 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 23 Mar 2001 00:38:07 -0600 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Please read through passed the trash, it's just an example of my
problem. I recently setup a logon security routine on an MPE box that
allows access from the Internet through a Firewall proxy. Here's the
catch, the company I did this for has always used NAILED LDEV (Serial
Interface) level security, and they wanted the same ldev level security
through the network.
You know with NSVT connections to MPE, that MPE assigns a somewhat
random LDEV to each session. So we decided to use the client IP address
in the same way the LDEV was being used, and validate the IP addresses.
User access and application security are set at the IP address level.
However, all sessions going through the default proxy on the firewall,
get the same IP address, that is the Firewall IP address. We solved that
problem by writing our own NSVT Proxy on a Unix Firewall. The NSVT Proxy
inspects the VT packets and passes the original client IP address
through the firewall to the MPE box by catching VT packets, and
constructing it's own VT packets to be sent in place of the ones caught.
We had to work at getting this right, didn't have any documentation on
the VT protcol. We used the FreeVT source has an example. Everything was
working great until they updated to MPE 6.0
On MPE 5.5 pp7 it worked perfect. Now on 6.0 when they logon through the
Internet VT Proxy they get allot of trash on the screen, that sometimes
causes the terminal emulator to crash. It looks like this:
HP3000 Release: C.60.00 User Version: C.60.00 WED, MAR 21, 2001,
10:34 AM
MPE/iX HP31900 C.16.01 Copyright Hewlett-Packard 1987. All rights
reserved.
Enter your assigned username? terry
ENTER USER (terry) PASSWORD:
<<SNIP>>
sôü à _HÀ ª ºMSAFD NetBIOS
[\Device\NetBT_Tcpip_{5171FB5E-1B94-4D76-8031-4E3F
366BF5CF}] DATAGRAM 0%SystemRoot%\system32\msafd.dll rP 0 0_ sôü à
_HÀ º º
MSAFD NetBIOS
[\Device\NetBT_Tcpip_{A0A369E5-2D06-4FB5-8C00-BE28DBC0C68B}] SEQPA
CKET 1%SystemRoot%\system32\msafd.dllrÁ â
0_ sôü à _HÀ « ºMSAFD NetBIOS
[\Device\NetBT_Tcpip_{A0A369E5-2D06-4FB5-8C00-B
E28DBC0C68B}] DATAGRAM 1%SystemRoot%\system32\msafd.dllrp P 0_ sôü à
_HÀ ± ºM
SAFD NetBIOS
[\Device\NetBT_Tcpip_{D6270796-F556-4799-B074-EA8A56E3CAE2}] SEQPAC
KET 2%SystemRoot%\system32\msafd.dll@r aÁ
0_ sôü à _HÀ »± ºMSAFD NetBIOS
[\Device\NetBT_Tcpip_{D6270796-F556-4799-B074-E
A8A56E3CAE2}] DATAGRAM
2%SystemRoot%\system32\msafd.dll¡rrx%SystemRoot%\system32
\msafd.dll
<<SNIP>>
It goes on an on, lots of trash. Does anyone know of any low level
changes to the VT protocol on 6.0, or MPE Network Services that could
possibly cause this?
Or where can I find documentation on NSVT protocol?
Thanks for any and all help,
Michael Anderson.
|
|
|
