Recently i have installed a PIX firewall in my Intranet , the PIX firewall is natting the internal IP addresses to Public IP addresses.
I have noticed something weired or strange : when i access chat rooms from a MSN Messenger 6.0 from a internal PC behind the Pix Firewall , the Private internal ip address(192.168.250.8) is shown ( it told me that the request is coming from the IP 192.168.250.8) .
How is it revealed by MSN Messenger application ? as i know what should be shown to the outside world is the public ip assigned by the pix firewall , right ?
noting that for other applications this ip is translated to a public IP for example when i telnet from that pc to an external device or access Internet via a HTTP browser i am seeing through PIX a mapping assigned to that ip .
There's nothing you can do to prevent the MSN chat from doing this. Perhaps the latest chat and P2P proxy-filter software packages may do something about this.
It's because the application is embedding your IP and other sensitive information in the application layer of the packet. The Pix doesn't normally look into the application layer except for Fixup protocols. NAT is not designed or intended to replace IPs embedded in the application layer.
You've also discovered why chats programs, P2Ps, and other software are called frequently labeled "spyware". In addition to breaking desktops and wasting bandwidth, they give away useful and sensitive information to the outside world. Other items given away include things such as MAC address, host name, OS, and a multitude of others.
you have told that " The Pix doesn't normally look into the application layer except for Fixup protocols" , so if we add the port used by MSN Messenger Chatting to the list of Fixup protocols it should reslove tge issue , right ?
what is missing now is the port used by this application .
Regarding H323 , i have already enabled the correspondants fixup commands:
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
and im still seeing the private IP in the data packets
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...