[windows2000] Re: IPSec

• From: "Rob Combis" <rcombis@xxxxxxxxxxxx>
• To: <windows2000@xxxxxxxxxxxxx>
• Date: Mon, 16 Dec 2002 11:58:02 -0500

You can do this in W2K by going to Admin Tool-> Local Security Settings. =
 Then right click on IPSec security policies and select Manage IP filter =
list.  You can specify to and from IP addresses as well as ports.  It is =
a little tricky to get it to work but nonetheless works.  I have used =
this before and tested it pretty thoroughly.

-----Original Message-----
From: Jim Kenzig [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Monday, December 16, 2002 11:54 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



Yeah but you need a true firewall to do that. IP Filtering in W2k afaik =
only
lets you to either only permit or only deny the specified ports not to =
or
from access to individual IP addresses for specific ports.
JK

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Rob Combis
Sent: Monday, December 16, 2002 11:41 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



I would think that you should allow 3389, 21 and 80 only from your IP =
=3D
address,  then deny everything else but port 80 (and SMTP or SSL if =3D
needed) for all other IPs.  Also allow all outbound connections.  This =
=3D
is similar to what I do at our remote hosting location.  It is easier to =
=3D
do with a hardware firewall but works fine with this kind of filtering.

-----Original Message-----
From: Jim Kenzig [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Monday, December 16, 2002 11:36 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



Then you'd have to open port 21 also.  I permit only TCP Ports 21, 25, =
=3D
80
and 3389 since I use no SSL on mine.
I make sure that all login (both successful and denied) are logged in my
event log and monitor them from day to day to make sure no one is trying =
=3D
to
FTP or TS into my server unauthorized.=3D20
JK

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Rob Combis
Sent: Monday, December 16, 2002 11:28 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



Ray-
Yes, that is what you want to do.
(ssl port=3D3D3D443)

However I would use FTP to upload files, not Windows file/print sharing.
Rob

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

• » [windows2000] IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec
• » [windows2000] Re: IPSec

1. Home
2. windows2000
3. Archive
4. 12-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---