Re: Accessing Standalone Wink3 Server from XP Workstations

Sorry, this newsgroup is for questions about security in Access, the
database product that's part of Office Professional.

You'd be best off reposting your question to a more appropriate newsgroup.

--
Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele
(no private e-mails, please)


"CHANGING FAIL OVER CLUSTER TO NLB"
<CHANGINGFAILOVERCLUSTERTONLB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:90281F0E-F426-4E52-9970-7061011B788C@xxxxxxxxxxxxxxxx
Hello:

Situation:
-----------
--All standalone servers and no Active Directory.
--Win2k3 server. Has a test web page.
--Applied IPSec policy on the local Win2k server first by creating an ip
filter limiting access to "Require Security" for all the XP workstations
coming from a certain network.
--There is a seperate standalone sub-CA server which issues certificates.
--The Win2k3 Server which has a test web page and which has a "Require
Security" policy implemented has a Certificate (IPSec) installed on the
Computer Account.
--XP client workstation which has NO Certificate installed tries to access
the test page from the subnet mentioned in the IP filter and which has
Require Security option and it can access that page successfully without
any
problem.

My questions are as follows:
--------------------------------

1. Do we really need to implement IPSec policy at the client level as well
which means that we need to distribute or issue Certificates (IPSec) with
"Require Security" option at the client side as well?

2. Is there any way without having to implement IPSec policy at the client
workstation to completely block access to the above mentioned Win2k3
server
where IPSec policy is implemented (web page or accessing file share etc)?

I will certainly appreciate your input on this. Thanks.

Victor



.

Relevant Pages

  • Re: UnauthorizedAccessException when using MSDTC
    ... dispatcher2 is the user logged on the client pc. ... Event Source: Security ... Object Server: SC Manager ... Primary Domain: BLITZ ...
    (microsoft.public.data.ado)
  • Re: Routing and Remote Access - Authentication Failure
    ... because the real client computer can tunel through it's local NAT router, ... travel the Intrenet, join the VPN and access the server, when this feature ... Their security system decided that the server was trying to steel ...
    (microsoft.public.windows.server.networking)
  • Re: WCF security advice (and clarification) needed
    ... You, the client, resolve the foo.mycompany.com hostname within your ... TCP/IP) with that ticket as the security token. ... There are two parties participating in a security scenario, the server ... HTTP supports other authentication ...
    (microsoft.public.dotnet.framework.webservices)
  • RE: Problems with security requirements in Windows WorkGroups.
    ... "A remote side security requirement was not fulfilled during authentication. ... small chat application between a client and a server ... When I try to use the TCP channel I get the error (with NO inner exception ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: VPN -- the next consumer "turnkey"?
    ... I'm not a security expert. ... "A Hamachi system is comprised of backend servers and end-node ... Server nodes track client's locations and provide ... services without providing Hamachi with a list of client IP's. ...
    (alt.internet.wireless)