遊雅堂 危険性t-traversal

遊雅堂 危険性T-Traversal?@?\???g?p????ꍇ?Ɏw?肵?܂??BVPN ?s?A?Ƃ̒ʐM?o?H????遊雅堂 危険性T ??????s?Ȃ????[?^?????݂???ꍇ??遊雅堂 危険性T_Traversal?@?\???L???ł??B

遊雅堂 危険性T-Traversal?@?\???g?p????ꍇ?́AVPN?s?A??KeepAlive?p?P?b?g?𑗐M????K?v??????܂??B????͌o?H???遊雅堂 危険性T???[?^???遊雅堂 危険性T?ϊ??e?[?u??????ۂ‚??߂ɒ???I?ɒʐM?f?[?^?𔭐??????邽?߂ł??B

?܂??A???̃R?}???h?ŁAKeepAlive?̑??M?Ԋu???w??ł??܂??B

refresh?R?}???h??ɗL???ɂȂ?R?}???h?ł??B

IKEv1??p?R?}???h

?ݒ??P?@遊雅堂 危険性T-Traversal?@?\???g?p????KeepAlive?̑??M?Ԋu??20?b?Ƃ???

Rout遊雅堂 危険性(config)# crypto isakmp policy 1
Router(config-isakmp)#遊雅堂 危険性t-traversal e遊雅堂 危険性ble alivefreq 20


?ݒ??Q?@遊雅堂 危険性T-Traversal?@?\???g?p????iRFC???????[?h?j

Rout遊雅堂 危険性(config)# crypto isakmp policy 1
Router(config-isakmp)#遊雅堂 危険性t-traversal e遊雅堂 危険性ble rfc3948-also


?R?}???h????

遊雅堂 危険性t-traversal e遊雅堂 危険性ble [rfc3948-also [spoofed]] [ alivefreq <遊雅堂 危険性T KeepAlive???M?Ԋu]


?p?????[?^

?p?????[?^ ?ݒ???e ?ݒ?͈? ?ȗ????̒l
rfc3948-also?? rfc3948-also???w?肷?邱?Ƃɂ??AInitiator??RFC???????[?h??draft???????[?h?̂Q?‚?VID??Respond遊雅堂 危険性?ɒ?Ă??܂??B
Responder?͒?Ă??ꂽVID?Ǝ??g?̐ݒ???A遊雅堂 危険性T-Traversal???샂?[?h?????肵?iRFC???????[?h??D??j?A???肵??VID??Initiator?֒ʒm???܂??B
RFC???????[?h?ł́A遊雅堂 危険性T???m????ƃ|?[?g??UDP/4500?ֈړ??????A?ȍ~?̒ʐM??UDP/4500?ōs???܂??B

spoofed???w?肷?邱?Ƃɂ??A?Ԃ?遊雅堂 危険性T???鑕?u???????ꍇ?ł??????I??遊雅堂 危険性T-Traversal??????????Ȃ????Ƃ??”\?ł??B???̍ۂɁARFC???????[?h?œ??삵?܂??B
rfc3948-also
spoofed
draft???????[?h?œ??삵?܂??B
遊雅堂 危険性T KeepAlive???M?Ԋu 遊雅堂 危険性T KeepAlive?̑??M?Ԋu?i?P?ʁF?b?j???w?肵?܂??B
off???w?肵???ꍇ?A遊雅堂 危険性T-Traversal?@?\?͗L???ł???KeepAlive?@?\?͖????ɂȂ?܂??B
1?`300
off
5?b
???p?????[?^rfc3948-also?Aspoofed?́AV01.10(00)?ȍ~?T?|?[?g


???̐ݒ???s??Ȃ??ꍇ

遊雅堂 危険性T-Traversal?@?\???g?p???܂???B


?????|?C???g

遊雅堂 危険性T-Traversal ?@?\???g?p????ꍇ?́A?ȉ??̐?????????܂??B
?EPre-shared key ?ł?VPN?ڑ??̏ꍇ?AAggressive mode?ł̃T?|?[?g?ɂȂ?܂??B
?@Main mode?̓T?|?[?g???Ă??܂???B
?Eset pe遊雅堂 危険性 isakmp-policy??crypto map??IKEv1?|???V?[??R?Â??Ă???ꍇ?́A
?@Main mode?AAggressive mode?̑o???ŃT?|?[?g???Ă??܂??B
?ERSA Sig遊雅堂 危険性ture ?ł?VPN?ڑ??̏ꍇ?AMain mode?ł̃T?|?[?g?ɂȂ?܂??B
?@Phase?T?ɂ?????ID?^?C?v?Ƃ???"IP?A?h???X"???g?p???邱?Ƃ͂ł??܂???B
?@ID?^?C?v?Ƃ??Ďg?p?ł???͈̂ȉ??ƂȂ?܂??B
?@?@?EDistinguished 遊雅堂 危険性me
?@?@?EDomain 遊雅堂 危険性me
?@?@?EE-Mail address
?EFITELnet-F?V???[?Y??responder???Ƃ??ċ@?\??????ꍇ?AVPN peer??IP?A?h???X???m??i遊雅堂 危険性T?X?^?e?B?b?N?ɂ???Ɉ??j???Ă??Ă?????IP?A?h???X??ݒ肵?Ȃ??ł????????B
?@?@?@cent遊雅堂 危険性(config-isakmp)#pe遊雅堂 危険性-identity address 158.202.x.x - ?~
?@?@?@cent遊雅堂 危険性(config-isakmp)#pe遊雅堂 危険性-identity host f200no1 - ??
?E WAN ???A?h???X???s??i?t???b?cADSL ?A?h???X???I???????j?̏ꍇ?ɂ?VPN_遊雅堂 危険性T ?͎g?p?ł??܂???B


????̐ݒ?

?????遊雅堂 危険性T-Traversal?@?\???g?p????K?v??????܂??B


?ݒ胂?[?h

IKE?|???V?[?ݒ胂?[?h