are encryption and authentication.  The
> >encryption is done via ESP and the authentication can be done via AH
> >or ESP.  The encryption portion of ESP works OK with NAT however the
> >authentication is md5 or sha1 signed portions of the packet's IP
> >header.  This means that when the NAT host modifies your packets the
> >recieving host's authentication systems will reject them.  I'm not
> >sure about solaris 8 IPSec or even the various firewalling sofware
> >you're using.  If you're not a network person then I DON"T recommend
> >the IETF docs.  hope this helps.
> >
> >Daniel Mayfield
> >
> >--__--__--
> >
> >Message: 3
> >From: "Kovalev, Ivan" <IKovalev at ibes.com>
> >To: "'sunhelp at sunhelp.org'" <sunhelp at sunhelp.org>
> >Subject: RE: [SunHELP] Remote copy
> >Date: Wed, 7 Mar 2001 11:25:26 -0500
> >Reply-To: sunhelp at sunhelp.org
> >
> >Only .rhosts file is a matter ( I assume you want to do user level
> >equivalency, otherwise you should do hosts.equiv - not recommended). The
> >entry in .rhosts should be fully qualified host name (you might need to
> >check your /etc/hosts for that matter), otherwise you will get these
> >messages.
> >
> >CNSOLE line in /etc/default/login will allow remote root login if it is
> >commented out (not recommended), otherwise root will be allowed to login
> >only on device to which console is pointing to.
> >
> >All of the above is for Solaris, but I am pretty sure it is the same for
> >other flavors.
> >
> >Ivan
> >
> >-----Original Message-----
> >From: Lund, Dennis [mailto:Dennis.Lund at sciatl.com]
> >Sent: Wednesday, March 07, 2001 8:33 AM
> >To: 'sunhelp at sunhelp.org'
> >Subject: RE: [SunHELP] Remote copy
> >
> >
> >
> >Not sure about IRIX, but in Solaris I think in addition to the
> >.rhosts/hosts.equiv
> >entries you should also comment the "CONSOLE" line in /etc/default/login.
> >
> >If this line is not commented I thing the remote system still expects a
> >password.
> >Someone please correct me if I am not correct on this.
> >
> >Dennis L. Lund
> >
> >-----Original Message-----
> >From: Tope Songonuga [ mailto:tsongonuga at sevenww.co.uk
> ><mailto:tsongonuga at sevenww.co.uk> ]
> >Sent: Wednesday, March 07, 2001 5:06 AM
> >To: sunhelp
> >Subject: [SunHELP] Remote copy
> >
> >
> >Ideas, anyone! I'm a Unix newbie!
> >
> >I am trying to copy files from one server (running IRIX 6.2) to another as
> a
> >
> >backup, using the rcp command, but I keep getting the error message
> >'permission denied', even though I'm doing this as the superuser.
> >
> >I have checked both the .rhosts and hosts.equiv files and they seem ok.
> >
> >Is there anything else I should be looking at here?
> >
> >HELP!
> >
> >Thanks.
> >
> >Tope Songonuga
> >Systems Administrator
> >Seven WW-UK
> >Direct Line: 020 7871 7881
> >Fax: 020 7871 7701
> >Mobile:  07740 913 846
> >
> >_______________________________________________
> >SunHELP maillist  -  SunHELP at sunhelp.org
> >http://www.sunhelp.org/mailman/listinfo/sunhelp
> ><http://www.sunhelp.org/mailman/listinfo/sunhelp>
> >
> >
> >     - - - - - - -  Appended by Scientific-Atlanta, Inc.  - - - - - - -
> >This e-mail and any attachments may contain information which is
> >confidential, proprietary, privileged or otherwise protected by law. The
> >information is solely intended for the named addressee (or a person
> >responsible for delivering it to the addressee). If you are not the
> intended
> >recipient of this message, you are not authorized to read, print, retain,
> >copy or disseminate this message or any part of it. If you have received
> >this e-mail in error, please notify the sender immediately by return e-mail
> >and delete it from your computer.
> >
> >
> >
> >--__--__--
> >
> >Message: 4
> >From: "Anthony Barnes" <tony.barnes at cimlinc.com>
> >To: <sunhelp at sunhelp.org>
> >Subject: RE: [SunHELP] Accessing from windows network
> >Date: Wed, 7 Mar 2001 09:13:01 -0600
> >Reply-To: sunhelp at sunhelp.org
> >
> >If your goal is to use your Ultra-10's as vanilla file servers Samba would
> >be
> >the way to go.  It's a very useful and easy to use application.  You should
> >look into it.
> >
> >Tony Barnes
> >Cimlinc, Inc.
> >
> >
> >-----Original Message-----
> >From: sunhelp-admin at sunhelp.org [mailto:sunhelp-admin at sunhelp.org]On
> >Behalf Of Swamy_CNN at satyam-infoway.com
> >Sent: Wednesday, March 07, 2001 6:35 AM
> >To: sunhelp at sunhelp.org
> >Subject: [SunHELP] Accessing from windows network
> >
> >
> >
> >
> >He,
> >     I have 2 ultra-10's with solaris-7, in a windows network. I can see
> the
> >solaris machine name in "network neighbourhood", if i try to access it's
> >asking
> >for a user name and pass. But it's not allowing with acces for any
> user/pass
> >of
> >the solaris box. I want to use this solaris as some file server, i would
> >like
> >integrate with my NT domain users. How do i do this. I kinow this is
> >possible
> >with samba, but i'm not running any samba on that solaris box. help would
> >appreciated...
> >
> >swamy
> >
> >
> >_______________________________________________
> >SunHELP maillist  -  SunHELP at sunhelp.org
> >http://www.sunhelp.org/mailman/listinfo/sunhelp
> >
> >
> >--__--__--
> >
> >Message: 5
> >Date: Wed, 7 Mar 2001 15:17:39 +0000
> >From: Ian Chilton <ian at ichilton.co.uk>
> >To: rescue at sunhelp.org, sunhelp at sunhelp.org
> >Subject: [SunHELP] WTD (UK): Sun Pizzabox case with PSU  (to fit SS5)
> >Reply-To: sunhelp at sunhelp.org
> >
> >Hello,
> >
> >Due to upgrading, I now have a spare SS5 motherboard with a 70Mhz CPU
> >sat here spare. I would like to make this into a full machine.
> >
> >I am interested in any SS4/5 compatable parts that are going very cheap
> >in the UK, but I am particularly interesting in a case with working
> >PSU.
> >
> >A faulty SparcStation that still powers up would be ideal, if anyone
> >has one.
> >
> >
> >Please drop me a mail off-list at ian at ichilton.co.uk
> >
> >
> >Thanks!
> >
> >
> >Bye for Now,
> >
> >Ian
> >
> >
> >                                  \|||/
> >                                  (o o)
> > /-----------------------------ooO-(_)-Ooo----------------------------\
> > |  Ian Chilton                    E-Mail: ian at ichilton.co.uk         |
> > |  IRC Nick: GadgetMan            Backup: ichilton at www.linux.org.uk  |
> > |  ICQ: 16007717 / 104665842      Web   : http://www.ichilton.co.uk  |
> > |--------------------------------------------------------------------|
> > |       For people who like peace and quiet: a phoneless cord        |
> > \--------------------------------------------------------------------/
> >
> >
> >--__--__--
> >
> >Message: 6
> >Date: Wed, 07 Mar 2001 15:39:41 -0500
> >To: sunhelp at sunhelp.org
> >From: Wolfgang Engelien <wolfgang at hanazono.med.cornell.edu>
> >Subject: RE: [SunHELP] Accessing from windows network
> >Reply-To: sunhelp at sunhelp.org
> >
> >BTW, I have samba 2.0.4b running and would like to get it to a
> >more recent version. Is there a way to have a smooth transition,
> >with a short service interruption in the order of 2-5 minutes?
> >
> >Thanks,
> >Wolfgang
> >>If your goal is to use your Ultra-10's as vanilla file servers Samba would
> >>be
> >>the way to go.  It's a very useful and easy to use application.  You
> should
> >>look into it.
> >>
> >>Tony Barnes
> >>Cimlinc, Inc.
> >>
> >>
> >>-----Original Message-----
> >>From: sunhelp-admin at sunhelp.org [mailto:sunhelp-admin at sunhelp.org]On
> >>Behalf Of Swamy_CNN at satyam-infoway.com
> >>Sent: Wednesday, March 07, 2001 6:35 AM
> >>To: sunhelp at sunhelp.org
> >>Subject: [SunHELP] Accessing from windows network
> >>
> >>
> >>
> >>
> >>He,
> >>     I have 2 ultra-10's with solaris-7, in a windows network. I can see
> the
> >>solaris machine name in "network neighbourhood", if i try to access it's
> >>asking
> >>for a user name and pass. But it's not allowing with acces for any
> user/pass
> >>of
> >>the solaris box. I want to use this solaris as some file server, i would
> >>like
> >>integrate with my NT domain users. How do i do this. I kinow this is
> >>possible
> >>with samba, but i'm not running any samba on that solaris box. help would
> >>appreciated...
> >>
> >>swamy
> >>
> >>
> >>_______________________________________________
> >>SunHELP maillist  -  SunHELP at sunhelp.org
> >>http://www.sunhelp.org/mailman/listinfo/sunhelp
> >>
> >>_______________________________________________
> >>SunHELP maillist  -  SunHELP at sunhelp.org
> >>http://www.sunhelp.org/mailman/listinfo/sunhelp
> >>
> >#####
> ># Wolfgang Engelien
> ># Tel.: +1 (212) 746 3724
> ># Fax.: +1 (212) 746 5818
> ># email: wolfgang at hanazono.med.cornell.edu
> >#####
> >
> >--__--__--
> >
> >Message: 7
> >From: "Vivas Inga, Yovana Mery" <yovana.vivas at attla.com>
> >To: "'sunhelp at sunhelp.org'" <sunhelp at sunhelp.org>
> >Date: Wed, 7 Mar 2001 10:54:38 -0500
> >Subject: [SunHELP] uptime
> >Reply-To: sunhelp at sunhelp.org
> >
> >Hi, can you explain me what exactly means the "average load of jobs y
> queue"
> >when you make: `uptime`
> >hos1% uptime
> > 10:03am  up 8 day(s), 22:53,  4 users,  load average: 0.02, 0.03, 0.03
> >hos1%
> >So how many jobs are really in queue?
> >
> >bye
> >Mery
> >
> >
> >--__--__--
> >
> >Message: 8
> >From: william.x.ng at verizon.com
> >To: sunhelp at sunhelp.org
> >Date: Wed, 7 Mar 2001 15:38:44 -0500
> >Subject: [SunHELP] rdate error message
> >Reply-To: sunhelp at sunhelp.org
> >
> >
> >All,
> >Does anyone know when I tried to rdate <hostname>, I got following error
> >messages:
> >"Sorry, TCP protocol not in protocols database"
> >Does anyone have an idea? They both run at 5.6 and user is root.
> >
> >Thanks
> >William
> >
> >
> >--__--__--
> >
> >Message: 9
> >Date: Wed, 7 Mar 2001 08:02:37 -0800 (PST)
> >From: -Mark- <n2jtw at yahoo.com>
> >Subject: Re: [SunHELP] more handspring questions
> >To: sunhelp at sunhelp.org, wonko at entropy.tmok.com
> >Reply-To: sunhelp at sunhelp.org
> >
> >Quicken make a version called "Pocket Quicken" for the
> >Palm devices.  I have used it and it does what they
> >say, but it didn't fit my needs.
> >
> >Mark
> >
> >--- Brian Hechinger <wonko at entropy.tmok.com> wrote:
> >> i bet you guys wish i had never gotten this thing.
> >> :)
> >>
> >> ok, i'm looking for Quicken like financial software
> >> for my handspring.  i would
> >> prefer (and again, i know this is a long shot)
> >> software that either does it all
> >> or has a "home" package that runs on solaris.  does
> >> such a thing exist? if not
> >> maybe it's time for a project, judging from the
> >> extremely large amount of very
> >> crappy "script-kiddy" software available for the
> >> palmOS i'm assuming this thing
> >> can't be very hard to write software for, and i'm a
> >> somewhat competant C
> >> programmer (i've mastered the art of writing bugs)
> >>
> >> let me know what you guys are familiar with.
> >>
> >> thanks!!
> >>
> >> -brian
> >> _______________________________________________
> >> SunHELP maillist  -  SunHELP at sunhelp.org
> >> http://www.sunhelp.org/mailman/listinfo/sunhelp
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Get email at your own domain with Yahoo! Mail.
> >http://personal.mail.yahoo.com/
> >
> >--__--__--
> >
> >Message: 10
> >From: "Jon Still" <jon at tertial.org>
> >To: <sunhelp at sunhelp.org>
> >Subject: RE: [SunHELP] slow telnet
> >Date: Wed, 7 Mar 2001 16:46:28 -0000
> >Reply-To: sunhelp at sunhelp.org
> >
> >> I am using telnet to access solaris machines over vpn and the response
> time
> >> is not too interactive friendly. I have tried many different telnet
> clients
> >> but recieve the same results. What's really strange is I am using an
> eXceed
> >> 3270 connection to connect to a mainframe and the response time is
> lightning
> >> fast. Looking at the settings, this 3270 connection is also using telnet
> to
> >> connect.
> >
> >You have to remember that telnet itself is a character-by-character
> protocol.
> >Typically, 1 TCP packet is sent per character typed.  OTOH, 3270 terminals
> work
> >in screen-at-a-time mode.  A full page of information is built up on the
> client,
> >and some of the form validation and interactivity is done on the 3270
> terminal,
> >and then the entire page transmitted in 1 fell sweep.  This *could* be a
> cause
> >of your problems.
> >
> >J.
> >
> >--
> >Jon Still                               E-mail: jon at tertial.org
> >System Administrator                    Web:    http://www.tertial.org/
> >tertial.org
> >
> >
> >--__--__--
> >
> >Message: 11
> >From: "Jon Still" <jon at tertial.org>
> >To: <sunhelp at sunhelp.org>
> >Subject: RE: [SunHELP] IPSec and firewalls
> >Date: Wed, 7 Mar 2001 16:46:29 -0000
> >Reply-To: sunhelp at sunhelp.org
> >
> >> i don't know a whole lot about IPSec, so, is it possible to have the
> machine
> >> at work initiate the tunnel so that it can get out of the firewall and
> connect
> >> to my home machine?  on what port would it be connecting to so i can
> allow
> >> a connection to that port and redirect it to the correct machine at home.
> >
> >It's been a while since I touched IPSEC, but ISTR that it uses a totally
> >different IP type (i.e. not TCP nor UDP) called ESP (Encapsulated Payload).
> It
> >will be this that you need to forward at your firewall to your solaris
> machine.
> >As to how you'd go about doing this - I'm afraid I haven't got a clue!
> >
> >I suppose if the IPSEC doesn't work out so good, you could always try the
> PPP
> >over SSH -style kludge.
> >
> >J.
> >
> >--
> >Jon Still                               E-mail: jon at tertial.org
> >System Administrator                    Web:    http://www.tertial.org/
> >tertial.org
> >
> >
> >--__--__--
> >
> >Message: 12
> >From: "me me" <compquestion at hotmail.com>
> >To: sunhelp at sunhelp.org
> >Date: Wed, 07 Mar 2001 21:36:11 -0000
> >Subject: [SunHELP] Need help with 8MM tape drive
> >Reply-To: sunhelp at sunhelp.org
> >
> >Hello all,
> >   I have an internal 8MM tape drive on an E250, running Solaris 7.  I have
> >heard that there is a patch out there tht will increase the backup capacity
> >of the tape unit.  Is this true?  If so, please let me know the patch #.  I
> >know there is a compression option, but I am looking beyond that.
> >   Also, is there a way to get info about the unit form the OS point of
> view
> >(size, capacity, etc...)  TIA.
> >_________________________________________________________________
> >Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> >
> >--__--__--
> >
> >Message: 13
> >Date: Wed, 7 Mar 2001 13:53:53 -0800 (PST)
> >From: Balaji srinivasan <chennai_dude at excite.com>
> >To: sunhelp at sunhelp.org
> >Subject: [SunHELP] Disaster Recovery in SUN
> >Reply-To: sunhelp at sunhelp.org
> >
> >Hi Admins,
> >            Does SUN have any tool that's inbuilt for any disaster
> recovery.
> >Say in AIX you have mksysb(which backsup rootvg) anything in SUN in similar
> >lines.
> >
> >Your valuable feedback and suggestions are welcome.
> >
> >Thanks,
> >Balaji
> >
> >
> >
> >
> >
> >_______________________________________________________
> >Send a cool gift with your E-Card
> >http://www.bluemountain.com/giftcenter/
> >
> >
> >
> >--__--__--
> >
> >Message: 14
> >Date: Wed, 7 Mar 2001 15:57:12 -0600
> >From: Doug McLaren <dougmc at frenzy.com>
> >To: sunhelp at sunhelp.org
> >Subject: Re: [SunHELP] rdate error message
> >Reply-To: sunhelp at sunhelp.org
> >
> >On Wed, Mar 07, 2001 at 03:38:44PM -0500, william.x.ng at verizon.com wrote:
> >
> >| Does anyone know when I tried to rdate <hostname>, I got following error
> >| messages:
> >| "Sorry, TCP protocol not in protocols database"
> >| Does anyone have an idea? They both run at 5.6 and user is root.
> >
> >The error message basically means that it tried to find the protocol
> >number for TCP and failed.
> >
> >This information is located in /etc/protocols, and this file is very
> >rarely touched.
> >
> >If this file is messed up, just about everything that uses the network
> >will stop working (unless they've hardcoded the appropriate values,
> >which is possible.)
> >
> >It's also possible that /etc/nsswitch.conf is telling it to go to NIS
> >for the protocol information and that is what's messed up.
> >
> >You may want to use `truss' on rdate and see exactly what it's
> >accessing to get to this point.
> >
> >--
> >Doug McLaren, dougmc at frenzy.com
> Aaaalllllrightythen!
> >
> >--__--__--
> >
> >Message: 15
> >From: "Kovalev, Ivan" <IKovalev at ibes.com>
> >To: "'sunhelp at sunhelp.org'" <sunhelp at sunhelp.org>
> >Subject: RE: [SunHELP] uptime
> >Date: Wed, 7 Mar 2001 17:09:53 -0500
> >Reply-To: sunhelp at sunhelp.org
> >
> >It is average number of processes (jobs) in a run queue (how many jobs are
> >running now) for 1, 5 and 15 minutes. If you need up to the second
> snapshot,
> >do vmstat 1, watch for first column (ignore first line). This number
> >shouldn't go higher then 4-5 jobs per CPU.
> >
> >Looking at your output, you had 2/100 of a job for last minute. That means
> >your machine is doing nothing and for about 50 minutes you will see all 0's
> >in run queue.
> >
> >-----Original Message-----
> >From: Vivas Inga, Yovana Mery [mailto:yovana.vivas at attla.com]
> >Sent: Wednesday, March 07, 2001 10:55 AM
> >To: 'sunhelp at sunhelp.org'
> >Subject: [SunHELP] uptime
> >
> >
> >Hi, can you explain me what exactly means the "average load of jobs y
> queue"
> >when you make: `uptime`
> >hos1% uptime
> > 10:03am  up 8 day(s), 22:53,  4 users,  load average: 0.02, 0.03, 0.03
> >hos1%
> >So how many jobs are really in queue?
> >
> >bye
> >Mery
> >
> >_______________________________________________
> >SunHELP maillist  -  SunHELP at sunhelp.org
> >http://www.sunhelp.org/mailman/listinfo/sunhelp
> >
> >--__--__--
> >
> >Message: 16
> >From: blake.r.matheny at mail.sprint.com
> >Date: Wed, 7 Mar 2001 16:18:38 -0600
> >Subject: RE: [SunHELP] IPSec and firewalls
> >TO: sunhelp at sunhelp.org
> >Reply-To: sunhelp at sunhelp.org
> >
> >
> >--openmail-part-3829fb60-00000001
> >Content-Type: text/plain; charset=US-ASCII
> >Content-Disposition: inline
> > ;Creation-Date="Wed, 7 Mar 2001 16:18:38 -0600"
> >Content-Transfer-Encoding: 7bit
> >
> >There is a possibility. As far as I know as long as the client is only
> >using ESP (rfc 2406) you should be fine. If the client is using AH (rfc
> >2402) it can't work because AH guarantees packet integrity, using NAT
> >in this configuration breaks it. I'm still not convinced it will work,
> >because without being able to modify the firewall at all you can not
> >set up NAPT so ESP shouldn't work either. I would say NO, but I can't
> >think of a 100% way that it wouldn't work.
> >-Blake
> >
> >-----Original Message-----
> >From: jon [mailto:jon at tertial.org]
> >Sent: Wednesday, March 07, 2001 10:46 AM
> >To: sunhelp
> >Cc: jon
> >Subject: RE: [SunHELP] IPSec and firewalls
> >
> >
> >> i don't know a whole lot about IPSec, so, is it possible to have the
> >machine
> >> at work initiate the tunnel so that it can get out of the firewall
> >and connect
> >> to my home machine?  on what port would it be connecting to so i can
> >allow
> >> a connection to that port and redirect it to the correct machine at
> >home.
> >
> >It's been a while since I touched IPSEC, but ISTR that it uses a totally
> >different IP type (i.e. not TCP nor UDP) called ESP (Encapsulated
> >Payload).  It
> >will be this that you need to forward at your firewall to your solaris
> >machine.
> >As to how you'd go about doing this - I'm afraid I haven't got a clue!
> >
> >I suppose if the IPSEC doesn't work out so good, you could always try
> >the PPP
> >over SSH -style kludge.
> >
> >J.
> >
> >--
> >Jon Still                               E-mail: jon at tertial.org
> >System Administrator                    Web:    http://www.tertial.org/
> >tertial.org
> >
> >_______________________________________________
> >SunHELP maillist  -  SunHELP at sunhelp.org
> >http://www.sunhelp.org/mailman/listinfo/sunhelp
> >
> >--openmail-part-3829fb60-00000001--
> >
> >
> >
> >--__--__--
> >
> >_______________________________________________
> >SunHELP maillist  -  SunHELP at sunhelp.org
> >http://www.sunhelp.org/mailman/listinfo/sunhelp
> >
> >
> >End of SunHELP Digest

USe ndd

/Gayantha




More information about the SunHELP mailing list