I am continuing (sorry) my old 2016 thread (part of it below) about trying to
kprop through a NAT.
I have some secondary KDCs in a different network than the primary, with a NAT
in the way, and was having trouble getting kprop to work (it doesn't like the
mismatch between the IP from the hostn
On 1/3/20 11:00 AM, Jerry Shipman wrote:
> I am continuing (sorry) my old 2016 thread (part of it below) about trying to
> kprop through a NAT.
Apologies that I didn't follow up on that. In that thread, I wrote:
> Many protocols aren't susceptible to reflection
> attacks because they don't use
Aha! This (-x unlockiter) looks like it will solve my immediate problem. Thanks
a lot.
Happy new year!
Jerry
-Original Message-
From: Greg Hudson
Date: Friday, January 3, 2020 at 11:53 AM
To: "Jeremiah E. Shipman" , "kerberos@mit.edu"
Subject: Re: kprop with multiple or NATted IP ad
Rather than making complex changes to the protocol, why not switch to
directional addresses? Certainly the client and server would have to agree on
this, but for kprop, a command-line switch would be sufficient.
-- Jeff
From: kerberos-boun...@mit.edu on behal
On 1/3/20 1:06 PM, Jeffrey T. Hutzelman wrote:
> Rather than making complex changes to the protocol, why not switch to
> directional addresses? Certainly the client and server would have to agree on
> this, but for kprop, a command-line switch would be sufficient.
I was considering a change like
