Re: Accessing Standalone Wink3 Server from XP Workstations

Oops.....thanks for the pointer.

Victor

"Douglas J. Steele" wrote:

Sorry, this newsgroup is for questions about security in Access, the
database product that's part of Office Professional.

You'd be best off reposting your question to a more appropriate newsgroup.

--
Doug Steele, Microsoft Access MVP
http://I.Am/DougSteele
(no private e-mails, please)


"CHANGING FAIL OVER CLUSTER TO NLB"
<CHANGINGFAILOVERCLUSTERTONLB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:90281F0E-F426-4E52-9970-7061011B788C@xxxxxxxxxxxxxxxx
Hello:

Situation:
-----------
--All standalone servers and no Active Directory.
--Win2k3 server. Has a test web page.
--Applied IPSec policy on the local Win2k server first by creating an ip
filter limiting access to "Require Security" for all the XP workstations
coming from a certain network.
--There is a seperate standalone sub-CA server which issues certificates.
--The Win2k3 Server which has a test web page and which has a "Require
Security" policy implemented has a Certificate (IPSec) installed on the
Computer Account.
--XP client workstation which has NO Certificate installed tries to access
the test page from the subnet mentioned in the IP filter and which has
Require Security option and it can access that page successfully without
any
problem.

My questions are as follows:
--------------------------------

1. Do we really need to implement IPSec policy at the client level as well
which means that we need to distribute or issue Certificates (IPSec) with
"Require Security" option at the client side as well?

2. Is there any way without having to implement IPSec policy at the client
workstation to completely block access to the above mentioned Win2k3
server
where IPSec policy is implemented (web page or accessing file share etc)?

I will certainly appreciate your input on this. Thanks.

Victor




.

Relevant Pages

  • Re: Secure VPN access
    ... with it's security option for the client. ... After getting the VPN connection I check the Ip settings and found the ... point to the head ISP's DNS server. ... > Computer certificates for L2TP/IPSec VPN connections ...
    (microsoft.public.windows.server.sbs)
  • Re: IIS website - only allow users with client cert from our CA. P
    ... Rootyou wish to permit certificates issued from for access to your site. ... our CA's client cert? ... I only have a server certificate from our CA ...
    (microsoft.public.inetserver.iis.security)
  • RE: Certificate based website problem
    ... Open Internet Explorer on the CLIENT and go to Tools - ... Click the Certificates button. ... On the SERVER, go to Start -> Run and type mmc ... You say you have three secure web sites. ...
    (microsoft.public.inetserver.iis.security)
  • Re: security header is not present in the incoming message
    ... One certificate "Client Private.pfx" to Certificates - Current User, Personal, Certificates. ... One certificate "Server Private.pfx" to Certificates - Current User, Other People, Certificates and the third one "Server Public.cer" to Certificates, Personal, Certificates. ... And this goes for services run in IIS och in ASP.NET Development Server. ...
    (microsoft.public.dotnet.security)
  • Re: SBS VPN Strengthening
    ... I definitely agree that Windows Server comes with all the tools you need to ... Also see Network Access Quarantine Control, ... will require a driver or other software on the client PC. ... Can we have IPSEC VPN possibly with Certificates for authentication ...
    (microsoft.public.windows.server.sbs)